Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Browser acting strangely - please advise

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Browser acting strangely - please advise

Unread postby john_m_nash » November 22nd, 2010, 4:10 pm

Hi

My friends pc is acting strangly in that he cant access his hotmail or open and run his mcafee security.

He has asked me to help him fix it as he is not great with pc's.

The hijack this logs are here - thank you for your help.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:01:22, on 22/11/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17091)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\blueyonder\PCguard advisor\PCguardadvisor.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
c:\PROGRA~1\mcafee\mpf\mpfalert.exe
c:\PROGRA~1\mcafee\msc\mcupdmgr.exe
C:\Documents and Settings\dave\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sky.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.search.yahoo.com/search?fr=mcafee&p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided By Sky Broadband
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101103135822.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PCguardadvisor.exe] "C:\Program Files\blueyonder\PCguard advisor\PCguardadvisor.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com (file missing)
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\gemma\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.meshcomputers.com
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 14097 bytes

Ad-Aware 2007
Adobe Flash Player 10 ActiveX
Adobe Reader 9.1
Adobe Shockwave Player
Amazon MP3 Downloader 1.0.4
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression
BearShare
Belarc Advisor 8.1
Bluetooth Stack for Windows by Toshiba
blueyonder Instant Support Tool
Bonjour
CCleaner
Counter-Strike
Critical Update for Windows Media Player 11 (KB959772)
Driving Test Success - All Tests (2009-2010)
EPSON Copy Utility
EPSON PhotoQuicker3.2
EPSON Smart Panel
EPSON TWAIN 5
FinePixViewer Ver.4.3
FUJIFILM USB Driver
Google Earth
Google Toolbar for Firefox
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 7.0
HP Imaging Device Functions 7.0
HP Photosmart Essential
HP Photosmart, Officejet and Deskjet 7.0.A
HP Software Update
HP Solution Center 7.0
HyperCam 2
Java DB 10.5.3.0
Java(TM) 6 Update 22
Java(TM) SE Development Kit 6 Update 22
Junk Mail filter update
Malwarebytes' Anti-Malware
Map Button (Windows Live Toolbar)
McAfee Total Protection
MediaShow 3.0
Messenger Plus! Live
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Small Business
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
mIRC
MobileMe Control Panel
MSN
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Network Play System (Patching)
NevLogoDesktop
Nokia Connectivity Cable Driver
Nokia Lifeblog 2.1
Nokia MTP driver
Nokia N73 highlights
Nokia Nseries Skin for Microsoft Windows Media Player
Nokia PC Connectivity Solution
Nokia themes for your device
NVIDIA Drivers
OCR Software by I.R.I.S 7.0
OneCare Advisor (Windows Live Toolbar)
OpenOffice.org Installer 1.0
PCguard advisor 1.3.22
PhotoNow! 1.0
Popup Blocker (Windows Live Toolbar)
PowerCinema 4.0
PowerDirector Express
PowerProducer
PowerStarter
QuickTime
RealOne Player
Realtek AC'97 Audio
Rhapsody Player Engine
Safari
ScanToWeb
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB2183461)
Security Update for Windows Internet Explorer 7 (KB2360131)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 7 (KB976325)
Security Update for Windows Internet Explorer 7 (KB978207)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2124261)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2290570)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB970483)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975254)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981349)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
Serif PhotoPlus 6.0
Sky Broadband
Skype 3.1
Skype add-on for IE
Smart Menus (Windows Live Toolbar)
Steam
SUPERAntiSpyware Free Edition
The Sims Livin' it up
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 7 (KB980182)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Windows Imaging Component
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Family Safety
Windows Live Favorites for Windows Live Toolbar
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Outlook Toolbar (Windows Live Toolbar)
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Toolbar
Windows Live Toolbar Extension (Windows Live Toolbar)
Windows Live Toolbar Feed Detector (Windows Live Toolbar)
Windows Live Upload Tool
Windows Live Writer
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
Yahoo! Toolbar
ZoneAlarm Spy Blocker
john_m_nash
Regular Member
 
Posts: 67
Joined: May 14th, 2007, 10:27 am
Advertisement
Register to Remove

Re: Browser acting strangely - please advise

Unread postby muppy03 » November 26th, 2010, 9:21 am

Hello and welcome to Malware Removal Forums

IMPORTANT

Whatever repairs we make, are for fixing your computer problems only and by no means should be used on another computer.
To make cleaning this machine easier:-
  • Continue to respond to this thread until I give you the All Clean!
  • Please DO NOT uninstall/install any programs unless asked to. It is more difficult when files/programs appear or disappear from the logs.
  • Please do not run any scans other than those requested and do not post any logs/reports unless specifically requested to do so.
  • Please follow all instructions in the order posted.
  • If you have any questions or do not understand instructions, please ask before continuing.
  • Please reply to this thread. Do not start a new topic.

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

BearShare

I'd like you to read the MRU policy for P2P Programs.

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red). Also take note that remnants of the above program/s and any other P2P program found will be removed when cleaning.

While in Add/remove Programs I also recommend that you uninstall the following:-

ZoneAlarm Spy Blocker

Run MalwareBytes' Anti-Malware
  • Start Malwarebytes' Anti-Malware.
  • Click on The Update tab. Choose Check for Updates.
  • If an update is found, it will download and install the latest version.
  • If necessary, start Malwarebytes Anti-Malware again.
  • Once the program is running, select Perform Full Scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • If it found any malware items. Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location, and post the contents in your reply.
  • The log can also be found using the "Logs" tab in the program. You can click any log listed to open its contents.
  • Recent logs are named by time/date stamp in this format : mbam-log-2010-mm-dd(hour-min-sec).txt


NEXT Download and Run: RSIT

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)


Please reply with:-
  • MBAM log
  • RSIT logs ( info.txt and log.txt)
User avatar
muppy03
MRU Emeritus
MRU Emeritus
 
Posts: 4798
Joined: December 4th, 2007, 5:30 am
Location: Australia

Re: Browser acting strangely - please advise

Unread postby john_m_nash » November 27th, 2010, 11:36 am

Hi

Thank you for your help

I was not able to remove bearshare using add remove programs or ccleaner uninstall - can you please advise how to remove it using another method.

Here are the logs you requested - mbam took over 10 hours !!

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5194

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

27/11/2010 15:22:25
mbam-log-2010-11-27 (15-22-25).txt

Scan type: Full scan (C:\|)
Objects scanned: 351264
Time elapsed: 10 hour(s), 56 minute(s), 1 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\julie\Local Settings\Temp\$0EAB0759.t$m (Trojan.P2P.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\julie\Local Settings\Temp\$6C333D54.t$m (Trojan.P2P.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\julie\Local Settings\Temp\$71085195.t$m (Trojan.P2P.Dropper) -> Quarantined and deleted successfully.
C:\Program Files\Windows Live\Messenger\riched20.dll (PUP.FunWebProducts) -> Quarantined and deleted successfully.


Here is the next one

Logfile of random's system information tool 1.08 (written by random/random)
Run by dave at 2010-11-27 15:27:36
Microsoft Windows XP Professional Service Pack 3
System drive C: has 199 GB (85%) free of 234 GB
Total RAM: 3071 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:27:55, on 27/11/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17091)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\blueyonder\PCguard advisor\PCguardadvisor.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Documents and Settings\dave\Desktop\RSIT.exe
C:\Program Files\trend micro\dave.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sky.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.search.yahoo.com/search?fr=mcafee&p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided By Sky Broadband
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101103135822.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [PCguardadvisor.exe] "C:\Program Files\blueyonder\PCguard advisor\PCguardadvisor.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com (file missing)
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\gemma\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.meshcomputers.com
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 13817 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL [2007-03-30 722472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2010-05-03 245272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101103135822.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-26 297648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll [2010-10-26 843832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2010-08-04 228256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-22 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-10-26 440384]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2010-08-04 228256]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-10-26 297648]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"Ptipbmf"=ptipbmf.dll,SetWriteCacheMode []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-08-11 7630848]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-08-11 86016]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-08-02 577536]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"PCguardadvisor.exe"=C:\Program Files\blueyonder\PCguard advisor\PCguardadvisor.exe [2006-04-28 1888256]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2010-09-10 1193848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"Power2GoExpress"= []
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-27 68856]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2006-10-18 204288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2009-08-13 177440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
C:\PROGRA~1\AVG\AVG8\avgtray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2006-02-19 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
C:\Program Files\CyberLink\PowerCinema\PCMService.exe [2005-01-14 110744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-03-18 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryCleanFixMFC]
C:\Program Files\RegistryCleaner\registrycleaner2008.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
C:\Program Files\REGSHAVE\REGSHAVE.EXE [2002-02-04 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-11-18 2001648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-07-27 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2005-12-02 151597]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Workflow]
D:\Workflow.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [1999-02-17 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NETGEAR WG111v3 Smart Wizard.lnk]
C:\PROGRA~1\NETGEAR\WG111v3\WG111v3.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NETGEAR WPN111 Smart Wizard.lnk]
C:\PROGRA~1\NETGEAR\WPN111\wpn111.exe []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-22 548352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-02-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-23 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe"="C:\Program Files\CyberLink\PowerCinema\PowerCinema.exe:*:Enabled:PowerCinema"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\SwiftSwitch\SwiftSwitch.exe"="C:\Program Files\SwiftSwitch\SwiftSwitch.exe:*:Enabled:World Switcher for RuneScape"
"C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\BearShare Applications\BearShare\BearShare.exe"="C:\Program Files\BearShare Applications\BearShare\BearShare.exe:*:Disabled:BearShare"
"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"
"C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe"="C:\WINDOWS\pchealth\helpctr\binaries\helpctr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice"
"C:\Program Files\Steam\steamapps\twister625\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\twister625\counter-strike\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Steam\steamapps\0wn3dpl0z\condition zero\hl.exe"="C:\Program Files\Steam\steamapps\0wn3dpl0z\condition zero\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe"="C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Steam\steamapps\0wn3dpl0z\counter-strike\hl.exe"="C:\Program Files\Steam\steamapps\0wn3dpl0z\counter-strike\hl.exe:*:Enabled:Counter-Strike"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

======File associations======

.scr - open - "%1" /S "%3"

======List of files/folders created in the last 1 months======

2019-03-07 17:57:37 ----RASH---- C:\boot.ini
2019-03-07 17:57:22 ----A---- C:\WINDOWS\system32\drivers\viamraid.sys
2019-03-07 17:57:21 ----A---- C:\WINDOWS\system32\ptipbmf.dll
2019-03-07 17:57:21 ----A---- C:\WINDOWS\system32\drivers\iaStor.sys
2019-03-07 17:57:21 ----A---- C:\WINDOWS\system32\drivers\Fasttx2k.sys
2019-03-07 17:57:20 ----A---- C:\WINDOWS\system32\oeminfo.ini
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmvdmoe2.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmvdmod.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmstream.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmspdmoe.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmsdmoe2.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmsdmoe.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmsdmod.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmpui.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\wmpasf.dll
2019-03-07 17:57:18 ----AC---- C:\WINDOWS\system32\blastcln.exe
2019-03-07 17:57:18 ----A---- C:\WINDOWS\system32\WMVCore.dll
2019-03-07 17:57:18 ----A---- C:\WINDOWS\system32\wmspdmod.dll
2019-03-07 17:57:18 ----A---- C:\WINDOWS\system32\wmpshell.dll
2019-03-07 17:57:18 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2019-03-07 17:57:18 ----A---- C:\WINDOWS\system32\wmp.dll
2019-03-07 17:57:18 ----A---- C:\WINDOWS\system32\winshfhc.dll
2019-03-07 17:57:17 ----AC---- C:\WINDOWS\system32\wmpcore.dll
2019-03-07 17:57:17 ----AC---- C:\WINDOWS\system32\wmpcd.dll
2019-03-07 17:57:17 ----AC---- C:\WINDOWS\system32\wmidx.dll
2019-03-07 17:57:17 ----AC---- C:\WINDOWS\system32\wmerror.dll
2019-03-07 17:57:17 ----AC---- C:\WINDOWS\system32\wmdmps.dll
2019-03-07 17:57:17 ----AC---- C:\WINDOWS\system32\wmdmlog.dll
2019-03-07 17:57:17 ----A---- C:\WINDOWS\system32\wmploc.dll
2019-03-07 17:57:17 ----A---- C:\WINDOWS\system32\WMNetmgr.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\wmadmoe.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\strmdll.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\msscp.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\msdxmlc.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\MPG4DMOD.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\MP4SDMOD.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\MP43DMOD.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\logagent.exe
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\dxmasf.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\drmv2clt.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\drmstor.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\drmclien.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\cewmdm.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\blackbox.dll
2019-03-07 17:57:16 ----AC---- C:\WINDOWS\system32\asferror.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\wmasf.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\WMADMOD.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\shmedia.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\mswmdm.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\mspmsp.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\msnetobj.dll
2019-03-07 17:57:16 ----A---- C:\WINDOWS\system32\LAPRXY.dll
2019-03-07 17:57:13 ----RASH---- C:\NTDETECT.COM
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\vmmreg32.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\vga64k.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\vga256.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\spnpinst.exe
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\pentnt.exe
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\osuninst.exe
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\odtext32.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\odpdx32.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\odfox32.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\odexl32.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\oddbse32.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msxbde40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msvcrt20.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\mstext40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msrepl40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msrecr40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msrd2x40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msrclr40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msr2cenu.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msr2c.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\mspbde40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msltus40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msexcl40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\msexch40.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\migpwd.exe
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\lnkstub.exe
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\krnl386.exe
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\ir50_qcx.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\ir50_qc.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\ir41_qcx.dll
2019-03-07 17:57:13 ----AC---- C:\WINDOWS\system32\ir41_qc.dll
2019-03-07 17:57:13 ----A---- C:\WINDOWS\system32\ir50_32.dll
2019-03-07 17:57:13 ----A---- C:\WINDOWS\system32\drivers\update.sys
2019-03-07 17:57:13 ----A---- C:\WINDOWS\system32\drivers\mnmdd.sys
2019-03-07 17:57:12 ----AC---- C:\WINDOWS\system32\wmerrenu.dll
2019-03-07 17:57:12 ----AC---- C:\WINDOWS\system32\d3dramp.dll
2019-03-07 17:57:12 ----AC---- C:\WINDOWS\system32\ctl3d32.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdycl.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdycc.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbduzb.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdtuq.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdtuf.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdtat.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdsl1.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdsl.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdru1.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdru.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\kbdro.dll
2019-03-07 17:57:11 ----AC---- C:\WINDOWS\system32\edit.com
2019-03-07 17:57:11 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2019-03-07 17:57:11 ----A---- C:\WINDOWS\system32\xpsp1res.dll
2019-03-07 17:57:11 ----A---- C:\WINDOWS\system32\xpob2res.dll
2019-03-07 17:57:01 ----AC---- C:\WINDOWS\system32\mslbui.dll
2019-03-07 17:57:01 ----AC---- C:\WINDOWS\system32\msctfp.dll
2019-03-07 17:57:01 ----A---- C:\WINDOWS\system32\msutb.dll
2019-03-07 17:57:01 ----A---- C:\WINDOWS\system32\msimtf.dll
2019-03-07 17:57:01 ----A---- C:\WINDOWS\system32\msctf.dll
2019-03-07 17:57:01 ----A---- C:\WINDOWS\system32\ctfmon.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\xmlprovi.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\xenroll.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\xcopy.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\xactsrv.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wupdmgr.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wstdecod.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wshrm.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wshnetbs.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wshisn.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wship6.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wshcon.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wshatm.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wsecedit.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wscript.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wscntfy.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wpnpinst.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wpabaln.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\wowexec.exe
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\kbdinmal.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\kbdinben.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\kbdinbe1.dll
2019-03-07 17:57:00 ----AC---- C:\WINDOWS\system32\drivers\ws2ifsl.sys
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\zipfldr.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\xmlprov.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wzcdlg.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wtsapi32.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wsock32.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wsnmp32.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wshtcpip.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wshext.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wscsvc.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\ws2help.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\ws2_32.dll
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wowdeb.exe
2019-03-07 17:57:00 ----A---- C:\WINDOWS\system32\wow32.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\winhlp32.exe
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\winhelp.exe
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wmiscmgr.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wmiprop.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\winver.exe
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\winstrm.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\winntbbu.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\winnls.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\winmsd.exe
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wininet(3).dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wininet(2).dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\winhlp32.exe
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\winfax.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\win.com
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wifeman.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wiavusd.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wiavideo.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wiadss.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wiadefui.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\wextract.exe
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\webvw.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\webhits.dll
2019-03-07 17:56:59 ----AC---- C:\WINDOWS\system32\webcheck(2).dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\win.ini
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wmi.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wlnotify.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wldap32.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wkssvc.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wintrust.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winsta.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winsrv.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winspool.exe
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winsock.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winscard.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winrnr.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winmm.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winlogon.exe
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winipsec.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wininet.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winhttp.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\winbrand.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\win87em.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\win32spl.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\win32k.sys
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wiashext.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wiaservc.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wiascr.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\wiaacmgr.exe
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\webclnt.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\webcheck.dll
2019-03-07 17:56:59 ----A---- C:\WINDOWS\system32\drivers\wmilib.sys
2019-03-07 17:56:58 ----C---- C:\WINDOWS\system32\vbajet32.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\twunk_32.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\twunk_16.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\twain_32.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\twain.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\wavemsp.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\w32topl.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\w32tm.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vwipxspx.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vwipxspx.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vssadmin.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vss_ps.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vjoy.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vfpodbc.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\verifier.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\verifier.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\ver.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vdmredir.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\vcdex.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\utilman.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\urlmon(3).dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\urlmon(2).dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\url(3).dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\url(2).dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\ureg.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\upnpui.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\upnpcont.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\untfs.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\unlodctr.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\umdmxfrm.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\umandlg.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\ulib.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\ufat.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\udhisapi.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\typeperf.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tsd32.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tsappcmp.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tree.com
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tracert6.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tracert.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tracerpt.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tlntsvrp.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tlntsess.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tlntadmn.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tftp.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\telnet.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tcpsvcs.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tcpmonui.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tcpmon.ini
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tcpmib.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tcmsetup.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\taskman.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tasklist.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\taskkill.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tapiui.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tapiperf.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\tapi.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\systray.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\syssetup.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\syskey.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\sysinv.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\sysedit.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\synceng.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\syncapp.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\swprv.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\svcpack.dll
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\subst.exe
2019-03-07 17:56:58 ----AC---- C:\WINDOWS\system32\stimon.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\wdigest.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\watchdog.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\w3ssl.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\w32time.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\vssvc.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\vssapi.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\vga.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\version.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\vdmdbg.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\vbscript.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\uxtheme.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\utildll.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\usp10.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\userinit.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\userenv.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\user32.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\user.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\usbmon.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\urlmon.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\url.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\ups.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\upnphost.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\upnp.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\uniplat.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\unimdmat.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\umpnpmgr.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\typelib.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\txflog.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\twext.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\tsddd.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\trkwks.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\traffic.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\toolhelp.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\tlntsvr.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\themeui.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\termmgr.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\tcpmon.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\taskmgr.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\tapisrv.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\tapi32.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\tapi3.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\t2embed.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\sysocmgr.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\syncui.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\sxs.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\svchost.exe
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\strmfilt.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\storage.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\stobject.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\sti_ci.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\sti.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\ssdpsrv.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\ssdpapi.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\srvsvc.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\osuninst.dll
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\videoprt.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\vga.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\udfs.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\tdi.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\tcpip6.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\tape.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system32\drivers\srv.sys
2019-03-07 17:56:58 ----A---- C:\WINDOWS\system.ini
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\sqlwoa.dll
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\sqlwid.dll
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\sqlunirl.dll
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\sqlsrv32.dll
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\sprestrt.exe
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\spiisupd.exe
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\sort.exe
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\snmpsnap.dll
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\smlogcfg.dll
2019-03-07 17:56:57 ----AC---- C:\WINDOWS\system32\drivers\smclib.sys
2019-03-07 17:56:57 ----A---- C:\WINDOWS\system32\spoolsv.exe
2019-03-07 17:56:57 ----A---- C:\WINDOWS\system32\spoolss.dll
2019-03-07 17:56:57 ----A---- C:\WINDOWS\system32\softpub.dll
2019-03-07 17:56:57 ----A---- C:\WINDOWS\system32\snmpapi.dll
2019-03-07 17:56:57 ----A---- C:\WINDOWS\system32\smss.exe
2019-03-07 17:56:57 ----A---- C:\WINDOWS\system32\smlogsvc.exe
2019-03-07 17:56:56 ----RC---- C:\WINDOWS\system32\rsop.msc
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\smbinst.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\skeys.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\skdll.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sisbkup.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sigverif.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sigtab.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\shutdown.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\shrpubw.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\share.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sfmapi.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sfc.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\setver.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\setupdll.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\setup.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sethc.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\serwvdrv.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\services.msc
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\serialui.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\senscfg.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sendcmsg.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\secpol.msc
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\secedit.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sdpblb.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sdbinst.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\scriptpw.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\scredir.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\schtasks.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\scardssp.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sc.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\sbeio.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\savedump.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\runonce.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\runas.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rtm.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rtipxmib.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rtcshare.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsvpperf.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsvpmsg.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsvp.ini
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsopprov.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsnotify.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsmui.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsmsink.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsmps.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsm.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsh.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rsfsaps.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rpcns4.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\routetab.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\routemon.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\route.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rnr20.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rexec.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\replace.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rend.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\relog.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\regwizc.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\regwiz.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\regedt32.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\reg.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\redir.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\recover.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rdpdd.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rcp.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rcimlby.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasser.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rassapi.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasrad.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasphone.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasmxs.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasmontr.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasdial.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasctrs.ini
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasctrs.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\rasautou.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\qosname.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\qedwipes.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\qedit.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\qdvd.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\qdv.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\qcap.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\pubprn.vbs
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\pstorec.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\psnppagn.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\pschdprf.ini
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\pschdprf.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\proxycfg.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\proquota.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prodspec.ini
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prnqctl.vbs
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prnport.vbs
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prnmngr.vbs
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prnjobs.vbs
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prndrvr.vbs
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prncnfg.vbs
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\print.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\prflbmsg.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\powercfg.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\polstore.dll
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\gpupdate.exe
2019-03-07 17:56:56 ----AC---- C:\WINDOWS\system32\drivers\rawwan.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\slbrccsp.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\slbiop.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\slbcsp.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\slayerxp.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shsvcs.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shscrap.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shmgrate.exe
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shlwapi.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shimgvw.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shimeng.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shgina.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shfolder.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shell32.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shell.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shdocvw.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\shdoclc.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sfcfiles.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sfc_os.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sfc.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\setupapi.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\services.exe
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sensapi.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sens.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sendmail.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\security.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\secur32.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\seclogon.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\scrrun.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\scrobj.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sclgntfy.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\schannel.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\scesrv.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\scecli.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sccsccp.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sccbase.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\scardsvr.exe
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\scarddlg.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\sbe.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\samsrv.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\samlib.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rundll32.exe
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rtutils.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rsvpsp.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rsvp.exe
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rshx32.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rsaenh.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rpcss.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\riched32.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\riched20.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\resutils.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\regsvr32.exe
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\regsvc.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\regapi.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rcbdyctl.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rastls.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rastapi.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rasppp.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rasmans.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rasman.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rasdlg.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\raschap.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rasauto.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rasapi32.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\rasadhlp.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\query.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\quartz.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\qasf.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\pstorsvc.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\psbase.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\psapi.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\progman.exe
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\profmap.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\printui.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\powrprof.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\msftedit.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drprov.dll
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\secdrv.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\rootmdm.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\rndismp.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\rdpcdd.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\raspti.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\raspptp.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\raspppoe.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\rasacd.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\ptilink.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\system32\drivers\psched.sys
2019-03-07 17:56:56 ----A---- C:\WINDOWS\regedit.exe
2019-03-07 17:56:55 ----RC---- C:\WINDOWS\system32\perfmon.msc
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\pnrpnsp.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\plustab.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ping6.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ping.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\pifmgr.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perfwci.ini
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perfts.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perfnw.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perfnet.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perfmon.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perffilt.ini
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perfctrs.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\perfci.ini
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\pautoenr.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\pathping.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\panmap.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\packager.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\p2psvc.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\p2pnetsh.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\p2pgraph.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\p2pgasvc.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\p2p.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\osk.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\opengl32.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\oleprn.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\oleaccrc.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\offfilt.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbctrac.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbcp32r.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbcjt32.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbcji32.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbccu32.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbccr32.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbccp32.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbcconf.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbcconf.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbcad32.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbc32gt.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\odbc16gt.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\objsel.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nwwks.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nwscript.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nwprovau.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nwevent.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nwcfg.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nwapi32.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nwapi16.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nw16.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntvdmd.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntsdexts.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntprint.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntmsoprq.msc
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntmsmgr.msc
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntmsmgr.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntmsevt.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntmsdba.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntmsapi.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntlanui.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntio804.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntio412.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntio411.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntio404.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntio.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntdsbcli.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntdos804.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntdos412.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntdos411.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntdos404.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\ntdos.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\nslookup.exe
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\npptools.dll
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\drivers\nwlnkspx.sys
2019-03-07 17:56:55 ----AC---- C:\WINDOWS\system32\drivers\nwlnknb.sys
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\pngfilt.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\pmspl.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\pidgen.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\photowiz.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\perfproc.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\perfos.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\perfdisk.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\pdh.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\olethk32.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\olesvr32.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\olesvr.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\olepro32.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\oledlg.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\olecnv32.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\olecli32.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\olecli.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\oleaut32.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\oleacc.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ole32.dll
john_m_nash
Regular Member
 
Posts: 67
Joined: May 14th, 2007, 10:27 am

Re: Browser acting strangely - please advise

Unread postby john_m_nash » November 27th, 2010, 11:37 am

2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ole2nls.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ole2disp.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ole2.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\odbcint.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\odbcbcp.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\odbc32.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ocmanage.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\occache.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\oakley.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ntvdm.exe
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ntshrui.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ntsd.exe
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ntmssvc.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ntmarta.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ntlsapi.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ntlanui2.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ntlanman.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ntdsapi.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ntdll.dll
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\ntbackup.exe
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\notepad.exe
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\drivers\parvdm.sys
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\drivers\nwrdr.sys
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\drivers\nwlnkipx.sys
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\drivers\nwlnkfwd.sys
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\drivers\nwlnkflt.sys
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\drivers\null.sys
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys
2019-03-07 17:56:55 ----A---- C:\WINDOWS\system32\drivers\npfs.sys
2019-03-07 17:56:54 ----C---- C:\WINDOWS\system32\msvbvm60.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\nlsfunc.exe
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\nlhtml.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\netui2.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\netstat.exe
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\netsh.exe
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\netid.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\neth.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\netevent.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\netapi32(2).dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\net1.exe
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\net.exe
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\nddenb32.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\nddeapir.exe
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\ncxpnt.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\nbtstat.exe
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\narrhook.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\narrator.exe
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\msxmlr.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\msxml2r.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\msxml2.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\mswstr10.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\mswdat10.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\msw3prt.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\msvcp50.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\msvbvm50.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\msswchx.exe
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\msswch.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\mssign32.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\mssap.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\msrd3x40.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\msratelc.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\msports.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\msorcl32.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\msorc32r.dll
2019-03-07 17:56:54 ----AC---- C:\WINDOWS\system32\msobjs.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\newdev.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\netui1.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\netui0.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\netshell.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\netrap.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\netplwiz.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\netmsg.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\netman.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\netlogon.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\netdde.exe
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\netcfgx.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\netapi32.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\netapi.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\nddeapi.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\ncobjapi.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\mydocs.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\mycomput.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\mtxclu.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msxml3r.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msxml3.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msxml.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\mswsock.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msvideo.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msvidctl.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msvidc32.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msvfw32.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msvcrt40.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msvcrt.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msvcp60.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msvcirt.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msv1_0.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\mstlsapi.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\mstime.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\mssip32.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msrle32.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msrating.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msprivs.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\mspatcha.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\msnsspc.dll
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\drivers\nmnt.sys
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\drivers\netbios.sys
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\drivers\ndistapi.sys
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2019-03-07 17:56:54 ----A---- C:\WINDOWS\system32\drivers\mup.sys
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\msjtes40.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\msjter40.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\msjint40.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\msjet40.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\msimsg.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\msihnd.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\msidntld.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\msident.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mshtmler.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mshtmled(2).dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\msencode.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\msdart.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\msdadiag.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mscpxl32.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mscpx32r.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mscdexnt.exe
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mscat32.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\msaudite.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\msafd.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\msaatext.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mrinfo.exe
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqupgrd.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqtrig.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqtgsvc.exe
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqsvc.exe
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqsnap.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqrtdep.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqrt.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqqm.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqperf.ini
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqperf.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqoa.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqlogmgr.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqise.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqgentr.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqdscli.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqcertui.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqbkup.exe
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mqad.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mprui.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mprmsg.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mprddm.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mpnotify.exe
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mountvol.exe
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\moricons.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\more.com
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\modex.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mode.com
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mobsync.exe
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mobsync.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mmutilse.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mmdrv.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mmcndmgr.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mmc.exe
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mll_qic.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mll_mtf.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mll_hp.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mimefilt.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\miglibnt.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\system32\mf3216.dll
2019-03-07 17:56:53 ----AC---- C:\WINDOWS\msdfmap.ini
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\msls31.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\msisip.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\msimg32.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\msiexec.exe
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\msieftp.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\msidle.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\msi.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mshtmled.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mshtml.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mshta.exe
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\msgsvc.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\msgina.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\msdmo.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mscms.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\msasn1.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\msapsspc.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\msacm32.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\msacm.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mqutil.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mqsec.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mprdim.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mprapi.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mpr.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\modemui.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mmsystem.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mmcshext.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mmcbase.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mlang.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\midimap.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mgmtapi.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mfcsubs.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mfc42u.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mfc42.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mfc40u.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\mfc40.dll
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\drivers\msgpc.sys
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\drivers\msfs.sys
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\drivers\mqac.sys
2019-03-07 17:56:53 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\mem.exe
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\mdhcp.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\mciwave.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\mciseq.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\mciqtz32.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\mciole32.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\mciole16.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\mciavi32.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\mchgrcoi.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\mcdsrv32.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\mcd32.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\mcastmib.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\mapistub.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\makecab.exe
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\magnify.exe
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\mag_hook.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\lzexpand.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\lusrmgr.msc
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\lprmonui.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\lprhelp.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\lpr.exe
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\lpq.exe
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\lpk.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\logman.exe
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\login.cmd
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\loghours.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\lodctr.exe
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\localui.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\localsec.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\loadfix.com
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\lmrt.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\lights.exe
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\licmgr10.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\langwrbk.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\label.exe
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\keymgr.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\keyboard.sys
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\key01.sys
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\kdcom.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\kd1394.dll
2019-03-07 17:56:52 ----AC---- C:\WINDOWS\system32\drivers\mcd.sys
2019-03-07 17:56:52 ----A---- C:\WINDOWS\system32\mdminst.dll
2019-03-07 17:56:52 ----A---- C:\WINDOWS\system32\mcicda.dll
2019-03-07 17:56:52 ----A---- C:\WINDOWS\system32\lz32.dll
2019-03-07 17:56:52 ----A---- C:\WINDOWS\system32\lsass.exe
2019-03-07 17:56:52 ----A---- C:\WINDOWS\system32\lsasrv.dll
2019-03-07 17:56:52 ----A---- C:\WINDOWS\system32\logonui.exe
2019-03-07 17:56:52 ----A---- C:\WINDOWS\system32\locator.exe
2019-03-07 17:56:52 ----A---- C:\WINDOWS\system32\localspl.dll
2019-03-07 17:56:52 ----A---- C:\WINDOWS\system32\loadperf.dll
2019-03-07 17:56:52 ----A---- C:\WINDOWS\system32\lmhsvc.dll
2019-03-07 17:56:52 ----A---- C:\WINDOWS\system32\linkinfo.dll
2019-03-07 17:56:52 ----A---- C:\WINDOWS\system32\licdll.dll
2019-03-07 17:56:52 ----A---- C:\WINDOWS\system32\kernel32.dll
2019-03-07 17:56:52 ----A---- C:\WINDOWS\system32\kerberos.dll
2019-03-07 17:56:52 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\netsetup.exe
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdusx.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdusr.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdusl.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdur.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdukx.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdsw.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdsp.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdsmsno.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdsmsfi.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdsg.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdsf.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdpo.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdpl1.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdpl.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdno1.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdno.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdnec.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdne.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdmon.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdmlt48.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdmlt47.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdmaori.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdmac.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdlv1.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdlv.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdlt1.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdlt.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdla.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdkyr.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdkaz.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdit142.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdit.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdir.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdic.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdhu1.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdhu.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdhept.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdhela3.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdhela2.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdhe319.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdhe220.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdhe.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdgr1.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdgr.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdgkl.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdgae.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdfr.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdfo.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdfi1.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdfi.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdfc.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdest.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdes.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbddv.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdda.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdcz2.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdcz1.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdcz.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdcr.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdcan.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdca.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdbu.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdbr.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdblr.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdbene.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdbe.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdazel.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kbdaze.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\KBDAL.DLL
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\kb16.com
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\jobexec.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\jgsh400.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\jgsd400.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\jgpl400.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\jgmd400.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\jgdw400.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\jgaw400.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\jet500.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ixsso.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iuengine.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\itircl.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ipxwan.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ipxsap.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ipxrtmgr.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ipxroute.exe
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ipxrip.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ipxpromn.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ipxmontr.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ipv6mon.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ipv6.exe
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ipsmsnap.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ipsecsnp.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ipsec6.exe
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iprtrmgr.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iprtprio.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iprop.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ippromon.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ipmontr.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ipconfig.exe
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iologmsg.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\inseng.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\input.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\infosoft.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\inetppui.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\inetmib1.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\inetcplc.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\imeshare.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iissuba.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\igmpagnt.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ifsutil.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\ifmon.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iexpress.exe
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iesetup.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\idq.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iassvcs.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iassdo.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iassam.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iasrecst.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iasrad.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iaspolcy.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iasnap.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iashlpr.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iasads.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\iasacct.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\htui.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\hostname.exe
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\hnetmon.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\himem.sys
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\hhsetup.dll
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\system32\help.exe
2019-03-07 17:56:51 ----AC---- C:\WINDOWS\hh.exe
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\kbdus.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\kbduk.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\jsproxy.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\jscript.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\itss.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\ir32_32.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\ipsecsvc.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\ipnathlp.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\iphlpapi.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\initpki.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\inetpp.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\imm32.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\imgutil.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\imapi.exe
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\imagehlp.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\iernonce.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\iepeers.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\ieencode.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\ieakui.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\ieaksie.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\ieakeng.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\icmui.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\icmp.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\icm32.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\iccvid.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\httpapi.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\hotplug.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\hnetwiz.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\hnetcfg.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\hlink.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\h323msp.dll
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\drivers\ipsec.sys
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\drivers\ipnat.sys
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\drivers\ipinip.sys
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\drivers\ipfltdrv.sys
2019-03-07 17:56:51 ----A---- C:\WINDOWS\system32\drivers\ip6fw.sys
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\grpconv.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\graphics.com
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\graftabl.com
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\gptext.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\gpresult.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\gpkrsrc.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\gpedit.msc
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\gpedit.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\glu32.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\glmf32.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\getmac.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\gdi.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\gcdef.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\fwcfg.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\ftsrch.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\ftp.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\fsutil.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\fsusd.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\fsmgmt.msc
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\framebuf.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\format.com
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\forcedos.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\fontview.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\fmifs.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\fixmapi.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\finger.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\findstr.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\find.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\filemgmt.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\fdeploy.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\fde.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\fc.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\fastopen.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\exts.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\extrac32.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\expsrv.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\expand.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\exe2bin.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\eventvwr.msc
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\eventvwr.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\eventcls.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\eula.txt
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\eudcedit.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\esentutl.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\esentprf.ini
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\esentprf.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\esent97.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\encdec.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\encapi.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\els.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\efsadu.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\edlin.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\dxdiag.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\dx8vb.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\dx7vb.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\dvdupgrd.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\dswave.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\dsprpres.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\dsprop.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\dsound3d.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\dsdmoprp.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\dsdmo.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\dsauth.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\ds32gt.dll
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\ds16gt.dLL
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\drwatson.exe
2019-03-07 17:56:50 ----AC---- C:\WINDOWS\system32\drivers\gmreadme.txt
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\gpkcsp.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\gdi32.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\fontsub.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\fontext.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\fldrclnr.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\feclient.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\faultrep.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\extmgr.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\eventlog.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\esent.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\es.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\ersvc.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\dxtrans.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\dwwin.exe
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\duser.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\dumprep.exe
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\dsuiext.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\dssenh.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\dssec.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\dsquery.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\dsound.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\dskquoui.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\dskquota.dll
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\drwtsn32.exe
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\drivers\fs_rec.sys
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\drivers\fips.sys
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\drivers\dxgthk.sys
2019-03-07 17:56:50 ----A---- C:\WINDOWS\system32\drivers\dxapi.sys
2019-03-07 17:56:50 ----A---- C:\WINDOWS\explorer.exe
2019-03-07 17:56:47 ----RA---- C:\WINDOWS\system32\ctl3dv2.dll
2019-03-07 17:56:47 ----ASHC---- C:\WINDOWS\fonts\desktop.ini
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\systeminfo.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\shellstyle.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\pagefileconfig.vbs
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\openfiles.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\msjetoledb40.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\eventtriggers.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\eventquery.vbs
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\eventcreate.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\driverquery.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dpwsockx.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dpwsock.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dpvvox.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dpvsetup.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dpvoice.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dpvacm.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dpserial.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dpnwsock.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dpnsvr.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dpnmodem.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dpnlobby.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dpnhpast.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dpnaddr.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dpmodemx.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dplaysvr.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dplay.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dosx.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\doskey.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dmusic.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dmsynth.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dmstyle.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dmscript.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dmremote.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dmocx.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dmloader.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dmintf.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dmime.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dmdskres.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dmdskmgr.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dmdlgs.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dmconfig.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dmcompos.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dmband.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dllhst3g.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\diskperf.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\diskpart.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\diskmgmt.msc
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\diskcopy.com
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\diskcomp.com
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dinput8.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dinput.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dimap.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\diantz.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\diactfrm.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dhcpsapi.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dhcpmon.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dgnet.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dfrgui.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dfrgsnap.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dfrgfat.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dfrg.msc
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\devmgmt.msc
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\debug.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\ddeshare.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dbnmpntw.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dbnetlib.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dbmsrpcn.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\dbgeng.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\datime.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\danim.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\d3dxof.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\d3drm.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\d3dpmesh.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\d3dim.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\csseqchk.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cscript.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\crtdll.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\country.sys
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\convert.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\control.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\console.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\conime.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\compmgmt.msc
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\compact.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\comp.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\command.com
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\comcat.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cnvfat.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cnetcfg.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cmutil.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cmstp.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cmsetacl.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cmpbk32.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cmmon32.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cmdl32.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cmdial32.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cmcfg32.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cliconfg.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cliconfg.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\clb.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\ckcnv.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cipher.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\ciodm.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cidaemon.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cic.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\ciadv.msc
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\ciadmin.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\chkntfs.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\chkdsk.exe
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\chcp.com
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\certmgr.msc
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\certmgr.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cdosys.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cdfview.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\ccfgnt.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cards.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\capesnpn.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\camocx.dll
2019-03-07 17:56:47 ----AC---- C:\WINDOWS\system32\cacls.exe
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\tourstart.exe
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\drivers\dmload.sys
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\drivers\dmio.sys
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\drivers\dmboot.sys
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\drivers\diskdump.sys
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\drivers\classpnp.sys
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dpnet.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dplayx.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dpcdll.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\docprop2.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\docprop.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dnsapi.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dmserver.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dmadmin.exe
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dllhost.exe
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dispex.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\diskcopy.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\digest.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dfsshlex.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dfrgres.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dfrgntfs.exe
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\devmgr.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\devenum.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\deskperf.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\deskmon.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\deskadp.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\defrag.exe
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\ddrawex.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\ddraw.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\ddeml.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dciman32.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dbghelp.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\davclnt.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\dataclen.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\d3dim700.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\d3d9.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\d3d8.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\csrss.exe
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\csrsrv.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\cscui.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\cscdll.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\cryptui.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\cryptsvc.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\cryptnet.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\cryptext.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\cryptdll.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\cryptdlg.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\crypt32.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\credui.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\corpol.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\confmsp.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\comres.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\compstui.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\compobj.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\compatui.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\commdlg.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\comdlg32.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\comctl32.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\cmd.exe
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\clusapi.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\clipsrv.exe
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\cleanmgr.exe
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\cisvc.exe
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\cfgmgr32.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\certcli.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\cdm.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\cabview.dll
2019-03-07 17:56:47 ----A---- C:\WINDOWS\system32\cabinet.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\wpdtrace.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\wpdsp.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\wpdmtpus.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\wpdmtpdr.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\wpdmtp.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\wpdconns.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\wpd_ci.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\WMVADVE.DLL
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\WMVADVD.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\wmpsrcwp.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\wmpencen.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\wmdrmnet.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\wmdrmdev.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\wdfmgr.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\wdfapi.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\uwdf.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\drivers\wpdusb.sys
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\drivers\atmuni.sys
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\drivers\atmepvc.sys
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\btpanui.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\browsewm.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\bootvrfy.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\bootvid.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\bootok.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\bootcfg.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\autolfn.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\autofmt.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\autodisc.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\autoconv.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\auditusr.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\attrib.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\atmpvcno.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\atmlib.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\atmadm.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\atkctrs.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\at.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\asr_pfu.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\asr_ldm.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\asr_fmt.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\arp.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\appmgr.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\append.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\apcups.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\ansi.sys
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\amstream.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\ahui.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\advpack(3).dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\advpack(2).dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\adsnw.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\adsnt.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\adsnds.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\adsmsext.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\adsldp.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\adptif.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\admparse.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\actmovie.exe
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\aclui.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\acledit.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\system32\aaaamon.dll
2019-03-07 17:56:46 ----AC---- C:\WINDOWS\_default.pif
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\drivers\bridge.sys
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\drivers\beep.sys
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\drivers\atmlane.sys
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\drivers\atmarpc.sys
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\drivers\asyncmac.sys
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\browseui.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\browser.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\browselc.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\bidispl.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\batmeter.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\basesrv.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\avifile.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\avifil32.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\avicap32.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\avicap.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\autochk.exe
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\authz.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\audiosrv.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\audiodev.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\atmfd.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\atl.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\asycfilt.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\appmgmts.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\apphelp.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\alrsvc.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\alg.exe
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\advpack.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\advapi32.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\adsldpc.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\actxprxy.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\activeds.dll
2019-03-07 17:56:46 ----A---- C:\WINDOWS\system32\6to4svc.dll
2019-03-07 17:54:21 ----D---- C:\i386
2019-03-07 17:53:51 ----D---- C:\cmpnents
2019-03-07 17:53:28 ----SHD---- C:\System Volume Information
2010-11-27 15:27:37 ----D---- C:\Program Files\trend micro
2010-11-27 15:27:36 ----D---- C:\rsit
2010-11-26 19:37:01 ----A---- C:\Program Files\Uninstall Spy Blocker.dll
2010-11-22 17:29:20 ----D---- C:\Documents and Settings\All Users\Application Data\Sun
2010-11-22 17:28:47 ----A---- C:\WINDOWS\system32\javaws.exe
2010-11-22 17:28:47 ----A---- C:\WINDOWS\system32\javaw.exe
2010-11-22 17:28:47 ----A---- C:\WINDOWS\system32\java.exe
2010-11-22 17:28:47 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-11-22 17:24:00 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-11-22 17:23:50 ----D---- C:\Program Files\Common Files\Adobe
2010-11-22 17:20:51 ----D---- C:\Documents and Settings\dave\Application Data\Malwarebytes
2010-11-22 17:20:42 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-11-22 17:20:41 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-11-22 17:20:41 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-11-22 17:20:40 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-11-08 12:18:29 ----D---- C:\Program Files\CCleaner

======List of files/folders modified in the last 1 months======

2010-11-27 15:27:55 ----D---- C:\WINDOWS\Prefetch
2010-11-27 15:27:38 ----D---- C:\WINDOWS\Temp
2010-11-27 15:27:37 ----RD---- C:\Program Files
2010-11-27 15:25:39 ----A---- C:\WINDOWS\ModemLog_Standard 33600 bps Modem.txt
2010-11-27 15:25:27 ----AD---- C:\WINDOWS
2010-11-27 15:25:13 ----D---- C:\WINDOWS\Registration
2010-11-27 15:25:05 ----D---- C:\WINDOWS\system32\inetsrv
2010-11-27 15:24:30 ----D---- C:\WINDOWS\system32\drivers
2010-11-27 15:23:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-11-27 15:23:49 ----D---- C:\WINDOWS\system32\CatRoot2
2010-11-27 15:23:11 ----HDC---- C:\WINDOWS\$NtUninstallKB941568$
2010-11-23 06:29:59 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
2010-11-23 06:29:29 ----D---- C:\WINDOWS\system
2010-11-22 21:14:57 ----D---- C:\Documents and Settings\dave\Application Data\Apple Computer
2010-11-22 21:13:36 ----SHD---- C:\WINDOWS\Installer
2010-11-22 21:13:36 ----HD---- C:\Config.Msi
2010-11-22 19:04:48 ----D---- C:\WINDOWS\security
2010-11-22 18:55:03 ----D---- C:\WINDOWS\system32
2010-11-22 17:28:54 ----D---- C:\Program Files\Sun
2010-11-22 17:25:14 ----D---- C:\Program Files\Java
2010-11-22 17:23:50 ----D---- C:\Program Files\Common Files
2010-11-22 17:23:50 ----D---- C:\Program Files\Adobe
2010-11-22 17:08:14 ----HD---- C:\WINDOWS\inf
2010-11-12 13:59:01 ----D---- C:\WINDOWS\Debug
2010-11-12 13:58:58 ----A---- C:\WINDOWS\system32\MRT.exe
2010-11-08 13:18:59 ----D---- C:\Program Files\Steam
2010-11-08 12:52:48 ----D---- C:\Program Files\BearShare Applications
2010-11-08 12:52:21 ----D---- C:\Program Files\Common Files\Apple
2010-11-08 12:48:55 ----D---- C:\Program Files\HyCam2
2010-11-08 12:24:58 ----D---- C:\Program Files\Google
2010-11-08 12:20:32 ----D---- C:\WINDOWS\Minidump
2010-10-31 12:11:25 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2010-10-13 386840]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-05-12 20576]
R1 BANTExt;Belarc SMBios Access; C:\WINDOWS\System32\Drivers\BANTExt.sys [2008-02-27 3840]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 mfetdi2k;McAfee Inc. mfetdi2k; C:\WINDOWS\system32\drivers\mfetdi2k.sys [2010-10-13 84072]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-03-14 21035]
R2 fssfltr;FssFltr; C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys [2009-08-05 54752]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-08-18 4017536]
R3 cfwids;McAfee Inc. cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [2010-10-13 55840]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2010-10-13 95600]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2010-10-13 152960]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2010-10-13 52104]
R3 mfefirek;McAfee Inc. mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [2010-10-13 313288]
R3 mfendiskmp;mfendiskmp; C:\WINDOWS\system32\DRIVERS\mfendisk.sys [2010-10-13 88544]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-08-11 3958496]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-10 5888]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2006-06-16 83968]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-13 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-13 18944]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\DNINDIS5.SYS []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2006-04-13 49664]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2006-04-13 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2006-04-13 21568]
S3 mfeavfk01;McAfee Inc.; C:\WINDOWS\system32\drivers\mfeavfk01.sys []
S3 mfendisk;McAfee Core NDIS Intermediate Filter; C:\WINDOWS\system32\DRIVERS\mfendisk.sys [2010-10-13 88544]
S3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys [2010-10-13 84264]
S3 MHNDRV;MHN driver; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\nmwcd.sys [2006-05-29 127488]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\nmwcdc.sys []
S3 nmwcdcj;Nokia USB Port; C:\WINDOWS\system32\drivers\nmwcdcj.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver; C:\WINDOWS\system32\DRIVERS\wg111v3.sys []
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-04-19 41984]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service; C:\WINDOWS\system32\DRIVERS\WPN111.sys []
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-13 42368]
S4 agpCPQ;Compaq AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agpCPQ.sys [2008-04-13 44928]
S4 alim1541;ALI AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\alim1541.sys [2008-04-13 42752]
S4 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2008-04-13 43008]
S4 cbidf;cbidf; C:\WINDOWS\system32\DRIVERS\cbidf2k.sys [2001-08-17 13952]
S4 fasttx2k;fasttx2k; C:\WINDOWS\system32\DRIVERS\fasttx2k.sys [2003-08-06 159744]
S4 iaStor;Intel AHCI Controller; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2004-04-20 472960]
S4 m5287;m5287; C:\WINDOWS\system32\DRIVERS\m5287.sys [2005-02-05 85888]
S4 m5289;m5289; C:\WINDOWS\system32\DRIVERS\m5289.sys [2004-12-01 51840]
S4 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2008-04-13 40960]
S4 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2008-04-13 42240]
S4 viamraid;viamraid; C:\WINDOWS\system32\DRIVERS\viamraid.sys [2004-03-29 73600]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2007-10-31 587096]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe [2005-01-14 172153]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe [2005-01-14 110711]
R2 CyberLink Media Library Service;CyberLink Media Library Service; C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe [2005-01-14 24576]
R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2006-10-09 237568]
R2 ehSched;Media Center Scheduler Service; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 IISADMIN;IIS Admin; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-22 153376]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2010-05-20 88176]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 McShield;McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2010-08-24 171168]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-13 188136]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\WINDOWS\system32\mfevtps.exe [2010-10-13 141792]
R2 MSFtpsvc;FTP Publishing; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2010-03-10 271480]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-08-11 155715]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 W3SVC;World Wide Web Publishing; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2008-04-14 15360]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-02-04 135664]
S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2007-08-09 73728]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-25 182768]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McODS;McAfee Scanner; C:\Program Files\McAfee\VirusScan\mcods.exe [2010-04-15 364216]
S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 ServiceLayer;ServiceLayer; C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe [2006-06-05 174080]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------
john_m_nash
Regular Member
 
Posts: 67
Joined: May 14th, 2007, 10:27 am

Re: Browser acting strangely - please advise

Unread postby john_m_nash » November 27th, 2010, 11:38 am

info.txt logfile of random's system information tool 1.08 2010-11-27 15:28:05

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11E83B33-972B-4512-A447-FF0FD0246EE9}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{21B6F79B-2286-4BB0-B1E3-BA6B9498D110}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{23EFDB58-0874-4883-9810-EDA510B19FAE}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BB79C8D-9DCC-4861-8A23-AE1B0B45E2B6}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2BFBC62A-3353-443D-93BE-7AC641D9F342}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{775FFF70-4A8C-4500-908D-3C34DBEB11D5}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B100B05B-E290-41EF-9366-8BC4C76D7769}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B14F9B26-D695-4C4A-8B11-0FE6CDCC797B}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D3568156-59C3-42DF-A520-2C25B6706C91}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E213C271-AEFA-481D-A9B4-914D88925B8D}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FAD9402A-1A9B-4ABE-A410-393A3622FA5A}\setup.exe" -l0x9
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware 2007-->MsiExec.exe /X{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
Adobe Shockwave Player-->C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Amazon MP3 Downloader 1.0.4-->C:\Documents and Settings\david\My Documents\AMAZON\Uninstall.exe
Apple Application Support-->MsiExec.exe /I{B2D328BE-45AD-4D92-96F9-2151490A203E}
Apple Mobile Device Support-->MsiExec.exe /I{85991ED2-010C-4930-96FA-52F43C2CE98A}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
ArcSoft PhotoImpression-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C5D7191-140A-11D6-B5A0-0050DA208A93}\setup.exe" -l0x9 -uninst
BearShare-->C:\PROGRA~1\BEARSH~1\BEARSH~1\UNWISE.EXE C:\PROGRA~1\BEARSH~1\BEARSH~1\INSTALL.LOG
Belarc Advisor 8.1-->"C:\PROGRA~1\Belarc\Advisor\Uninstall.exe" "C:\PROGRA~1\Belarc\Advisor\INSTALL.LOG"
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
blueyonder Instant Support Tool-->C:\WINDOWS\Motive\blueyonder\MCCUninst.exe
Bonjour-->MsiExec.exe /X{0CB9668D-F979-4F31-B8B8-67FE90F929F8}
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Counter-Strike-->"C:\Program Files\Steam\steam.exe" steam://uninstall/10
Critical Update for Windows Media Player 11 (KB959772)-->"C:\WINDOWS\$NtUninstallKB959772_WM11$\spuninst\spuninst.exe"
Driving Test Success - All Tests (2009-2010)-->"C:\Program Files\Driving Test Success - All Tests (2009-2010)\unins000.exe"
EPSON Copy Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B69CC1A5-0404-11D6-ABCB-005004C21D30}\setup.exe" -l0x9 ADDREMOVEDLG
EPSON PhotoQuicker3.2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B2EFE303-A594-11D5-95EB-005004BC1C65}\setup.exe" uninst
EPSON Smart Panel-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C11D561-620B-47DA-A693-4C597F3CDF40}\setup.exe" -l0x9 Uninstall
EPSON TWAIN 5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A3EABC0-CA06-11D4-BF77-00104B130C19}\setup.exe" -l0x9 UNINSTALL
FinePixViewer Ver.4.3-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{24ED4D80-8294-11D5-96CD-0040266301AD}\SETUP.EXE"
FUJIFILM USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5490882C-6961-11D5-BAE5-00E0188E010B}\SETUP.EXE"
Google Earth-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}\setup.exe" -l0x9 -removeonly
Google Toolbar for Firefox-->MsiExec.exe /X{2CCBABCB-6427-4A55-B091-49864623C43F}
Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_AC0049E063DE2AEA.exe" /uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HighMAT Extension to Microsoft Windows XP CD Writing Wizard-->MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Internet Explorer 7 (KB947864)-->"C:\WINDOWS\ie7updates\KB947864-IE7\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB903157)-->"C:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB954708)-->"C:\WINDOWS\$NtUninstallKB954708$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
HP Customer Participation Program 7.0-->C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 7.0-->C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential-->MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Photosmart, Officejet and Deskjet 7.0.A-->C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Software Update-->MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HyperCam 2-->"C:\Program Files\HyCam2\UnHyCam2.exe"
Java DB 10.5.3.0-->MsiExec.exe /X{00BA866C-F2A2-4BB9-A308-3DFA695B6F7C}
Java(TM) 6 Update 22-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216022FF}
Java(TM) SE Development Kit 6 Update 22-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160220}
Junk Mail filter update-->MsiExec.exe /I{E2DFE069-083E-4631-9B6C-43C48E991DE5}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Map Button (Windows Live Toolbar)-->MsiExec.exe /X{7745B7A9-F323-4BB9-9811-01BF57A028DA}
McAfee Total Protection-->C:\Program Files\McAfee\MSC\mcuihost.exe /body:misp://MSCJsRes.dll::uninstall.html /id:uninstall
MediaShow 3.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5A9B7C0-8751-11D8-9D75-000129760D75}\setup.exe" -uninstall
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 1.0 Hotfix (KB953295)-->"C:\WINDOWS\$NtUninstallKB953295$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.0 Hotfix (KB979904)-->"C:\WINDOWS\$NtUninstallKB979904$\spuninst\spuninst.exe"
Microsoft .NET Framework 1.1 Security Update (KB2416447)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2416447\M2416447Uninstall.msp"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Base Smart Card Cryptographic Service Provider Package-->"C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office 2000 Disc 2-->MsiExec.exe /I{00040409-78E1-11D2-B60F-006097C998E7}
Microsoft Office 2000 Small Business-->MsiExec.exe /I{00030409-78E1-11D2-B60F-006097C998E7}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}
mIRC-->C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
MobileMe Control Panel-->MsiExec.exe /I{3AC54383-31D1-4907-961B-B12CBB1D0AE8}
MSN-->C:\Program Files\MSN\MsnInstaller\msninst.exe /Action:ARP
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Network Play System (Patching)-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Electronic Arts\Network Play System\NPSPatch.isu"
NevLogoDesktop-->"C:\Program Files\NevLogoDesktop\NevLogoDesktop.scr" /S /Uninstall
Nokia Connectivity Cable Driver-->MsiExec.exe /X{6882DD11-33B8-4DEA-8305-7E765BF74BD3}
Nokia Lifeblog 2.1-->MsiExec.exe /I{EE565795-2776-415A-B31C-EB3A8D7C6FA4}
Nokia MTP driver-->MsiExec.exe /I{59359B3D-ABE7-46BF-AB55-43B67A64DC68}
Nokia N73 highlights-->MsiExec.exe /I{02B71D92-A84B-4DFB-9A10-D12BB01AC1F2}
Nokia Nseries Skin for Microsoft Windows Media Player-->MsiExec.exe /I{73E30715-9EC4-4DAE-BE67-64500AEB8012}
Nokia PC Connectivity Solution-->MsiExec.exe /I{0D80391C-0A72-43BB-9BC2-143F63CC111D}
Nokia themes for your device-->MsiExec.exe /I{77F5816C-64A6-4FBE-BBE5-52EFE5EB84E8}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OCR Software by I.R.I.S 7.0-->C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
OneCare Advisor (Windows Live Toolbar)-->MsiExec.exe /X{53B2CFE9-A508-4457-B2CA-5D253536BFB7}
OpenOffice.org Installer 1.0-->MsiExec.exe /X{0D499481-22C6-4B25-8AC2-6D3F6C885FB9}
PCguard advisor 1.3.22-->"C:\Program Files\blueyonder\PCguard advisor\unins000.exe"
PhotoNow! 1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\setup.exe" -uninstall
Popup Blocker (Windows Live Toolbar)-->MsiExec.exe /X{66A7A386-6F35-41A7-A731-101F0C0153C8}
PowerCinema 4.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\Setup.exe" -uninstall
PowerDirector Express-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EDE721EC-870A-11D8-9D75-000129760D75}\setup.exe" -uninstall
PowerProducer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B7A0CE06-068E-11D6-97FD-0050BACBF861}\setup.exe" -uninstall
PowerStarter-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}\setup.exe" -uninstall
QuickTime-->MsiExec.exe /I{3D9892BB-A751-4E48-ADC8-E4289956CE1D}
RealOne Player-->C:\Program Files\Common Files\Real\Update_OB\rnuninst.exe RealNetworks|RealPlayer|6.0
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe" -l0x9 -removeonly
Rhapsody Player Engine-->MsiExec.exe /I{8A62A068-3FD6-495A-9F66-26FE94F32EC9}
Safari-->MsiExec.exe /I{AFAC914D-9E83-4A89-8ABE-427521C82CCF}
ScanToWeb-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}\setup.exe" ADDREMOVEDLG
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A8894F19-59C8-38D2-8A75-36C0CCE56A5B} /qb+ REBOOTPROMPT=""
Security Update for Windows Internet Explorer 7 (KB2183461)-->"C:\WINDOWS\ie7updates\KB2183461-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB2360131)-->"C:\WINDOWS\ie7updates\KB2360131-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB928090)-->"C:\WINDOWS\ie7updates\KB928090-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB931768)-->"C:\WINDOWS\ie7updates\KB931768-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB933566)-->"C:\WINDOWS\ie7updates\KB933566-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB937143)-->"C:\WINDOWS\ie7updates\KB937143-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB938127)-->"C:\WINDOWS\ie7updates\KB938127-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB939653)-->"C:\WINDOWS\ie7updates\KB939653-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB942615)-->"C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB944533)-->"C:\WINDOWS\ie7updates\KB944533-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB961260)-->"C:\WINDOWS\ie7updates\KB961260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB963027)-->"C:\WINDOWS\ie7updates\KB963027-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB969897)-->"C:\WINDOWS\ie7updates\KB969897-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 10 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP10$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB936782)-->"C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2124261)-->"C:\WINDOWS\$NtUninstallKB2124261$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2290570)-->"C:\WINDOWS\$NtUninstallKB2290570$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376)-->"C:\WINDOWS\$NtUninstallKB951376$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953155)-->"C:\WINDOWS\$NtUninstallKB953155$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970483)-->"C:\WINDOWS\$NtUninstallKB970483$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975254)-->"C:\WINDOWS\$NtUninstallKB975254$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"
Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}
Serif PhotoPlus 6.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0609D0AF-1382-42BE-81DB-CF30F8B0F6E2}\Setup.exe" -l0x9
Sky Broadband-->MsiExec.exe /I{14C35072-D7D0-4B29-B5BF-C94E426D77E9}
Skype 3.1-->"C:\Program Files\Skype\Phone\unins000.exe"
Skype add-on for IE-->rundll32 "C:\Program Files\Skype\Phone\IEPlugin\SkypeIEPlugin.dll",FriendlyUnregisterServer 0
Smart Menus (Windows Live Toolbar)-->MsiExec.exe /X{F084395C-40FB-4DB3-981C-B51E74E1E83D}
Steam-->MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
The Sims Livin' it up-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{49D4FCCF-45D6-11D4-8F73-0050DA0F6297}\setup.exe"
Unity Web Player-->C:\Program Files\Unity\WebPlayer\Uninstall.exe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe"
Update for Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe"
Update for Windows Media Player 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe"
Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"
Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005-->C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}
Windows Live Family Safety-->MsiExec.exe /X{139E303E-1050-497F-98B1-9AE87B15C463}
Windows Live Favorites for Windows Live Toolbar-->MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live Mail-->MsiExec.exe /I{6412CECE-8172-4BE5-935B-6CECACD2CA87}
Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Live Outlook Toolbar (Windows Live Toolbar)-->MsiExec.exe /X{35E1A8C8-6646-4101-B0AA-42D1EB2AB3AE}
Windows Live Photo Gallery-->MsiExec.exe /X{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}
Windows Live Sign-in Assistant-->MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00}
Windows Live Sync-->MsiExec.exe /X{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}
Windows Live Toolbar Extension (Windows Live Toolbar)-->MsiExec.exe /X{341201D4-4F61-4ADB-987E-9CCE4D83A58D}
Windows Live Toolbar Feed Detector (Windows Live Toolbar)-->MsiExec.exe /X{68108E66-D13A-4EE8-A6F4-40E4B90C2A26}
Windows Live Toolbar-->MsiExec.exe /X{995F1E2E-F542-4310-8E1D-9926F5A279B3}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer-->MsiExec.exe /X{178832DE-9DE0-4C87-9F82-9315A9B03985}
Windows Media Connect-->"C:\WINDOWS\$NtUninstallWMCSetup$\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB925766-->"C:\WINDOWS\$NtUninstallKB925766$\spuninst\spuninst.exe"
Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe"
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======Security center information======

AV: McAfee Anti-Virus and Anti-Spyware
FW: McAfee Firewall

======System event log======

Computer Name: YOUR-A97EC67E86
Event Code: 10000
Message: Unable to start a DCOM Server: {C1B389E5-7DF7-417B-837C-876F1355121B}.
The error:
"%3"
Happened while starting this command:
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE -Embedding

Record Number: 134700
Source Name: DCOM
Time Written: 20101122170906.000000+000
Event Type: error
User: YOUR-A97EC67E86\dave

Computer Name: YOUR-A97EC67E86
Event Code: 10000
Message: Unable to start a DCOM Server: {C1B389E5-7DF7-417B-837C-876F1355121B}.
The error:
"%3"
Happened while starting this command:
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE -Embedding

Record Number: 134699
Source Name: DCOM
Time Written: 20101122170905.000000+000
Event Type: error
User: YOUR-A97EC67E86\dave

Computer Name: YOUR-A97EC67E86
Event Code: 10000
Message: Unable to start a DCOM Server: {C1B389E5-7DF7-417B-837C-876F1355121B}.
The error:
"%3"
Happened while starting this command:
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE -Embedding

Record Number: 134698
Source Name: DCOM
Time Written: 20101122170904.000000+000
Event Type: error
User: YOUR-A97EC67E86\dave

Computer Name: YOUR-A97EC67E86
Event Code: 10000
Message: Unable to start a DCOM Server: {C1B389E5-7DF7-417B-837C-876F1355121B}.
The error:
"%3"
Happened while starting this command:
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE -Embedding

Record Number: 134697
Source Name: DCOM
Time Written: 20101122170903.000000+000
Event Type: error
User: YOUR-A97EC67E86\dave

Computer Name: YOUR-A97EC67E86
Event Code: 10020
Message: The machine wide Default Launch and Activation security descriptor is invalid. It contains Access Control Entries with permissions that are invalid. The requested action was therefore not performed. This security permission can be corrected using the Component Services administrative tool.

Record Number: 134673
Source Name: DCOM
Time Written: 20101122170753.000000+000
Event Type: error
User:

=====Application event log=====

Computer Name: YOUR-A97EC67E86
Event Code: 32026
Message: Fax Service failed to initialize any assigned fax devices (virtual or TAPI).
No faxes can be sent or received until a fax device is installed.

Record Number: 4128
Source Name: Microsoft Fax
Time Written: 20100619113252.000000+060
Event Type: warning
User:

Computer Name: YOUR-A97EC67E86
Event Code: 32068
Message: The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly.
Country/region code: '*'
Area code: '*'

Record Number: 4114
Source Name: Microsoft Fax
Time Written: 20100618220157.000000+060
Event Type: warning
User:

Computer Name: YOUR-A97EC67E86
Event Code: 32026
Message: Fax Service failed to initialize any assigned fax devices (virtual or TAPI).
No faxes can be sent or received until a fax device is installed.

Record Number: 4113
Source Name: Microsoft Fax
Time Written: 20100618220157.000000+060
Event Type: warning
User:

Computer Name: YOUR-A97EC67E86
Event Code: 32068
Message: The outgoing routing rule is not valid because it cannot find a valid device. The outgoing faxes that use this rule will not be routed. Verify that the targeted device or devices (if routed to a group of devices) is connected and installed correctly, and turned on. If routed to a group, verify that the group is configured correctly.
Country/region code: '*'
Area code: '*'

Record Number: 4098
Source Name: Microsoft Fax
Time Written: 20100618151458.000000+060
Event Type: warning
User:

Computer Name: YOUR-A97EC67E86
Event Code: 32026
Message: Fax Service failed to initialize any assigned fax devices (virtual or TAPI).
No faxes can be sent or received until a fax device is installed.

Record Number: 4097
Source Name: Microsoft Fax
Time Written: 20100618151458.000000+060
Event Type: warning
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\WINDOWS\system32;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0407
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"asl.log"=Destination=file;OnFirstLog=command,environment,parent
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
john_m_nash
Regular Member
 
Posts: 67
Joined: May 14th, 2007, 10:27 am

Re: Browser acting strangely - please advise

Unread postby muppy03 » November 28th, 2010, 6:13 am

Download and run Combofix
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper


Please download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.
  • If you need help to disable your protection programs see here.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Image
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Image
Click on Yes, to continue scanning for malware.

When finished, it will produce a log for you. Please include the C:\ComboFix.txt in your next reply along with a fresh HijackThis log.

If you need help, see this link:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please reply with:-
  • Combofix log
  • New HJT log
User avatar
muppy03
MRU Emeritus
MRU Emeritus
 
Posts: 4798
Joined: December 4th, 2007, 5:30 am
Location: Australia

Re: Browser acting strangely - please advise

Unread postby john_m_nash » November 28th, 2010, 7:36 am

I am having problems saving combofix.

I have tried 3 times to download it to the infected pc two with internet explorer and it stops downloading with one second to go, and once with safari and when I try to move it to the desktop it tells me that it has already been moved.

I have even downloaded it to a memory stick from another pc but when I put the stick into the infected pc combofix dissapears !!

There must be something going on on the infected pc.

I have tried to disable any antivirus running but part of the problem is that the mcafee does not respond anyway.

Your suggestions would be most welcome please
john_m_nash
Regular Member
 
Posts: 67
Joined: May 14th, 2007, 10:27 am

Re: Browser acting strangely - please advise

Unread postby john_m_nash » November 28th, 2010, 7:47 am

I went into control panel/ services and tried to stopp all the mcafee listing here and then tried it again, but this still did not work.

combofix initially is on the flash drive but before you can move it to the desktop it disapears.
john_m_nash
Regular Member
 
Posts: 67
Joined: May 14th, 2007, 10:27 am

Re: Browser acting strangely - please advise

Unread postby muppy03 » November 28th, 2010, 7:06 pm

Please try this instead. :)

TDSSKiller

  • Please Download TDSSKiller.zip and save it on your desktop.
  • Extract (unzip) its contents to your Desktop.
  • Double-click the TDSSKiller Folder on your desktop.
  • Right-click on TDSSKiller.exe and click Copy then Paste it directly on to your Desktop.
  • Important!: Run this fix once and once only.
  • Double click the TDSSKiller icon on you're desktop then click Start scan.
  • A box will appear saying System scan completed.
  • If any Malicious objects are found click Cure > Continue > Reboot now.
  • A log file should be created on your C: drive named something like TDSSKiller.2.4.0.0 24.07.2010.
  • To find the log click Start > Computer > C:.
  • Please post the contents of that log in your next reply.
User avatar
muppy03
MRU Emeritus
MRU Emeritus
 
Posts: 4798
Joined: December 4th, 2007, 5:30 am
Location: Australia

Re: Browser acting strangely - please advise

Unread postby john_m_nash » November 29th, 2010, 8:13 am

It didn't find any threats - here is the logfile

2010/11/29 12:10:00.0260 TDSS rootkit removing tool 2.4.10.0 Nov 28 2010 18:35:56
2010/11/29 12:10:00.0260 ================================================================================
2010/11/29 12:10:00.0260 SystemInfo:
2010/11/29 12:10:00.0260
2010/11/29 12:10:00.0260 OS Version: 5.1.2600 ServicePack: 3.0
2010/11/29 12:10:00.0260 Product type: Workstation
2010/11/29 12:10:00.0260 ComputerName: YOUR-A97EC67E86
2010/11/29 12:10:00.0260 UserName: dave
2010/11/29 12:10:00.0260 Windows directory: C:\WINDOWS
2010/11/29 12:10:00.0260 System windows directory: C:\WINDOWS
2010/11/29 12:10:00.0260 Processor architecture: Intel x86
2010/11/29 12:10:00.0260 Number of processors: 2
2010/11/29 12:10:00.0260 Page size: 0x1000
2010/11/29 12:10:00.0260 Boot type: Normal boot
2010/11/29 12:10:00.0260 ================================================================================
2010/11/29 12:10:00.0479 Initialize success
2010/11/29 12:10:03.0527 ================================================================================
2010/11/29 12:10:03.0527 Scan started
2010/11/29 12:10:03.0527 Mode: Manual;
2010/11/29 12:10:03.0527 ================================================================================
2010/11/29 12:10:04.0292 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2010/11/29 12:10:04.0355 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/11/29 12:10:04.0386 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/11/29 12:10:04.0449 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2010/11/29 12:10:04.0480 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/11/29 12:10:04.0527 AegisP (30bb1bde595ca65fd5549462080d94e5) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2010/11/29 12:10:04.0589 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/11/29 12:10:04.0621 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2010/11/29 12:10:04.0667 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2010/11/29 12:10:04.0714 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2010/11/29 12:10:04.0777 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2010/11/29 12:10:04.0824 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2010/11/29 12:10:04.0996 ALCXWDM (34149a136b2b7525113950233f259ec1) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
2010/11/29 12:10:05.0152 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2010/11/29 12:10:05.0246 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2010/11/29 12:10:05.0293 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2010/11/29 12:10:05.0324 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2010/11/29 12:10:05.0402 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2010/11/29 12:10:05.0465 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2010/11/29 12:10:05.0511 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2010/11/29 12:10:05.0621 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/11/29 12:10:05.0683 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/11/29 12:10:05.0793 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/11/29 12:10:05.0840 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/11/29 12:10:05.0933 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys
2010/11/29 12:10:06.0090 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/11/29 12:10:06.0215 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
2010/11/29 12:10:06.0402 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys
2010/11/29 12:10:06.0418 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
2010/11/29 12:10:06.0465 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys
2010/11/29 12:10:06.0480 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
2010/11/29 12:10:06.0512 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2010/11/29 12:10:06.0543 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/11/29 12:10:06.0559 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/11/29 12:10:06.0590 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2010/11/29 12:10:06.0621 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/11/29 12:10:06.0668 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/11/29 12:10:06.0684 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/11/29 12:10:06.0731 cfwids (7e6f7da1c4de5680820f964562548949) C:\WINDOWS\system32\drivers\cfwids.sys
2010/11/29 12:10:06.0777 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2010/11/29 12:10:06.0824 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2010/11/29 12:10:06.0856 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2010/11/29 12:10:06.0871 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2010/11/29 12:10:06.0887 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/11/29 12:10:06.0918 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/11/29 12:10:06.0949 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/11/29 12:10:07.0012 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/11/29 12:10:07.0074 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/11/29 12:10:07.0152 DNINDIS5 (d2ee54cdbced01d48f2b18642be79a98) C:\WINDOWS\system32\DNINDIS5.SYS
2010/11/29 12:10:07.0199 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2010/11/29 12:10:07.0246 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/11/29 12:10:07.0340 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/11/29 12:10:07.0371 fasttx2k (3acbc73531dedd69837fe73b1623d49c) C:\WINDOWS\system32\DRIVERS\fasttx2k.sys
2010/11/29 12:10:07.0403 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
2010/11/29 12:10:07.0449 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/11/29 12:10:07.0481 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
2010/11/29 12:10:07.0512 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/11/29 12:10:07.0559 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
2010/11/29 12:10:07.0590 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/11/29 12:10:07.0637 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/11/29 12:10:07.0684 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2010/11/29 12:10:07.0715 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/11/29 12:10:07.0778 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/11/29 12:10:07.0793 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2010/11/29 12:10:07.0840 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2010/11/29 12:10:07.0950 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2010/11/29 12:10:07.0996 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2010/11/29 12:10:08.0106 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/11/29 12:10:08.0184 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2010/11/29 12:10:08.0215 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2010/11/29 12:10:08.0293 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/11/29 12:10:08.0372 iaStor (c9f030a5e43aedfabe0a39df0a0dcbeb) C:\WINDOWS\system32\DRIVERS\iaStor.sys
2010/11/29 12:10:08.0387 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/11/29 12:10:08.0418 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2010/11/29 12:10:08.0465 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/11/29 12:10:08.0543 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/11/29 12:10:08.0543 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/11/29 12:10:08.0590 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/11/29 12:10:08.0606 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/11/29 12:10:08.0637 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/11/29 12:10:08.0653 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/11/29 12:10:08.0684 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/11/29 12:10:08.0747 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/11/29 12:10:08.0762 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/11/29 12:10:08.0809 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/11/29 12:10:08.0840 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/11/29 12:10:08.0965 m5287 (fc969e4e53c602884958a5fdffc53526) C:\WINDOWS\system32\DRIVERS\m5287.sys
2010/11/29 12:10:09.0028 m5289 (2424b13987360840b4bf4e5fb5a66d3f) C:\WINDOWS\system32\DRIVERS\m5289.sys
2010/11/29 12:10:09.0137 mfeapfk (84d59a3eddfb9438fb94f7f80d37859d) C:\WINDOWS\system32\drivers\mfeapfk.sys
2010/11/29 12:10:09.0216 mfeavfk (67e961988312b1a28d6f93357b0bf998) C:\WINDOWS\system32\drivers\mfeavfk.sys
2010/11/29 12:10:09.0278 mfebopk (19161b1796cf74a6a326abde309062ba) C:\WINDOWS\system32\drivers\mfebopk.sys
2010/11/29 12:10:09.0372 mfefirek (d5f89b4934960c70882924d992c6abfc) C:\WINDOWS\system32\drivers\mfefirek.sys
2010/11/29 12:10:09.0481 mfehidk (0efab2b91b27543fe589de700de07136) C:\WINDOWS\system32\drivers\mfehidk.sys
2010/11/29 12:10:09.0559 mfendisk (549dd4966bf0b1d1fc205ca0755a745b) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
2010/11/29 12:10:09.0575 mfendiskmp (549dd4966bf0b1d1fc205ca0755a745b) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
2010/11/29 12:10:09.0638 mferkdet (c9eda1eada2ab6e34cd1a10c3a24ab25) C:\WINDOWS\system32\drivers\mferkdet.sys
2010/11/29 12:10:09.0731 mfetdi2k (e6c5f7aade5a31c057d73201acfe8adf) C:\WINDOWS\system32\drivers\mfetdi2k.sys
2010/11/29 12:10:09.0778 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
2010/11/29 12:10:09.0841 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/11/29 12:10:09.0888 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/11/29 12:10:09.0934 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/11/29 12:10:09.0981 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/11/29 12:10:10.0044 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/11/29 12:10:10.0122 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2010/11/29 12:10:10.0169 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/11/29 12:10:10.0247 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/11/29 12:10:10.0278 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/11/29 12:10:10.0325 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/11/29 12:10:10.0372 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/11/29 12:10:10.0403 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/11/29 12:10:10.0450 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/11/29 12:10:10.0482 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/11/29 12:10:10.0528 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/11/29 12:10:10.0591 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/11/29 12:10:10.0653 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/11/29 12:10:10.0700 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/11/29 12:10:10.0747 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/11/29 12:10:10.0763 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/11/29 12:10:10.0778 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/11/29 12:10:10.0810 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/11/29 12:10:10.0841 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/11/29 12:10:10.0888 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/11/29 12:10:10.0997 nmwcd (f5b1200c75b160c81e7e48cc0489aa5e) C:\WINDOWS\system32\drivers\nmwcd.sys
2010/11/29 12:10:11.0138 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/11/29 12:10:11.0185 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/11/29 12:10:11.0263 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/11/29 12:10:11.0466 nv (5645072033c2e51386e91bc137c0beb5) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/11/29 12:10:11.0732 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/11/29 12:10:11.0763 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/11/29 12:10:11.0826 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/11/29 12:10:11.0873 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/11/29 12:10:11.0919 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/11/29 12:10:11.0935 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/11/29 12:10:12.0029 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/11/29 12:10:12.0107 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/11/29 12:10:12.0466 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2010/11/29 12:10:12.0513 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2010/11/29 12:10:12.0576 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/11/29 12:10:12.0623 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
2010/11/29 12:10:12.0654 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/11/29 12:10:12.0701 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/11/29 12:10:12.0748 PxHelp20 (617accada2e0a0f43ec6030bbac49513) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2010/11/29 12:10:12.0795 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2010/11/29 12:10:12.0857 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2010/11/29 12:10:12.0888 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2010/11/29 12:10:12.0920 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2010/11/29 12:10:12.0982 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2010/11/29 12:10:13.0029 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/11/29 12:10:13.0092 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/11/29 12:10:13.0154 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/11/29 12:10:13.0201 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/11/29 12:10:13.0264 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/11/29 12:10:13.0279 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/11/29 12:10:13.0310 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/11/29 12:10:13.0357 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/11/29 12:10:13.0404 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/11/29 12:10:13.0482 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
2010/11/29 12:10:13.0529 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2010/11/29 12:10:13.0623 RTL8023xp (911e07056b865760c0762f6221145999) C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
2010/11/29 12:10:13.0779 SASDIFSV (bfbc4be8d6ac6d33ad93f3f5f2e11499) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
2010/11/29 12:10:13.0826 SASENUM (7f1085895e499907f68df7731924122b) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
2010/11/29 12:10:13.0857 SASKUTIL (c7d81c10d3befeee41f3408714637438) C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
2010/11/29 12:10:13.0936 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/11/29 12:10:14.0014 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/11/29 12:10:14.0061 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/11/29 12:10:14.0123 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/11/29 12:10:14.0217 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2010/11/29 12:10:14.0264 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/11/29 12:10:14.0358 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2010/11/29 12:10:14.0404 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/11/29 12:10:14.0451 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/11/29 12:10:14.0514 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/11/29 12:10:14.0529 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/11/29 12:10:14.0545 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/11/29 12:10:14.0576 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/11/29 12:10:14.0623 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2010/11/29 12:10:14.0639 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2010/11/29 12:10:14.0655 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2010/11/29 12:10:14.0670 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2010/11/29 12:10:14.0717 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/11/29 12:10:14.0795 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/11/29 12:10:14.0811 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/11/29 12:10:14.0842 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/11/29 12:10:14.0858 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/11/29 12:10:14.0920 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2010/11/29 12:10:14.0967 tosporte (8d624d3bd1f2d78bd1c01a2d4e954b4e) C:\WINDOWS\system32\DRIVERS\tosporte.sys
2010/11/29 12:10:14.0998 tosrfbd (8c3bfaf3fca90502e6fa35503b8e979e) C:\WINDOWS\system32\DRIVERS\tosrfbd.sys
2010/11/29 12:10:15.0014 tosrfbnp (90c8525bc578aaffe87c2d0ed4379e9e) C:\WINDOWS\system32\Drivers\tosrfbnp.sys
2010/11/29 12:10:15.0061 Tosrfcom (4742f0bad28268ab093ed6f4ea857997) C:\WINDOWS\system32\Drivers\tosrfcom.sys
2010/11/29 12:10:15.0092 Tosrfhid (7c807ba9660e2995cc0217a14a24094c) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys
2010/11/29 12:10:15.0264 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys
2010/11/29 12:10:15.0342 TosRfSnd (a4ce9572bc4ac8d329455059b43c5bea) C:\WINDOWS\system32\drivers\tosrfsnd.sys
2010/11/29 12:10:15.0405 tosrfusb (01c90086cd37e7e8d9a827e24167fcb7) C:\WINDOWS\system32\DRIVERS\tosrfusb.sys
2010/11/29 12:10:15.0483 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/11/29 12:10:15.0545 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2010/11/29 12:10:15.0608 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/11/29 12:10:15.0639 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2010/11/29 12:10:15.0670 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/11/29 12:10:15.0702 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/11/29 12:10:15.0733 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/11/29 12:10:15.0749 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/11/29 12:10:15.0827 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/11/29 12:10:15.0858 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/11/29 12:10:15.0874 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/11/29 12:10:15.0889 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/11/29 12:10:15.0952 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2010/11/29 12:10:15.0999 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2010/11/29 12:10:16.0030 viamraid (65864aba65eee06ea586009301834e43) C:\WINDOWS\system32\DRIVERS\viamraid.sys
2010/11/29 12:10:16.0077 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/11/29 12:10:16.0124 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/11/29 12:10:16.0186 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/11/29 12:10:16.0358 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/11/29 12:10:16.0436 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/11/29 12:10:16.0499 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/11/29 12:10:16.0608 ================================================================================
2010/11/29 12:10:16.0608 Scan finished
2010/11/29 12:10:16.0608 ================================================================================
john_m_nash
Regular Member
 
Posts: 67
Joined: May 14th, 2007, 10:27 am

Re: Browser acting strangely - please advise

Unread postby muppy03 » November 29th, 2010, 8:19 am

Delete the version of Combofix that you have and re-download direct to your desktop. This time when saving re-name to nash.exe.

Let me know if it downloads successfully.
User avatar
muppy03
MRU Emeritus
MRU Emeritus
 
Posts: 4798
Joined: December 4th, 2007, 5:30 am
Location: Australia

Re: Browser acting strangely - please advise

Unread postby john_m_nash » November 29th, 2010, 8:31 am

No

It does the same as before goes to 99% with 1 second to go and then internet explorer and the download box stop responding and I have to close them using task manager.
john_m_nash
Regular Member
 
Posts: 67
Joined: May 14th, 2007, 10:27 am

Re: Browser acting strangely - please advise

Unread postby john_m_nash » November 30th, 2010, 4:37 am

I managed to rename the combofix on my flash drive and run that;

The log is here and the hijackthis log is in the next post

ComboFix 10-11-27.01 - dave 30/11/2010 7:29.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.44.1033.18.3071.2515 [GMT 0:00]
Running from: c:\documents and settings\dave\Desktop\Nash.exe
* Created a new restore point
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\f96ac0e5-19d2-42c5-8f68-eb7a99861769.ocx
c:\windows\system32\2d2ca2ce-704a-428c-8cbe-0736b29190aa.dll
c:\windows\system32\Cache
c:\windows\system32\images
c:\windows\system32\images\3models.gif
c:\windows\system32\images\but3_off.gif
c:\windows\system32\images\but3_on.gif
c:\windows\system32\images\main_bot.gif
c:\windows\system32\images\main_mid.gif
c:\windows\system32\images\main_top.gif
c:\windows\system32\images\model1.gif
c:\windows\system32\images\panel_bot.gif
c:\windows\system32\images\panel_top.gif
c:\windows\system32\images\pc.gif
c:\windows\system32\images\pcw_award_cover.gif
c:\windows\system32\images\pcwcover.gif
c:\windows\system32\images\Thumbs.db
c:\windows\system32\images\topoff.gif
c:\windows\system32\images\topon.gif
c:\windows\system32\images\webscreen.gif
c:\windows\system32\Thumbs.db

.
((((((((((((((((((((((((( Files Created from 2010-10-28 to 2010-11-30 )))))))))))))))))))))))))))))))
.

2019-03-07 17:56 . 2010-09-09 13:38 832512 -c--a-w- c:\windows\system32\dllcache\wininet.dll
2019-03-07 17:53 . 2019-03-07 17:53 -------- d-----w- C:\cmpnents
2010-11-27 15:27 . 2010-11-27 15:27 -------- d-----w- c:\program files\trend micro
2010-11-27 15:27 . 2010-11-27 15:28 -------- d-----w- C:\rsit
2010-11-22 17:28 . 2010-11-22 17:28 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-11-22 17:28 . 2010-11-22 17:28 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-11-22 17:23 . 2010-11-22 17:24 -------- d-----w- c:\program files\Common Files\Adobe
2010-11-22 17:20 . 2010-11-22 17:20 -------- d-----w- c:\documents and settings\dave\Application Data\Malwarebytes
2010-11-22 17:20 . 2010-04-29 15:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-22 17:20 . 2010-11-22 17:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-11-22 17:20 . 2010-04-29 15:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-22 17:20 . 2010-11-22 17:20 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-08 12:18 . 2010-11-08 12:18 -------- d-----w- c:\program files\CCleaner
2010-11-08 12:17 . 2010-11-08 12:18 -------- d-----w- c:\documents and settings\dave\Local Settings\Application Data\Temp

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-10-13 22:28 . 2010-10-05 13:45 9344 ----a-w- c:\windows\system32\drivers\mfeclnk.sys
2010-10-13 22:28 . 2010-10-05 13:45 141792 ----a-w- c:\windows\system32\mfevtps.exe
2010-10-13 22:28 . 2010-10-05 13:45 95600 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2010-10-13 22:28 . 2010-10-05 13:45 88544 ----a-w- c:\windows\system32\drivers\mfendisk.sys
2010-10-13 22:28 . 2010-10-05 13:45 84264 ----a-w- c:\windows\system32\drivers\mferkdet.sys
2010-10-13 22:28 . 2010-10-05 13:45 84072 ----a-w- c:\windows\system32\drivers\mfetdi2k.sys
2010-10-13 22:28 . 2010-10-05 13:45 55840 ----a-w- c:\windows\system32\drivers\cfwids.sys
2010-10-13 22:28 . 2010-10-05 13:45 52104 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2010-10-13 22:28 . 2010-10-05 13:45 386840 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2010-10-13 22:28 . 2010-10-05 13:45 313288 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2010-10-13 22:28 . 2010-10-05 13:45 152960 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2006-12-13 03:12 . 2007-05-20 13:35 66648 -c--a-w- c:\program files\mozilla firefox\components\jar50.dll
2006-12-13 03:12 . 2007-05-20 13:35 54352 -c--a-w- c:\program files\mozilla firefox\components\jsd3250.dll
2006-12-13 03:12 . 2007-05-20 13:35 34928 -c--a-w- c:\program files\mozilla firefox\components\myspell.dll
2006-12-13 03:12 . 2007-05-20 13:35 46696 -c--a-w- c:\program files\mozilla firefox\components\spellchk.dll
2006-12-13 03:12 . 2007-05-20 13:35 172120 -c--a-w- c:\program files\mozilla firefox\components\xpinstal.dll
.

------- Sigcheck -------

[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2005-08-03 18:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2005-08-03 18:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[7] 2004-08-10 19:00 . 6EAA72FD9EF993EC1FA9A06DE65105DA . 25088 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-27 68856]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-10-18 204288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"Ptipbmf"="ptipbmf.dll" [2003-06-20 118784]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-11 7630848]
"nwiz"="nwiz.exe" [2006-08-11 1519616]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-11 86016]
"SoundMan"="SOUNDMAN.EXE" [2006-08-02 577536]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-23 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-22 10:04 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NETGEAR WG111v3 Smart Wizard.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\NETGEAR WG111v3 Smart Wizard.lnk
backup=c:\windows\pss\NETGEAR WG111v3 Smart Wizard.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NETGEAR WPN111 Smart Wizard.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\NETGEAR WPN111 Smart Wizard.lnk
backup=c:\windows\pss\NETGEAR WPN111 Smart Wizard.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 17:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppleSyncNotifier]
2009-08-13 14:51 177440 ----a-w- c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-02-19 02:41 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe]
2010-09-10 20:59 1193848 ----a-w- c:\program files\McAfee.com\Agent\mcagent.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCguardadvisor.exe]
2006-04-28 15:27 1888256 ----a-w- c:\program files\blueyonder\PCguard advisor\PCguardadvisor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2005-01-14 18:21 110744 -c--a-w- c:\program files\CyberLink\PowerCinema\PCMService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 21:16 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
2002-02-04 22:32 53248 -c----w- c:\program files\REGSHAVE\REGSHAVE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2009-11-18 12:47 2001648 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-07-27 18:50 68856 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2005-12-02 09:26 151597 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\WINDOWS\\pchealth\\helpctr\\binaries\\helpctr.exe"=
"c:\\Program Files\\Steam\\steamapps\\twister625\\counter-strike\\hl.exe"=
"c:\\Program Files\\Steam\\steamapps\\0wn3dpl0z\\condition zero\\hl.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Steam\\steamapps\\0wn3dpl0z\\counter-strike\\hl.exe"=

R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [05/10/2010 13:45 84072]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [10/10/2006 11:53 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [27/02/2007 10:39 74480]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [15/03/2010 16:17 88176]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [05/10/2010 13:45 271480]
R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc [05/10/2010 13:45 271480]
R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\mfefire.exe [05/10/2010 13:45 188136]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [05/10/2010 13:45 141792]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [05/10/2010 13:45 55840]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [05/10/2010 13:45 313288]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [05/10/2010 13:45 88544]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [04/02/2010 09:34 135664]
S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;c:\windows\system32\DNINDIS5.sys [15/03/2009 11:13 17149]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [05/10/2010 13:45 88544]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [05/10/2010 13:45 84264]
S3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver;c:\windows\system32\DRIVERS\wg111v3.sys --> c:\windows\system32\DRIVERS\wg111v3.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [16/02/2006 15:51 4096]
S3 WPN111;Wireless USB 2.0 Adapter with RangeMax Service;c:\windows\system32\DRIVERS\WPN111.sys --> c:\windows\system32\DRIVERS\WPN111.sys [?]
S4 m5287;m5287;c:\windows\system32\drivers\m5287.sys [02/12/2005 17:08 85888]
S4 m5289;m5289;c:\windows\system32\drivers\m5289.sys [02/12/2005 17:08 51840]

--- Other Services/Drivers In Memory ---

*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder

2010-11-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 12:34]

2010-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 09:34]

2010-11-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 09:34]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.co.uk/
uLocal Page = \blank.htm
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://uk.yahoo.com
uInternet Settings,ProxyOverride = <local>;*.local
uSearchURL,(Default) = hxxp://uk.search.yahoo.com/search?fr=mcafee&p=%s
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {{08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\gemma\Start Menu\Programs\IMVU\Run IMVU.lnk
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{ECEA42CA-DA9D-4130-A5B0-C834CE8491A8} - (no file)
HKCU-Run-Power2GoExpress - (no file)
MSConfigStartUp-AVG8_TRAY - c:\progra~1\AVG\AVG8\avgtray.exe
MSConfigStartUp-iTunesHelper - c:\program files\iTunes\iTunesHelper.exe
MSConfigStartUp-RegistryCleanFixMFC - c:\program files\RegistryCleaner\registrycleaner2008.exe
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre6\bin\jusched.exe
MSConfigStartUp-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
MSConfigStartUp-Workflow - D:\Workflow.exe
AddRemove-Amazon MP3 Downloader - c:\documents and settings\david\My Documents\AMAZON\Uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-11-30 07:35
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(876)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
Completion time: 2010-11-30 07:37:32
ComboFix-quarantined-files.txt 2010-11-30 07:37

Pre-Run: 208,324,464,640 bytes free
Post-Run: 208,459,907,072 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

- - End Of File - - E4575B45752746EC74C6001FFC0129B9
john_m_nash
Regular Member
 
Posts: 67
Joined: May 14th, 2007, 10:27 am

Re: Browser acting strangely - please advise

Unread postby john_m_nash » November 30th, 2010, 4:39 am

Here is teh hijack this log

Can I enable my antivirus now?

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:38:07, on 30/11/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17091)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\PROGRA~1\mcafee\mpf\mpfalert.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Documents and Settings\dave\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.search.yahoo.com/search?fr=mcafee&p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20101103135822.dll (file missing)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com (file missing)
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\gemma\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.meshcomputers.com
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McShield - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 12342 bytes
john_m_nash
Regular Member
 
Posts: 67
Joined: May 14th, 2007, 10:27 am

Re: Browser acting strangely - please advise

Unread postby muppy03 » November 30th, 2010, 5:54 am

I managed to rename the combofix on my flash drive and run that;

Great work :thumbright:

Can I enable my antivirus now?


Yes, absolutely, it only needs disabled while CF ran.

My friends pc is acting strangly in that he cant access his hotmail or open and run his mcafee security.

Are you still experiencing these issues?

Open Hijack This and select Do a System Scan Only place a check next to the below lines if still present

    R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)


Once selected close all windows except HJT an click on Fix Checked

COMBOFIX-Script
A word of warning: Please do not run ComboFix on your own. This tool is not a toy and not for everyday use.


  • Please open Notepad (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the code box below:

    Code: Select all
    Folder::
    C:\Program Files\BearShare Applications
    
    FCopy::
    c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll | c:\windows\system32\mspmsnsv.dll
    c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll | c:\windows\system32\dllcache\mspmsnsv.dll
    c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll | c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
    c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll | c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
    
    

  • Save this as CFScript.txt and change the "Save as type" to "All Files" and place it on your desktop.

    Image
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • If you need help to disable your protection programs see here.
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.

Please reply with:-
  • Combofix log
  • New HJT log
  • Update on issues
User avatar
muppy03
MRU Emeritus
MRU Emeritus
 
Posts: 4798
Joined: December 4th, 2007, 5:30 am
Location: Australia
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 116 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware