Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Updates Fail, Firefox won't connect, IE does, but redirects

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Updates Fail, Firefox won't connect, IE does, but redirects

Unread postby rjmc » October 17th, 2011, 11:06 am

- Firefox says it's unable to connect to the internet, but IE connects.
- IE redirects me to different ads when I click on a link.
- When I try to update any anti-virus, they won't connect and updates fail.
- When I run an antivirus program for the first time it works, but won't update. Then when I try to run it again, I get this error. "Windows can't access the specified device, path or file. You may not have the appropriate permissions to access them".

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.19088 BrowserJavaVersion: 1.6.0_23
Run by joylynn at 7:54:31 on 2011-10-17
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3454.1768 [GMT -7:00]
.
AV: AntiVir Desktop *Enabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AntiVir Desktop *Enabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\AGEIA Technologies\TrayIcon.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
C:\Users\joylynn\AppData\Local\AOL OCP\AOLUpdate\AOLupdt32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uWindow Title = Windows Internet Explorer provided by Yahoo!
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8
mDefault_Page_URL = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB: Veoh Web Player Video Finder: {0fbb9689-d3d7-4f7a-a2e2-585b10099bfc} - c:\program files\veoh networks\veohwebplayer\VeohIEToolbar.dll
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [AnyDVD] c:\program files\slysoft\anydvd\AnyDVDtray.exe
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [cdloader] "c:\users\joylynn\appdata\roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [VeohPlugin] "c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messen~1\YahooMessenger.exe" -quiet
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [AOL OCP Update] c:\users\joylynn\appdata\local\aol ocp\aolupdate\AOLupdt32.exe
uRun: [DisplayTrayManager] rundll32.exe "c:\programdata\DisplayTrayManager.dll",DllRegisterServer
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [<NO NAME>]
mRun: [nmapp] "c:\program files\pure networks\network magic\nmapp.exe" -autorun -nosplash
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [AGEIA PhysX SysTray] c:\program files\ageia technologies\TrayIcon.exe
mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [Adobe_ID0ENQBO] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [hpbdfawep] c:\program files\hp\dfawep\bin\hpbdfawep.exe 1
mRun: [PrnStatusMX] c:\program files\hewlett-packard\prnstatusmx\PrnStatusMX.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [mxomssmenu] "c:\program files\maxtor\onetouch status\maxmenumgr.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~2.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\snapfi~1.lnk - c:\program files\snapfish picture mover\SnapfishMediaDetector.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - c:\programs\empirepokermaster\empirepoker\RunEPoker.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
LSP: mswsock.dll
Trusted Zone: secureserver.net\email
DPF: Web-Based Email Tools - hxxp://email.secureserver.net/Download.CAB
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/200 ... oader5.cab
DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} - hxxp://www.worldwinner.com/games/v47/sk ... illgam.cab
DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} - hxxp://mypoints.worldwinner.com/games/v ... Loader.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://www.costcophotocenter.com/CostcoActivia.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader1006.cab
DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} - hxxp://www.worldwinner.com/games/v41/fr ... eecell.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} - hxxp://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} - hxxp://www.charter.net/files/charter/se ... /fscax.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/s ... wflash.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{1A8AF857-B8D0-4BC1-9E14-B12EF29BC146} : DhcpNameServer = 192.168.0.1
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\puresp.dll
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\joylynn\appdata\roaming\mozilla\firefox\profiles\modvzzop.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/sli ... ie7&query=
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - www.yahoo.com
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z128&form ... 0110829&q=
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSeymour.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll
FF - component: c:\users\joylynn\appdata\roaming\mozilla\firefox\profiles\modvzzop.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}\components\XPATLCOM.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwbe.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\program files\viewpoint\viewpoint media player\npViewpoint.dll
.
============= SERVICES / DRIVERS ===============
.
R1 ATMhelpr;ATMhelpr;c:\windows\system32\drivers\ATMhelpr.sys [2008-3-31 4064]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-10-3 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-10-3 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-10-3 66616]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2010-10-1 374152]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2007-8-3 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2008-4-22 47640]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-10-3 366152]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-2-20 109616]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-10-3 22216]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2007-10-30 37936]
S2 a2AntiMalware;Emsisoft Anti-Malware 5.1 - Service;"c:\program files\emsisoft anti-malware\a2service.exe" --> c:\program files\emsisoft anti-malware\a2service.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 284016]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-6 135664]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-10-17 03:46:19 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{771dce72-6d46-4f30-95c4-07859c5a9f36}\offreg.dll
2011-10-17 03:32:19 388096 ----a-r- c:\users\joylynn\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-10-17 02:17:15 -------- d-----w- C:\MGADiagToolOutput
2011-10-17 01:54:36 -------- d-----w- c:\users\joylynn\appdata\roaming\Avira
2011-10-16 19:11:03 0 ---ha-w- c:\users\joylynn\BITE4F2.tmp
2011-10-03 13:28:58 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-03 13:25:27 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-03 13:25:26 -------- d-----w- c:\programdata\Avira
2011-10-03 13:25:26 -------- d-----w- c:\program files\Avira
2011-10-03 12:33:16 -------- d-----w- c:\program files\Trend Micro
2011-09-27 04:07:07 -------- d-----w- c:\program files\VideoLAN
2011-09-27 04:02:28 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-09-26 09:30:11 94208 ----a-w- c:\programdata\DisplayTrayManager.dll
2011-09-26 08:35:05 -------- d-----w- c:\programdata\Tarma Installer
2011-09-23 08:51:34 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{771dce72-6d46-4f30-95c4-07859c5a9f36}\mpengine.dll
.
==================== Find3M ====================
.
2011-10-03 12:39:10 54784 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2011-09-26 23:05:42 2949632 ----a-w- c:\windows\explorer.exe
2011-08-30 22:11:46 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-07-22 20:51:50 94208 ----a-w- c:\windows\system32\dpl100.dll
.
============= FINISH: 7:55:09.35 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 10/19/2007 6:51:33 PM
System Uptime: 10/16/2011 8:45:10 PM (11 hours ago)
.
Motherboard: ASUSTek Computer INC. | | NARRA2
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+ | Socket AM2 | 2600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 289 GiB total, 47.495 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 1.238 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is Removable
M: is FIXED (NTFS) - 466 GiB total, 335.607 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Acrobat.com
ActiveCheck component for HP Active Support Library
Adobe Acrobat 5.0
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe After Effects CS4
Adobe After Effects CS4 Presets
Adobe After Effects CS4 Third Party Content
Adobe AIR
Adobe Anchor Service CS4
Adobe Asset Services CS4
Adobe Bridge 1.0
Adobe Bridge CS4
Adobe CMaps CS4
Adobe Color - Photoshop Specific CS4
Adobe Color EU Recommended Settings CS4
Adobe Color JA Extra Settings CS4
Adobe Color NA Extra Settings CS4
Adobe Color Video Profiles AE CS4
Adobe Color Video Profiles CS CS4
Adobe Common File Installer
Adobe Contribute CS4
Adobe Creative Suite 2
Adobe Creative Suite 4 Master Collection
Adobe CS4 American English Speech Analysis Models
Adobe CSI CS4
Adobe Default Language CS4
Adobe Device Central CS4
Adobe Dreamweaver CS4
Adobe Drive CS4
Adobe Dynamiclink Support
Adobe Encore CS4
Adobe Encore CS4 Codecs
Adobe ExtendScript Toolkit CS4
Adobe Extension Manager CS4
Adobe Fireworks CS4
Adobe Flash CS4
Adobe Flash CS4 Extension - Flash Lite STI en
Adobe Flash CS4 STI-en
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Fonts All
Adobe GoLive 5.0
Adobe Help Center 1.0
Adobe Illustrator 10
Adobe Illustrator CS
Adobe Illustrator CS4
Adobe InDesign CS2
Adobe InDesign CS4
Adobe InDesign CS4 Application Feature Set Files (Roman)
Adobe InDesign CS4 Common Base Files
Adobe InDesign CS4 Icon Handler
Adobe Linguistics CS4
Adobe Media Encoder CS4
Adobe Media Encoder CS4 Additional Exporter
Adobe Media Encoder CS4 Dolby
Adobe Media Encoder CS4 Exporter
Adobe Media Encoder CS4 Importer
Adobe Media Player
Adobe MotionPicture Color Files CS4
Adobe OnLocation CS4
Adobe Output Module
Adobe PDF Library Files CS4
Adobe Photoshop CS2
Adobe Photoshop CS4
Adobe Photoshop CS4 Support
Adobe Premiere Pro CS4
Adobe Premiere Pro CS4 Functional Content
Adobe Premiere Pro CS4 Third Party Content
Adobe Reader X
Adobe Search for Help
Adobe Service Manager Extension
Adobe Setup
Adobe SGM CS4
Adobe SING CS4
Adobe Soundbooth CS4
Adobe Soundbooth CS4 Codecs
Adobe Stock Photos 1.0
Adobe SVG Viewer
Adobe Type Manager Deluxe 4.0
Adobe Type Support CS4
Adobe Update Manager CS4
Adobe Version Cue CS4 Server
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS4
AdobeColorCommonSetCMYK
AdobeColorCommonSetRGB
AGEIA PhysX v2.3.3
AIM 7
AnyDVD
AppCore
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Applet_App
Applet_Copy
Applet_Creativity
Applet_Email
Applet_Epp
Applet_File
Applet_OCR
Applet_Web
ArcSoft PhotoImpression 3.0
AVI to DVD Converter
Avira AntiVir Personal - Free Antivirus
Bonjour
BufferChm
C4700
C6300
ccCommon
CCleaner
Choice Guard
CloneDVD2
Compatibility Pack for the 2007 Office system
Connect
Copy Utility
Core FTP LE 2.0
Destinations
DeviceDiscovery
DivX Plus DirectShow Filters
DivX Setup
Download Updater (AOL LLC)
DVD Decrypter (Remove Only)
EmpirePoker
Enhanced Multimedia Keyboard Solution
EPSON Photo Print
EPSON Smart Panel
EPSON TWAIN 5
ET USB Driver
Full Tilt Poker
Ghost Recon Advanced Warfighter
Google Earth
Google Update Helper
GPBaseService2
Hardware Diagnostic Tools
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Active Support Library 32 bit components
HP Color LaserJet CP1210 Series
HP Color LaserJet CP1210 Series Toolbox
HP Customer Experience Enhancements
HP Customer Feedback
HP Customer Participation Program 13.0
HP Easy Setup - Frontend
HP Imaging Device Functions 13.0
HP LaserJet Toolbox
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6
HP Photosmart C6300 All-In-One Driver Software 12.0 Rel .4
HP Photosmart Essential 3.5
HP Picasso Media Center Add-In
HP Print Projects 1.0
HP Smart Web Printing 4.5
HP Solution Center 13.0
HP Total Care Advisor
HP Update
HPAsset component for HP Active Support Library
HPCarePackCore
HPCarePackProducts
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
hpPrintProjects
HPProductAssistant
hppusgCP1215
HPSSupply
hpWLPGInstaller
iPhone Configuration Utility
iTunes
Java Auto Updater
Java(TM) 6 Update 23
Java(TM) SE Runtime Environment 6 Update 1
kuler
LightScribe System Software
LightScribeTemplateLabeler
LiveUpdate 3.2 (Symantec Corporation)
LiveUpdate Notice (Symantec Corporation)
LogMeIn
magicJack
Malwarebytes' Anti-Malware version 1.51.2.1300
MarketResearch
Maxtor Manager
Media Player Classic - Home Cinema v1.5.2.3456
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Office 2000 Premium
Microsoft Office Home and Student 60 day trial
Microsoft Office Word Viewer 2003
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft VC90 CRT + OMP
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MobileMe Control Panel
Move Networks Media Player for Internet Explorer
Mozilla Firefox 6.0.2 (x86 en-US)
MrvlUsgTracking
MSRedist
MSVCRT
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.0
My HP Games
NEF Codec
Network
Norton Internet Security (Symantec Corporation)
NVIDIA Drivers
PDF Settings CS4
Photoshop Camera Raw
Pixel Bender Toolkit
PokerStars
PS_AIO_04_C6300_Software_Min
PS_AIO_06_C4700_SW_Min
PSSWCORE
Pure Networks Network Magic
Python 2.5
QuarkXPress 6.1
QuickTime
Realtek High Definition Audio Driver
RegCure
Rhapsody
Rhapsody Player Engine
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Express Labeler 3
Roxio MyDVD Basic v9
Safari
Scan
ScanToWeb
SecureZIP for Windows 12.00.0018
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Shop for HP Supplies
SmartWebPrinting
Snapfish Picture Mover
Soft Data Fax Modem with SmartCP
SolutionCenter
Sprint Digital Lounge
Status
Suite Shared Configuration CS4
Suite Specific
SymNet
Toolbox
TrayApp
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VC80CRTRedist - 8.0.50727.6195
Veoh Web Player Beta
VideoToolkit01
VLC media player 1.1.11
WeatherBug Gadget
Web-Based Email Tools
WebReg
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows Media Player Firefox Plugin
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Software Update
.
==== Event Viewer Messages From Past Week ========
.
10/16/2011 8:49:37 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Health Check Service service to connect.
10/16/2011 8:49:37 PM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/16/2011 8:48:45 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
10/16/2011 8:48:45 PM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/16/2011 8:48:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
10/16/2011 7:32:06 PM, Error: Microsoft Antimalware [2001] -
10/16/2011 7:31:22 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
10/16/2011 7:31:22 PM, Error: Service Control Manager [7000] - The Emsisoft Anti-Malware 5.1 - Service service failed to start due to the following error: The system cannot find the path specified.
10/16/2011 7:27:30 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
.
==== End Of File ===========================
rjmc
Regular Member
 
Posts: 22
Joined: October 16th, 2011, 11:14 pm
Advertisement
Register to Remove

Re: Updates Fail, Firefox won't connect, IE does, but redire

Unread postby pgmigg » October 18th, 2011, 2:54 pm

Hello rjmc,

Welcome to the forum! :)

My name is pgmigg and I'll be helping you with any malware problems.

Currently I am working under the guidance of the MRU teachers and everything I post to you, must first be approved by them.
This additional review process can add some extra time to my responses, but I will post back with instructions for you as soon as possible.


Before we begin, please read and follow these important guidelines, so things will proceed smoothly.
  1. The instructions being given are for YOUR computer and system only!
    Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  2. You must have Administrator rights, permissions for this computer.
  3. DO NOT run any other fix or removal tools unless instructed to do so!
  4. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  5. Only post your problem at (1) one help site. Applying fixes from multiple help sites can cause problems.
  6. Print each set of instructions if possible - your Internet connection will not be available during some fix processes.
  7. Only reply to this thread, do not start another one. Please, continue responding, until I give you the "All Clean!" :cheers:
    Absence of symptoms does not mean that everything is clear.

I am currently reviewing your log and will return, as soon as possible, with additional instructions. In the meantime...
Please take time to read the Malware Removal Forum Guidelines and Rules where the conditions for receiving help at this forum are explained.

Please read all instructions carefully before executing and perform the steps, in the order given.
lf, you have any questions or problems, executing these instructions, <<STOP>> do not proceed, post back with the question or problem.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Updates Fail, Firefox won't connect, IE does, but redire

Unread postby pgmigg » October 19th, 2011, 1:06 pm

Hello rjmc,

Thank you for your patience... :)

Step 1.
MGA Diagnostics
  1. Please download MGA Diagnostic Tool and save it to your Desktop.
  2. Right click on MGADiag.exe and select Run As Administrator to run it.
  3. Click Continue.
  4. The program will run. It takes a while to finish the diagnosis, please be patient.
  5. Once done, click on Copy.
  6. Open Notepad and paste the contents in the window.
  7. Save this file and copy/paste it in your next reply.

Step 2.
WVCheck
  1. Please download WVCheck.exe and save it to your Desktop.
  2. Right-click WVCheck.exe and select Run as administrator... to run the process.
  3. Read the comments on the screen, then press Enter.
    The scan can take a while depending on the size of your hard drive.
  4. Once the program is done, Notepad will open with the scan report. Save the report to your Desktop.
  5. Please copy and paste the contents of the Notepad file in your next reply.

Step 3.
Run CKScanner
  1. Please download CKScanner from Here
  2. Important: - Save it to your Desktop.
  3. Right-click CKScanner.exe and select Run as administrator..., then click Search For Files.
  4. After a very short time, when the cursor hourglass disappears, click Save List To File.
  5. A message box will verify the file saved.
  6. Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

Please include in your next reply:
  1. Did you have any problems executing the instructions?
  2. Contents of a log created by MGADiag.exe
  3. Contents of a log created by WVCheck.exe
  4. Contents of a log created by CKFiles.txt
  5. Do you see any changes in computer behavior?

Thanks,
pgmigg
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Updates Fail, Firefox won't connect, IE does, but redire

Unread postby rjmc » October 20th, 2011, 6:01 am

Hello pgmigg,

No change as of yet. WV Check errored out.

Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Online Validation Code: N/A, hr = 0xc004f012
Windows Product Key: *****-*****-27HYQ-XTKW2-WQD8Q
Windows Product Key Hash: U8YEZzymoD4DMyaMb32rPrNIS90=
Windows Product ID: 89578-OEM-7332157-00061
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 6.0.6001.2.00010300.1.0.003
ID: {B8E7D56F-7BB8-49F1-9AAB-B48CDD3603DF}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: N/A, hr = 0x80070002
Signed By: N/A, hr = 0x80070002
Product Name: Windows Vista (TM) Home Premium
Architecture: 0x00000000
Build lab: 6001.vistasp1_gdr.101014-0432
TTS Error:
Validation Diagnostic:
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A, hr = 0x80070002
Version: 6.0.6002.16398

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 77F760FE-153-80070002_7E90FEE8-175-80070002_025D1FF3-364-80041010_025D1FF3

-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-

2_025D1FF3-244-80070002_025D1FF3-258-3

Browser Data-->
Proxy settings: N/A
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->

Other data-->
Office Details: <GenuineResults><MachineData><UGUID>{B8E7D56F-7BB8-49F1-9AAB-

B48CDD3603DF}

</UGUID><Version>1.9.0027.0</Version><OS>6.0.6001.2.00010300.1.0.003</OS><Architecture>x32</Archit

ecture><PKey>*****-*****-*****-*****-WQD8Q</PKey><PID>89578-OEM-7332157-

00061</PID><PIDType>2</PIDType><SID>S-1-5-21-3513781084-200415242-

206230267</SID><SYSTEM><Manufacturer>HP-Pavilion</Manufacturer><Model>GN703AA-ABA

a6228x</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies,

LTD</Manufacturer><Version> 5.11</Version><SMBIOSVersion major="2"

minor="4"/><Date>20070716000000.000000+000</Date></BIOS><HWID>72333507018400F6</HWID><UserL

CID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific Standard Time(GMT-08:00)

</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model

></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-

CPC</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result>

<Products/><Applications/></Office></Software></GenuineResults>

Spsys.log Content: 0x80070002

Licensing Data-->
Software licensing service version: 6.0.6001.18000
Name: Windows(TM) Vista, HomePremium edition
Description: Windows Operating System - Vista, OEM_SLP channel
Activation ID: bffdc375-bbd5-499d-8ef1-4f37b61c895f
Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
Extended PID: 89578-00146-321-500061-02-1033-6000.0000-3322007
Installation ID: 020165618276269050405013491815683923265064102164640285
Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43473
Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43474
Use License URL: http://go.microsoft.com/fwlink/?LinkID=43476
Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=43475
Partial Product Key: WQD8Q
License Status: Licensed

Windows Activation Technologies-->
N/A

HWID Data-->
HWID Hash Current:

NAAAAAEAAwABAAIAAQABAAAAAgABAAEA6GGgPpmThCeip5IA6i8+h85w8vROlZKErFYm6Q==

OEM Activation 1.0 Data-->
N/A

OEM Activation 2.0 Data-->
BIOS valid for OA 2.0: yes
Windows marker version: 0x20000
OEMID and OEMTableID Consistent: yes
BIOS Information:
ACPI Table Name OEMID Value OEMTableID Value
APIC HPQOEM SLIC-CPC
FACP HPQOEM SLIC-CPC
HPET HPQOEM SLIC-CPC
MCFG HPQOEM SLIC-CPC
SLIC HPQOEM SLIC-CPC
SSDT HPQOEM SLIC-CPC

WV Check Error Log
Traceback (most recent call last):
File "<string>", line 367, in <module>
File "<string>", line 236, in main
File "<string>", line 358, in checkHostsFile
IOError: [Errno 2] No such file or directory: 'C:\\Windows\\system32\\drivers\\etc\\hosts'


CKScanner - Additional Security Risks - These are not necessarily bad
c:\program files\adobe\adobe premiere pro cs4\plug-ins\en_us\vstplugins\decrackler1.dll
c:\program files\adobe\adobe premiere pro cs4\plug-ins\en_us\vstplugins\decrackler2.dll
c:\program files\adobe\adobe premiere pro cs4\plug-ins\en_us\vstplugins\decrackler6.dll
c:\program files\hp games\bejeweled 2 deluxe\sounds\firecrackle.ogg
c:\program files\hp games\blasterball 3\data\art\bitmaps\enemies\boss2_crack.jpg.wkz
c:\program files\hp games\mah jong quest\images\tile_firecracker-1.pnge
c:\program files\hp games\mah jong quest\images\tile_firecracker-2.pnge
c:\program files\hp games\mah jong quest\images\tile_firecracker-3.pnge
c:\program files\hp games\mah jong quest\images\tile_firecracker1.pnge
c:\program files\hp games\mah jong quest\images\kwazi3\level5-1cracktop.jpge
c:\program files\hp games\mah jong quest\images\kwazi5\5_lvl_5a_postcrack1.jpge
c:\program files\hp games\mah jong quest\images\kwazi5\5_lvl_5a_postcrack2.jpge
scanner sequence 3.FF.11.OJAAQP
----- EOF -----
rjmc
Regular Member
 
Posts: 22
Joined: October 16th, 2011, 11:14 pm

Re: Updates Fail, Firefox won't connect, IE does, but redire

Unread postby pgmigg » October 21st, 2011, 11:32 am

Hello rjmc,

Good job! Let continue our treatment and diagnostics...

Step 1.
Hosts File Corrupted
Download HostsXpert and unzip it to your computer, somewhere where you can find it.
  1. Right click on HostsXpert.exe and select "Run As Administrator..." to run it.
  2. Click on Restore MS Hosts File to restore your Hosts file to its default condition.
  3. Click on Make ReadOnly to secure it against further infection.
  4. Exit the program.

Step 2.
TDSSKiller - Rootkit Removal Tool - Scan only
Please download the TDSSKiller.exe by Kaspersky and save it to your Desktop. <-Important!!!
  1. Right-click on TDSSKiller.exe and select "Run As Administrator..." to run the tool for known TDSS/TDL variants.
    If TDSSKiller does not run, please rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. zarodinu.com).
    If you don't see file extensions, please see: How to change the file extension.
  2. Click the Start Scan button. Do not use the computer during the scan!
  3. If the scan completes with nothing found, click Close to exit.
  4. If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Please select Skip instead of Cure (default).
  5. Then click Continue, then Close and then Close again.
  6. A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory (usually Local Disk C:).
  7. Copy and paste the contents of that file in your next reply.

Step 3.
OTL - Download
Please download OTL.exe by Old Timer and save it to your Desktop.

OTL Scan
Important! Close all applications and windows so that you have nothing open and are at your Desktop.
  1. Right click on OTL.exe select "Run As Administrator..." to run it. If prompted by UAC, please allow it.
  2. Under Output, ensure that Minimal Output is selected.
  3. Click the Scan All Users checkbox.
    Leave the remaining selections to the default settings.
  4. Click on Run Scan at the top left hand corner.
  5. When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  6. Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt log file
  3. Contents of OTL.txt log file
  4. Contents of Extras.txt log file
  5. Do you see any changes in computer behavior?

Thanks,
pgmigg
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Updates Fail, Firefox won't connect, IE does, but redire

Unread postby rjmc » October 23rd, 2011, 4:09 am

Hi pgmigg,

Your instructions were clear and easy to follow. Here's the reports. The only thing that has changed is in IE when I tried to submit my post and reports I get the "internet can't display the webpage. Diagnose connection problems" message. I had to go to another computer to post this reply.

Thanks,
rjmc

19:31:17.0669 37352 TDSS rootkit removing tool 2.6.12.0 Oct 21 2011 11:23:48
19:31:17.0949 37352 ============================================================
19:31:17.0949 37352 Current date / time: 2011/10/22 19:31:17.0949
19:31:17.0949 37352 SystemInfo:
19:31:17.0949 37352
19:31:17.0949 37352 OS Version: 6.0.6001 ServicePack: 1.0
19:31:17.0949 37352 Product type: Workstation
19:31:17.0949 37352 ComputerName: OFFICE
19:31:17.0949 37352 UserName: joylynn
19:31:17.0949 37352 Windows directory: C:\Windows
19:31:17.0949 37352 System windows directory: C:\Windows
19:31:17.0949 37352 Processor architecture: Intel x86
19:31:17.0949 37352 Number of processors: 2
19:31:17.0949 37352 Page size: 0x1000
19:31:17.0949 37352 Boot type: Normal boot
19:31:17.0949 37352 ============================================================
19:31:21.0631 37352 Initialize success
19:31:23.0565 19216 ============================================================
19:31:23.0565 19216 Scan started
19:31:23.0565 19216 Mode: Manual;
19:31:23.0565 19216 ============================================================
19:31:24.0065 19216 a2acc - ok
19:31:24.0205 19216 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
19:31:24.0221 19216 ACPI - ok
19:31:24.0345 19216 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
19:31:24.0345 19216 adfs - ok
19:31:24.0470 19216 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
19:31:24.0486 19216 adp94xx - ok
19:31:24.0533 19216 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
19:31:24.0533 19216 adpahci - ok
19:31:24.0611 19216 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
19:31:24.0611 19216 adpu160m - ok
19:31:24.0642 19216 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
19:31:24.0642 19216 adpu320 - ok
19:31:24.0907 19216 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
19:31:24.0907 19216 AFD - ok
19:31:25.0047 19216 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
19:31:25.0063 19216 agp440 - ok
19:31:25.0547 19216 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
19:31:25.0547 19216 aic78xx - ok
19:31:25.0656 19216 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
19:31:25.0656 19216 aliide - ok
19:31:25.0718 19216 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
19:31:25.0718 19216 amdagp - ok
19:31:25.0734 19216 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
19:31:25.0734 19216 amdide - ok
19:31:25.0859 19216 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
19:31:25.0859 19216 AmdK7 - ok
19:31:25.0890 19216 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
19:31:25.0890 19216 AmdK8 - ok
19:31:26.0030 19216 AnyDVD (133b7b6d6a3ec9e46fbe742ee1516c37) C:\Windows\system32\Drivers\AnyDVD.sys
19:31:26.0030 19216 AnyDVD - ok
19:31:26.0124 19216 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
19:31:26.0124 19216 arc - ok
19:31:26.0202 19216 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
19:31:26.0202 19216 arcsas - ok
19:31:26.0249 19216 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
19:31:26.0249 19216 AsyncMac - ok
19:31:26.0311 19216 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
19:31:26.0311 19216 atapi - ok
19:31:26.0405 19216 ATMhelpr (3ef1db7f168851914517d4ed36b57c04) C:\Windows\system32\drivers\ATMhelpr.sys
19:31:26.0405 19216 ATMhelpr - ok
19:31:26.0498 19216 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
19:31:26.0498 19216 avgntflt - ok
19:31:26.0592 19216 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
19:31:26.0607 19216 avipbb - ok
19:31:26.0732 19216 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
19:31:26.0732 19216 Beep - ok
19:31:26.0857 19216 blbdrive - ok
19:31:26.0951 19216 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
19:31:26.0951 19216 bowser - ok
19:31:26.0997 19216 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
19:31:26.0997 19216 BrFiltLo - ok
19:31:27.0075 19216 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
19:31:27.0075 19216 BrFiltUp - ok
19:31:27.0122 19216 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\Drivers\Brserid.sys
19:31:27.0138 19216 Brserid - ok
19:31:27.0200 19216 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
19:31:27.0200 19216 BrSerWdm - ok
19:31:27.0231 19216 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
19:31:27.0247 19216 BrUsbMdm - ok
19:31:27.0294 19216 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\Drivers\BrUsbSer.sys
19:31:27.0294 19216 BrUsbSer - ok
19:31:27.0341 19216 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
19:31:27.0341 19216 BTHMODEM - ok
19:31:27.0434 19216 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
19:31:27.0450 19216 cdfs - ok
19:31:27.0512 19216 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
19:31:27.0512 19216 cdrom - ok
19:31:27.0590 19216 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
19:31:27.0590 19216 circlass - ok
19:31:27.0637 19216 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
19:31:27.0637 19216 CLFS - ok
19:31:27.0762 19216 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
19:31:27.0762 19216 cmdide - ok
19:31:27.0793 19216 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
19:31:27.0793 19216 Compbatt - ok
19:31:27.0855 19216 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
19:31:27.0855 19216 crcdisk - ok
19:31:27.0871 19216 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
19:31:27.0871 19216 Crusoe - ok
19:31:28.0011 19216 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
19:31:28.0011 19216 DfsC - ok
19:31:28.0152 19216 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
19:31:28.0152 19216 disk - ok
19:31:28.0214 19216 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
19:31:28.0214 19216 Dot4 - ok
19:31:28.0308 19216 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
19:31:28.0308 19216 Dot4Print - ok
19:31:28.0339 19216 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
19:31:28.0339 19216 dot4usb - ok
19:31:28.0433 19216 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
19:31:28.0433 19216 drmkaud - ok
19:31:28.0495 19216 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
19:31:28.0495 19216 DXGKrnl - ok
19:31:28.0589 19216 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
19:31:28.0589 19216 E1G60 - ok
19:31:28.0651 19216 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
19:31:28.0667 19216 Ecache - ok
19:31:28.0729 19216 eeCtrl (e89cc1363cb7f5320ae3b41c1333d0c3) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
19:31:28.0729 19216 eeCtrl - ok
19:31:28.0838 19216 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\Windows\system32\Drivers\ElbyCDIO.sys
19:31:28.0838 19216 ElbyCDIO - ok
19:31:28.0885 19216 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
19:31:28.0901 19216 elxstor - ok
19:31:28.0979 19216 EraserUtilRebootDrv (e7d1a496c71cd56bdd97f32c9141a03b) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
19:31:28.0994 19216 EraserUtilRebootDrv - ok
19:31:29.0103 19216 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
19:31:29.0103 19216 exfat - ok
19:31:29.0150 19216 f4f610d6 ( Rootkit.Win32.PMax.gen ) - infected
19:31:29.0150 19216 f4f610d6 - detected Rootkit.Win32.PMax.gen (0)
19:31:29.0213 19216 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
19:31:29.0228 19216 fastfat - ok
19:31:29.0306 19216 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
19:31:29.0306 19216 fdc - ok
19:31:29.0415 19216 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
19:31:29.0415 19216 FileInfo - ok
19:31:29.0447 19216 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
19:31:29.0447 19216 Filetrace - ok
19:31:29.0556 19216 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
19:31:29.0556 19216 flpydisk - ok
19:31:29.0587 19216 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
19:31:29.0587 19216 FltMgr - ok
19:31:29.0634 19216 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
19:31:29.0634 19216 Fs_Rec - ok
19:31:29.0727 19216 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
19:31:29.0727 19216 gagp30kx - ok
19:31:29.0774 19216 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
19:31:29.0774 19216 GEARAspiWDM - ok
19:31:29.0899 19216 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
19:31:29.0899 19216 HdAudAddService - ok
19:31:29.0930 19216 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:31:29.0930 19216 HDAudBus - ok
19:31:29.0961 19216 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
19:31:29.0961 19216 HidBth - ok
19:31:29.0977 19216 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
19:31:29.0993 19216 HidIr - ok
19:31:30.0071 19216 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
19:31:30.0071 19216 HidUsb - ok
19:31:30.0149 19216 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
19:31:30.0149 19216 HpCISSs - ok
19:31:30.0289 19216 HSF_DP (88749fbf8beb18c90e7d6626c8c1910b) C:\Windows\system32\DRIVERS\HSX_DP.sys
19:31:30.0305 19216 HSF_DP - ok
19:31:30.0367 19216 HSXHWBS2 (fe440536bd98af772130dc3a6fe1915f) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
19:31:30.0367 19216 HSXHWBS2 - ok
19:31:30.0461 19216 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
19:31:30.0461 19216 HTTP - ok
19:31:30.0492 19216 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
19:31:30.0492 19216 i2omp - ok
19:31:30.0570 19216 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
19:31:30.0570 19216 i8042prt - ok
19:31:30.0632 19216 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
19:31:30.0632 19216 iaStorV - ok
19:31:30.0663 19216 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
19:31:30.0663 19216 iirsp - ok
19:31:30.0804 19216 IntcAzAudAddService (edc37b918e583a5a813c53d4f5588255) C:\Windows\system32\drivers\RTKVHDA.sys
19:31:30.0835 19216 IntcAzAudAddService - ok
19:31:30.0882 19216 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
19:31:30.0897 19216 intelide - ok
19:31:30.0944 19216 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
19:31:30.0944 19216 intelppm - ok
19:31:31.0038 19216 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:31:31.0038 19216 IpFilterDriver - ok
19:31:31.0053 19216 IpInIp - ok
19:31:31.0085 19216 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
19:31:31.0085 19216 IPMIDRV - ok
19:31:31.0147 19216 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
19:31:31.0147 19216 IPNAT - ok
19:31:31.0225 19216 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
19:31:31.0241 19216 IRENUM - ok
19:31:31.0287 19216 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
19:31:31.0287 19216 isapnp - ok
19:31:31.0381 19216 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
19:31:31.0397 19216 iScsiPrt - ok
19:31:31.0412 19216 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
19:31:31.0428 19216 iteatapi - ok
19:31:31.0459 19216 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
19:31:31.0459 19216 iteraid - ok
19:31:31.0537 19216 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
19:31:31.0537 19216 kbdclass - ok
19:31:31.0568 19216 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
19:31:31.0568 19216 kbdhid - ok
19:31:31.0615 19216 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
19:31:31.0631 19216 KSecDD - ok
19:31:31.0755 19216 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
19:31:31.0755 19216 lltdio - ok
19:31:31.0833 19216 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
19:31:31.0833 19216 LMIInfo - ok
19:31:31.0927 19216 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
19:31:31.0943 19216 lmimirr - ok
19:31:31.0958 19216 LMIRfsClientNP - ok
19:31:31.0989 19216 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
19:31:31.0989 19216 LMIRfsDriver - ok
19:31:32.0036 19216 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
19:31:32.0036 19216 LSI_FC - ok
19:31:32.0114 19216 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
19:31:32.0114 19216 LSI_SAS - ok
19:31:32.0130 19216 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
19:31:32.0130 19216 LSI_SCSI - ok
19:31:32.0177 19216 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
19:31:32.0177 19216 luafv - ok
19:31:32.0301 19216 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
19:31:32.0301 19216 MBAMProtector - ok
19:31:32.0348 19216 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:31:32.0364 19216 mdmxsdk - ok
19:31:32.0473 19216 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
19:31:32.0489 19216 megasas - ok
19:31:32.0567 19216 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
19:31:32.0582 19216 Modem - ok
19:31:32.0613 19216 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
19:31:32.0613 19216 monitor - ok
19:31:32.0832 19216 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
19:31:32.0832 19216 mouclass - ok
19:31:32.0894 19216 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
19:31:32.0894 19216 mouhid - ok
19:31:32.0941 19216 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
19:31:32.0941 19216 MountMgr - ok
19:31:33.0035 19216 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
19:31:33.0035 19216 mpio - ok
19:31:33.0081 19216 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
19:31:33.0081 19216 mpsdrv - ok
19:31:33.0113 19216 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
19:31:33.0113 19216 Mraid35x - ok
19:31:33.0191 19216 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
19:31:33.0191 19216 MRxDAV - ok
19:31:33.0269 19216 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:31:33.0269 19216 mrxsmb - ok
19:31:33.0347 19216 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:31:33.0347 19216 mrxsmb10 - ok
19:31:33.0518 19216 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:31:33.0518 19216 mrxsmb20 - ok
19:31:33.0549 19216 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
19:31:33.0549 19216 msahci - ok
19:31:33.0627 19216 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
19:31:33.0627 19216 msdsm - ok
19:31:33.0674 19216 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
19:31:33.0674 19216 Msfs - ok
19:31:33.0721 19216 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
19:31:33.0721 19216 msisadrv - ok
19:31:33.0830 19216 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
19:31:33.0830 19216 MSKSSRV - ok
19:31:33.0846 19216 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
19:31:33.0846 19216 MSPCLOCK - ok
19:31:33.0877 19216 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
19:31:33.0877 19216 MSPQM - ok
19:31:33.0908 19216 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
19:31:33.0908 19216 MsRPC - ok
19:31:34.0017 19216 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
19:31:34.0017 19216 mssmbios - ok
19:31:34.0049 19216 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
19:31:34.0049 19216 MSTEE - ok
19:31:34.0095 19216 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
19:31:34.0095 19216 Mup - ok
19:31:34.0205 19216 MXOPSWD (216ac775320f64de28cfeb7c179c4ff9) C:\Windows\system32\DRIVERS\mxopswd.sys
19:31:34.0205 19216 MXOPSWD - ok
19:31:34.0267 19216 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
19:31:34.0267 19216 NativeWifiP - ok
19:31:34.0345 19216 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
19:31:34.0345 19216 NDIS - ok
19:31:34.0454 19216 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
19:31:34.0454 19216 NdisTapi - ok
19:31:34.0501 19216 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
19:31:34.0501 19216 Ndisuio - ok
19:31:34.0563 19216 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
19:31:34.0563 19216 NdisWan - ok
19:31:34.0673 19216 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
19:31:34.0673 19216 NDProxy - ok
19:31:34.0719 19216 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
19:31:34.0719 19216 NetBIOS - ok
19:31:34.0735 19216 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
19:31:34.0751 19216 netbt - ok
19:31:34.0844 19216 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
19:31:34.0860 19216 nfrd960 - ok
19:31:34.0907 19216 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
19:31:34.0907 19216 Npfs - ok
19:31:35.0016 19216 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
19:31:35.0016 19216 nsiproxy - ok
19:31:35.0063 19216 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
19:31:35.0078 19216 Ntfs - ok
19:31:35.0156 19216 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
19:31:35.0156 19216 ntrigdigi - ok
19:31:35.0203 19216 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
19:31:35.0203 19216 Null - ok
19:31:35.0265 19216 NVENETFD (74c825c573aa6e115590d94e7bf86901) C:\Windows\system32\DRIVERS\nvmfdx32.sys
19:31:35.0281 19216 NVENETFD - ok
19:31:35.0531 19216 nvlddmkm (fbba09782f2fac5a57619df378ba9372) C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:31:35.0687 19216 nvlddmkm - ok
19:31:35.0780 19216 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
19:31:35.0780 19216 nvraid - ok
19:31:35.0796 19216 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
19:31:35.0796 19216 nvstor - ok
19:31:35.0827 19216 nvstor32 (a1ce1a6fd74c046f029448fcfa5e386d) C:\Windows\system32\drivers\nvstor32.sys
19:31:35.0843 19216 nvstor32 - ok
19:31:35.0921 19216 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
19:31:35.0921 19216 nv_agp - ok
19:31:35.0936 19216 NwlnkFlt - ok
19:31:35.0936 19216 NwlnkFwd - ok
19:31:35.0983 19216 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
19:31:35.0983 19216 ohci1394 - ok
19:31:36.0030 19216 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
19:31:36.0030 19216 Parport - ok
19:31:36.0092 19216 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
19:31:36.0092 19216 partmgr - ok
19:31:36.0139 19216 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
19:31:36.0139 19216 Parvdm - ok
19:31:36.0186 19216 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
19:31:36.0186 19216 pci - ok
19:31:36.0233 19216 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
19:31:36.0248 19216 pciide - ok
19:31:36.0279 19216 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
19:31:36.0279 19216 pcmcia - ok
19:31:36.0389 19216 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
19:31:36.0404 19216 PEAUTH - ok
19:31:36.0529 19216 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
19:31:36.0529 19216 PptpMiniport - ok
19:31:36.0560 19216 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
19:31:36.0560 19216 Processor - ok
19:31:36.0623 19216 Ps2 (390c204ced3785609ab24e9c52054a84) C:\Windows\system32\DRIVERS\PS2.sys
19:31:36.0623 19216 Ps2 - ok
19:31:36.0685 19216 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
19:31:36.0685 19216 PSched - ok
19:31:36.0716 19216 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
19:31:36.0716 19216 PxHelp20 - ok
19:31:36.0779 19216 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
19:31:36.0794 19216 ql2300 - ok
19:31:36.0857 19216 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
19:31:36.0857 19216 ql40xx - ok
19:31:36.0888 19216 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
19:31:36.0888 19216 QWAVEdrv - ok
19:31:36.0919 19216 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
19:31:36.0919 19216 RasAcd - ok
19:31:36.0966 19216 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:31:36.0966 19216 Rasl2tp - ok
19:31:37.0044 19216 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
19:31:37.0044 19216 RasPppoe - ok
19:31:37.0091 19216 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
19:31:37.0091 19216 RasSstp - ok
19:31:37.0106 19216 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
19:31:37.0122 19216 rdbss - ok
19:31:37.0153 19216 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:31:37.0153 19216 RDPCDD - ok
19:31:37.0215 19216 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
19:31:37.0231 19216 rdpdr - ok
19:31:37.0262 19216 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
19:31:37.0262 19216 RDPENCDD - ok
19:31:37.0309 19216 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
19:31:37.0309 19216 RDPWD - ok
19:31:37.0387 19216 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
19:31:37.0387 19216 rspndr - ok
19:31:37.0449 19216 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
19:31:37.0449 19216 sbp2port - ok
19:31:37.0496 19216 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
19:31:37.0496 19216 secdrv - ok
19:31:37.0527 19216 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
19:31:37.0527 19216 Serenum - ok
19:31:37.0559 19216 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
19:31:37.0559 19216 Serial - ok
19:31:37.0637 19216 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
19:31:37.0637 19216 sermouse - ok
19:31:37.0683 19216 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
19:31:37.0683 19216 sffdisk - ok
19:31:37.0699 19216 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
19:31:37.0699 19216 sffp_mmc - ok
19:31:37.0730 19216 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
19:31:37.0730 19216 sffp_sd - ok
19:31:37.0746 19216 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
19:31:37.0746 19216 sfloppy - ok
19:31:37.0777 19216 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
19:31:37.0777 19216 sisagp - ok
19:31:37.0839 19216 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
19:31:37.0839 19216 SiSRaid2 - ok
19:31:37.0886 19216 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
19:31:37.0886 19216 SiSRaid4 - ok
19:31:37.0933 19216 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
19:31:37.0933 19216 Smb - ok
19:31:38.0245 19216 SNPSTD3 (11bb0e11d42cc3a43d741d9b30839be1) C:\Windows\system32\DRIVERS\snpstd3.sys
19:31:38.0448 19216 SNPSTD3 - ok
19:31:38.0541 19216 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
19:31:38.0541 19216 spldr - ok
19:31:38.0619 19216 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
19:31:38.0635 19216 srv - ok
19:31:38.0697 19216 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
19:31:38.0697 19216 srv2 - ok
19:31:38.0775 19216 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
19:31:38.0775 19216 srvnet - ok
19:31:38.0822 19216 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys
19:31:38.0838 19216 sscdbus - ok
19:31:38.0916 19216 sscdmdfl (8a1be0c347814f482f493aea619d57f6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
19:31:38.0916 19216 sscdmdfl - ok
19:31:38.0963 19216 sscdmdm (5ab0b1987f682a59b15b78f84c6ad7d0) C:\Windows\system32\DRIVERS\sscdmdm.sys
19:31:38.0963 19216 sscdmdm - ok
19:31:38.0994 19216 sscdserd (751e66eb32efa80633b80f5d7ff0a1d8) C:\Windows\system32\DRIVERS\sscdserd.sys
19:31:38.0994 19216 sscdserd - ok
19:31:39.0103 19216 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
19:31:39.0103 19216 ssmdrv - ok
19:31:39.0150 19216 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
19:31:39.0150 19216 StillCam - ok
19:31:39.0228 19216 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
19:31:39.0228 19216 swenum - ok
19:31:39.0275 19216 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
19:31:39.0275 19216 Symc8xx - ok
19:31:39.0306 19216 SYMDNS (1d8fb1e5d6859d38e3ebca5febc6839f) C:\Windows\System32\Drivers\SYMDNS.SYS
19:31:39.0321 19216 SYMDNS - ok
19:31:39.0415 19216 SymEvent (9e4188476848b2ef86f9c44d5164e724) C:\Windows\system32\Drivers\SYMEVENT.SYS
19:31:39.0415 19216 SymEvent - ok
19:31:39.0431 19216 SYMFW (91fcddf2cbaf898126ae7dfa5ce570ed) C:\Windows\System32\Drivers\SYMFW.SYS
19:31:39.0431 19216 SYMFW - ok
19:31:39.0477 19216 SYMIDS (9584e278787ad65e82eec5694f77cb54) C:\Windows\System32\Drivers\SYMIDS.SYS
19:31:39.0477 19216 SYMIDS - ok
19:31:39.0493 19216 SYMNDISV (60350bc7919e6e45dd8130ad55665f48) C:\Windows\System32\Drivers\SYMNDISV.SYS
19:31:39.0493 19216 SYMNDISV - ok
19:31:39.0571 19216 SYMREDRV (9181892e5af5df8d2ac3d9d2cea48afd) C:\Windows\System32\Drivers\SYMREDRV.SYS
19:31:39.0571 19216 SYMREDRV - ok
19:31:39.0587 19216 SYMTDI (d539f317e6caaa4e08911a84c2180938) C:\Windows\System32\Drivers\SYMTDI.SYS
19:31:39.0602 19216 SYMTDI - ok
19:31:39.0633 19216 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
19:31:39.0633 19216 Sym_hi - ok
19:31:39.0649 19216 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
19:31:39.0649 19216 Sym_u3 - ok
19:31:39.0805 19216 Tcpip (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\drivers\tcpip.sys
19:31:39.0805 19216 Tcpip - ok
19:31:39.0836 19216 Tcpip6 (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\DRIVERS\tcpip.sys
19:31:39.0836 19216 Tcpip6 - ok
19:31:39.0883 19216 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
19:31:39.0883 19216 tcpipreg - ok
19:31:39.0977 19216 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
19:31:39.0977 19216 TDPIPE - ok
19:31:39.0992 19216 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
19:31:39.0992 19216 TDTCP - ok
19:31:40.0039 19216 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
19:31:40.0039 19216 tdx - ok
19:31:40.0086 19216 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
19:31:40.0086 19216 TermDD - ok
19:31:40.0195 19216 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:31:40.0195 19216 tssecsrv - ok
19:31:40.0242 19216 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
19:31:40.0242 19216 tunmp - ok
19:31:40.0289 19216 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
19:31:40.0289 19216 tunnel - ok
19:31:40.0382 19216 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
19:31:40.0382 19216 uagp35 - ok
19:31:40.0429 19216 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
19:31:40.0429 19216 udfs - ok
19:31:40.0476 19216 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
19:31:40.0476 19216 uliagpkx - ok
19:31:40.0554 19216 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
19:31:40.0569 19216 uliahci - ok
19:31:40.0585 19216 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
19:31:40.0585 19216 UlSata - ok
19:31:40.0616 19216 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
19:31:40.0616 19216 ulsata2 - ok
19:31:40.0663 19216 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
19:31:40.0663 19216 umbus - ok
19:31:40.0741 19216 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
19:31:40.0741 19216 USBAAPL - ok
19:31:40.0803 19216 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
19:31:40.0803 19216 usbaudio - ok
19:31:40.0850 19216 usbbus (5353218b3265e3b8190335059f697a11) C:\Windows\system32\DRIVERS\lgusbbus.sys
19:31:40.0850 19216 usbbus - ok
19:31:40.0928 19216 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
19:31:40.0928 19216 usbccgp - ok
19:31:40.0959 19216 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
19:31:40.0959 19216 usbcir - ok
19:31:41.0006 19216 UsbDiag (7dd3eefc62a1ef44e5f940fa651ed9ed) C:\Windows\system32\DRIVERS\lgusbdiag.sys
19:31:41.0006 19216 UsbDiag - ok
19:31:41.0069 19216 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
19:31:41.0069 19216 usbehci - ok
19:31:41.0100 19216 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
19:31:41.0100 19216 usbhub - ok
19:31:41.0147 19216 USBModem (083031a78822eccbd7510bccd3e20d4c) C:\Windows\system32\DRIVERS\lgusbmodem.sys
19:31:41.0147 19216 USBModem - ok
19:31:41.0178 19216 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
19:31:41.0178 19216 usbohci - ok
19:31:41.0256 19216 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
19:31:41.0256 19216 usbprint - ok
19:31:41.0303 19216 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
19:31:41.0303 19216 usbscan - ok
19:31:41.0334 19216 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:31:41.0334 19216 USBSTOR - ok
19:31:41.0396 19216 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
19:31:41.0396 19216 usbuhci - ok
19:31:41.0490 19216 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
19:31:41.0490 19216 vga - ok
19:31:41.0537 19216 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
19:31:41.0537 19216 VgaSave - ok
19:31:41.0615 19216 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
19:31:41.0615 19216 viaagp - ok
19:31:41.0646 19216 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
19:31:41.0646 19216 ViaC7 - ok
19:31:41.0661 19216 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
19:31:41.0661 19216 viaide - ok
19:31:41.0693 19216 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
19:31:41.0693 19216 volmgr - ok
19:31:41.0771 19216 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
19:31:41.0771 19216 volmgrx - ok
19:31:41.0817 19216 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
19:31:41.0817 19216 volsnap - ok
19:31:41.0849 19216 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
19:31:41.0849 19216 vsmraid - ok
19:31:41.0927 19216 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
19:31:41.0927 19216 WacomPen - ok
19:31:41.0973 19216 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:31:41.0973 19216 Wanarp - ok
19:31:41.0989 19216 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
19:31:41.0989 19216 Wanarpv6 - ok
19:31:42.0067 19216 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
19:31:42.0067 19216 Wd - ok
19:31:42.0129 19216 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
19:31:42.0129 19216 Wdf01000 - ok
19:31:42.0207 19216 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
19:31:42.0223 19216 winachsf - ok
19:31:42.0332 19216 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
19:31:42.0332 19216 WmiAcpi - ok
19:31:42.0441 19216 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
19:31:42.0441 19216 WpdUsb - ok
19:31:42.0519 19216 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
19:31:42.0519 19216 ws2ifsl - ok
19:31:42.0597 19216 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:31:42.0597 19216 WUDFRd - ok
19:31:42.0691 19216 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
19:31:42.0691 19216 XAudio - ok
19:31:42.0722 19216 MBR (0x1B8) (8913823ff508ccf109db74b636c301da) \Device\Harddisk0\DR0
19:31:42.0769 19216 \Device\Harddisk0\DR0 - ok
19:31:42.0800 19216 MBR (0x1B8) (e5fa06aca0d60ba9c870d0ef3d9898c9) \Device\Harddisk5\DR5
19:31:57.0823 19216 \Device\Harddisk5\DR5 - ok
19:31:57.0885 19216 MBR (0x1B8) (a4a15d6782e6fe1dce41a606cb3affe3) \Device\Harddisk6\DR6
19:31:58.0697 19216 \Device\Harddisk6\DR6 - ok
19:31:58.0712 19216 Boot (0x1200) (70b8d41842d56e6187a65da7808ccf92) \Device\Harddisk0\DR0\Partition0
19:31:58.0712 19216 \Device\Harddisk0\DR0\Partition0 - ok
19:31:58.0728 19216 Boot (0x1200) (fdfcb2b6a11a3469c6bac483c852d6d8) \Device\Harddisk0\DR0\Partition1
19:31:58.0728 19216 \Device\Harddisk0\DR0\Partition1 - ok
19:31:58.0743 19216 Boot (0x1200) (e62ad68f4c83962358dbaaad137ddc3e) \Device\Harddisk5\DR5\Partition0
19:31:58.0743 19216 \Device\Harddisk5\DR5\Partition0 - ok
19:31:58.0759 19216 Boot (0x1200) (2727c5861400f09ddea8135a113a3b92) \Device\Harddisk6\DR6\Partition0
19:31:58.0775 19216 \Device\Harddisk6\DR6\Partition0 - ok
19:31:58.0775 19216 ============================================================
19:31:58.0775 19216 Scan finished
19:31:58.0775 19216 ============================================================
19:31:58.0790 39840 Detected object count: 1
19:31:58.0790 39840 Actual detected object count: 1
19:32:13.0688 39840 f4f610d6 ( Rootkit.Win32.PMax.gen ) - skipped by user
19:32:13.0688 39840 f4f610d6 ( Rootkit.Win32.PMax.gen ) - User select action: Skip
19:32:17.0557 10720 Deinitialize success


OTL logfile created on: 10/22/2011 7:32:55 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\joylynn\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.37 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 64.23% Memory free
6.96 Gb Paging File | 5.18 Gb Available in Paging File | 74.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289.21 Gb Total Space | 48.67 Gb Free Space | 16.83% Space Free | Partition Type: NTFS
Drive D: | 8.88 Gb Total Space | 1.24 Gb Free Space | 13.94% Space Free | Partition Type: NTFS
Drive F: | 3.84 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: FAT32
Drive M: | 465.76 Gb Total Space | 335.61 Gb Free Space | 72.06% Space Free | Partition Type: NTFS

Computer Name: OFFICE | User Name: joylynn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\joylynn\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files\LogMeIn\x86\ramaint.exe (LogMeIn, Inc.)
PRC - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
PRC - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe (Symantec Corporation)
PRC - C:\Program Files\Maxtor\OneTouch Status\MaxMenuMgr.exe (Maxtor Corporation)
PRC - C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
PRC - C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.)
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
PRC - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
PRC - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe (Pure Networks, Inc.)
PRC - C:\Program Files\AGEIA Technologies\TrayIcon.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files\Yahoo!\Messenger\yui.dll ()
MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\QtGui4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\QtCore4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\QtNetwork4.dll ()
MOD - C:\Program Files\Veoh Networks\VeohWebPlayer\imageformats\qjpeg4.dll ()
MOD - C:\Program Files\AGEIA Technologies\TrayIcon.exe ()


========== Win32 Services (SafeList) ==========

SRV - (a2AntiMalware) -- File not found
SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (LMIMaint) -- C:\Program Files\LogMeIn\x86\RaMaint.exe (LogMeIn, Inc.)
SRV - (LMIGuardianSvc) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LogMeIn, Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (LogMeIn) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn, Inc.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (Adobe Version Cue CS4) -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe (Adobe Systems Incorporated)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Maxtor Sync Service) -- C:\Program Files\Maxtor\Sync\SyncServices.exe ()
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Automatic LiveUpdate Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (LiveUpdate Notice Ex) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccSetMgr) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (SymAppCore) -- c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe ()
SRV - (nmservice) -- C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe (Pure Networks, Inc.)


========== Driver Services (SafeList) ==========

DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (LMIRfsClientNP) -- C:\Windows\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (LMIRfsDriver) -- C:\Windows\System32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (HSXHWBS2) -- C:\Windows\System32\drivers\HSXHWBS2.sys (Conexant Systems, Inc.)
DRV - (HSF_DP) -- C:\Windows\System32\drivers\HSX_DP.sys (Conexant Systems, Inc.)
DRV - (LMIInfo) -- C:\Program Files\LogMeIn\x86\rainfo.sys (LogMeIn, Inc.)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (SYMNDISV) -- C:\Windows\System32\Drivers\SYMNDISV.SYS (Symantec Corporation)
DRV - (SYMTDI) -- C:\Windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\Windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (SYMIDS) -- C:\Windows\System32\Drivers\SYMIDS.SYS (Symantec Corporation)
DRV - (SYMFW) -- C:\Windows\System32\Drivers\SYMFW.SYS (Symantec Corporation)
DRV - (SYMDNS) -- C:\Windows\System32\Drivers\SYMDNS.SYS (Symantec Corporation)
DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (MXOPSWD) -- C:\Windows\System32\drivers\mxopswd.sys (Maxtor Corp.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\System32\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV - (Ps2) -- C:\Windows\System32\drivers\PS2.sys (Hewlett-Packard Company)
DRV - (sscdserd) SAMSUNG CDMA Modem Diagnostic Serial Port (WDM) -- C:\Windows\System32\drivers\sscdserd.sys (MCCI)
DRV - (sscdmdm) -- C:\Windows\System32\drivers\sscdmdm.sys (MCCI)
DRV - (sscdmdfl) -- C:\Windows\System32\drivers\sscdmdfl.sys (MCCI)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\Windows\System32\drivers\sscdbus.sys (MCCI)
DRV - (USBModem) -- C:\Windows\System32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (UsbDiag) -- C:\Windows\System32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- C:\Windows\System32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (ATMhelpr) -- C:\Windows\System32\drivers\ATMhelpr.sys (Adobe Systems Incorporated)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-3513781084-200415242-206230267-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie8
IE - HKU\S-1-5-21-3513781084-200415242-206230267-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3513781084-200415242-206230267-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKU\S-1-5-21-3513781084-200415242-206230267-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://www.dooki.info
IE - HKU\S-1-5-21-3513781084-200415242-206230267-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2
IE - HKU\S-1-5-21-3513781084-200415242-206230267-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKU\S-1-5-21-3513781084-200415242-206230267-1000\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No CLSID value found
IE - HKU\S-1-5-21-3513781084-200415242-206230267-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3513781084-200415242-206230267-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AIM Search"
FF - prefs.js..browser.search.defaulturl: "http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2706&invocationType=tb50fftrie7&query="
FF - prefs.js..browser.search.selectedEngine: "Bing"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.yahoo.com"
FF - prefs.js..extensions.enabledItems: {c2f863cd-0429-48c7-bb54-db756a951760}:5.20.1.1
FF - prefs.js..extensions.enabledItems: web@veoh.com:1.4
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.3.5.20110120033202
FF - prefs.js..keyword.URL: "http://www.bing.com/search?pc=Z128&form=ZGAADF&install_date=20110829&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.0: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohTVPlugin: C:\Program Files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll (Veoh Networks )
FF - HKLM\Software\MozillaPlugins\@veoh.com/VeohWebPlayer: C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll (Veoh)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/18 22:27:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/09/03 22:29:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/07 13:28:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/16 20:08:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\web@veoh.com: C:\Program Files\Veoh Networks\VeohWebPlayer\FFVideoFinder [2009/01/14 03:59:07 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/18 22:27:46 | 000,000,000 | ---D | M]

[2008/08/27 12:15:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\joylynn\AppData\Roaming\Mozilla\Extensions
[2011/09/26 17:35:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\joylynn\AppData\Roaming\Mozilla\Firefox\Profiles\modvzzop.default\extensions
[2011/09/26 01:35:00 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\joylynn\AppData\Roaming\Mozilla\Firefox\Profiles\modvzzop.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2008/09/24 13:25:39 | 000,000,000 | ---D | M] (LogMeIn, Inc. Remote Access Plugin) -- C:\Users\joylynn\AppData\Roaming\Mozilla\Firefox\Profiles\modvzzop.default\extensions\LogMeInClient@logmein.com
[2009/02/25 07:52:13 | 000,001,739 | ---- | M] () -- C:\Users\joylynn\AppData\Roaming\Mozilla\Firefox\Profiles\modvzzop.default\searchplugins\aim-search.xml
[2011/08/28 20:25:35 | 000,001,945 | ---- | M] () -- C:\Users\joylynn\AppData\Roaming\Mozilla\Firefox\Profiles\modvzzop.default\searchplugins\bing-zugo.xml
[2011/06/03 03:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/04/17 16:55:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011/01/30 21:46:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/06/03 03:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011/06/03 03:29:47 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009/09/02 03:00:41 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/09/07 13:28:03 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/11/12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2008/06/11 14:27:34 | 000,217,088 | ---- | M] (Starfield Technology, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwbe.dll
[2007/11/16 14:34:16 | 000,217,088 | ---- | M] (Starfield Technology, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwbe.dll_
[2011/07/01 14:44:46 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old

O1 HOSTS File: ([2011/10/22 19:30:24 | 000,000,698 | R--- | M]) - C:\Windows\System32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Veoh Web Player Video Finder) - {0FBB9689-D3D7-4f7a-A2E2-585B10099BFC} - C:\Program Files\Veoh Networks\VeohWebPlayer\VeohIEToolbar.dll (Veoh Networks Inc)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()
O3 - HKU\S-1-5-21-3513781084-200415242-206230267-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe ()
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpbdfawep] C:\Program Files\HP\Dfawep\bin\hpbdfawep.exe ()
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mxomssmenu] C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe (Maxtor Corporation)
O4 - HKLM..\Run: [nmapp] C:\Program Files\Pure Networks\Network Magic\nmapp.exe (Pure Networks, Inc.)
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [PrnStatusMX] C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe (Marvell Semiconductor, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-3513781084-200415242-206230267-1000..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe ()
O4 - HKU\S-1-5-21-3513781084-200415242-206230267-1000..\Run: [AOL OCP Update] C:\Users\joylynn\AppData\Local\AOL OCP\AOLUpdate\AOLupdt32.exe (Apple Inc.)
O4 - HKU\S-1-5-21-3513781084-200415242-206230267-1000..\Run: [cdloader] C:\Users\joylynn\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKU\S-1-5-21-3513781084-200415242-206230267-1000..\Run: [DisplayTrayManager] C:\ProgramData\DisplayTrayManager.dll (Apple Inc.)
O4 - HKU\S-1-5-21-3513781084-200415242-206230267-1000..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKU\S-1-5-21-3513781084-200415242-206230267-1000..\Run: [VeohPlugin] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe (Veoh Networks)
O4 - HKLM..\RunOnce: [Launcher] C:\Windows\SMINST\Launcher.exe (soft thinks)
O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Append to Existing PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra Button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Programs\EmpirePokerMaster\EmpirePoker\RunEPoker.exe ()
O9 - Extra 'Tools' menuitem : EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Programs\EmpirePokerMaster\EmpirePoker\RunEPoker.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)
O15 - HKU\S-1-5-21-3513781084-200415242-206230267-1000\..Trusted Domains: secureserver.net ([email] http in Trusted sites)
O15 - HKU\S-1-5-21-3513781084-200415242-206230267-1000\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebook.com/controls/200 ... oader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {18C3FD15-74F6-4280-9C98-3590C966B7B8} http://www.worldwinner.com/games/v47/sk ... illgam.cab (SkillGam Control)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://mypoints.worldwinner.com/games/v ... Loader.cab (FunGamesLoader Object)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://www.costcophotocenter.com/CostcoActivia.cab (Snapfish Activia)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace.com/upload/MySpaceUploader1006.cab (MySpace Uploader Control)
O16 - DPF: {6C6FE41A-0DA6-42A1-9AD8-792026B2B2A7} http://www.worldwinner.com/games/v41/fr ... eecell.cab (FreeCell Control)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} http://www.charter.net/files/charter/se ... /fscax.cab (F-Secure Online Scanner 3.3)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/ractrl.cab?lmi=100 (Performance Viewer Activex Control)
O16 - DPF: Web-Based Email Tools http://email.secureserver.net/Download.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A8AF857-B8D0-4BC1-9E14-B12EF29BC146}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\pure-go {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp.dll (Pure Networks, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\joylynn\Pictures\1 GB\P1000101.JPG
O24 - Desktop BackupWallPaper: C:\Users\joylynn\Pictures\1 GB\P1000101.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/09/27 08:15:52 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - Unable to obtain root file information for disk M:\
O33 - MountPoints2\{80ceb365-4de2-11dd-88bb-001d609c520a}\Shell\AutoRun\command - "" = K:\autorun.exe
O33 - MountPoints2\{80ceb365-4de2-11dd-88bb-001d609c520a}\Shell\phone\command - "" = K:\autorun.exe
O33 - MountPoints2\{e52ebc9d-4037-11de-a988-001d609c520a}\Shell\AutoRun\command - "" = K:\autorun.exe
O33 - MountPoints2\{e52ebc9d-4037-11de-a988-001d609c520a}\Shell\phone\command - "" = K:\autorun.exe
O33 - MountPoints2\{f26fe9d4-cb34-11dc-bf67-001d609c520a}\Shell - "" = AutoRun
O33 - MountPoints2\{f26fe9d4-cb34-11dc-bf67-001d609c520a}\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O33 - MountPoints2\{f26fe9d5-cb34-11dc-bf67-001d609c520a}\Shell\AutoRun\command - "" = M:\d.com
O33 - MountPoints2\{f26fe9d5-cb34-11dc-bf67-001d609c520a}\Shell\explore\Command - "" = M:\d.com
O33 - MountPoints2\{f26fe9d5-cb34-11dc-bf67-001d609c520a}\Shell\open\Command - "" = M:\d.com
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\autorun.exe
O33 - MountPoints2\F\Shell\phone\command - "" = F:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/22 19:28:11 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\joylynn\Desktop\OTL.exe
[2011/10/22 19:27:49 | 001,561,392 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\joylynn\Desktop\tdsskiller.exe
[2011/10/20 02:36:09 | 002,031,992 | ---- | C] (Microsoft Corporation) -- C:\Users\joylynn\Desktop\MGADiag.exe
[2011/10/17 07:54:25 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\joylynn\Desktop\dds.scr
[2011/10/16 20:32:19 | 000,000,000 | ---D | C] -- C:\Users\joylynn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2011/10/16 19:17:15 | 000,000,000 | ---D | C] -- C:\MGADiagToolOutput
[2011/10/16 19:15:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage
[2011/10/16 18:54:36 | 000,000,000 | ---D | C] -- C:\Users\joylynn\AppData\Roaming\Avira
[2011/10/03 06:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/03 06:28:58 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011/10/03 06:25:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011/10/03 06:25:28 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2011/10/03 06:25:27 | 000,138,192 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011/10/03 06:25:27 | 000,066,616 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2011/10/03 06:25:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011/10/03 06:25:26 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2011/10/03 05:34:49 | 001,547,568 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\joylynn\Desktop\kfgj.exe
[2011/10/03 05:33:16 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2011/10/03 01:05:07 | 000,000,000 | ---D | C] -- C:\Users\joylynn\Documents\Anti-Malware
[2011/10/03 00:05:27 | 000,000,000 | ---D | C] -- C:\Users\joylynn\AppData\Roaming\yahoo!
[2011/09/26 21:07:53 | 000,000,000 | ---D | C] -- C:\Users\joylynn\AppData\Roaming\vlc
[2011/09/26 21:07:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011/09/26 21:07:07 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2011/09/26 21:02:28 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/09/26 02:30:11 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\ProgramData\DisplayTrayManager.dll
[2011/09/26 01:35:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2007/03/12 12:41:52 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd3.dll
[2005/11/23 13:55:32 | 000,053,248 | ---- | C] ( ) -- C:\Windows\System32\csnpstd3.dll
[26 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\joylynn\*.tmp files -> C:\Users\joylynn\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/22 19:30:24 | 000,000,698 | R--- | M] () -- C:\Windows\System32\drivers\etc\HOSTS
[2011/10/22 19:28:16 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\joylynn\Desktop\OTL.exe
[2011/10/22 19:28:03 | 001,561,392 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\joylynn\Desktop\tdsskiller.exe
[2011/10/22 19:18:50 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/10/22 19:18:50 | 000,003,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/10/22 18:58:53 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{A5DC2E62-20D3-4BB2-A30C-C5C329E38109}.job
[2011/10/22 18:57:15 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/10/22 17:00:00 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\RegCure Program Check.job
[2011/10/22 00:11:00 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HP WEP.job
[2011/10/21 21:57:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/10/20 05:25:04 | 000,604,264 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/10/20 05:25:04 | 000,103,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/10/20 05:18:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/10/20 05:18:15 | 3622,363,136 | -HS- | M] () -- C:\hiberfil.sys
[2011/10/20 03:58:00 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\RegCure.job
[2011/10/20 02:40:41 | 000,459,264 | ---- | M] () -- C:\Users\joylynn\Desktop\CKScanner.exe
[2011/10/20 02:36:36 | 003,514,358 | ---- | M] () -- C:\Users\joylynn\Desktop\WVCheck.exe
[2011/10/20 02:36:09 | 002,031,992 | ---- | M] (Microsoft Corporation) -- C:\Users\joylynn\Desktop\MGADiag.exe
[2011/10/17 07:54:29 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\joylynn\Desktop\dds.scr
[2011/10/16 21:55:47 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2011/10/16 20:55:08 | 000,002,617 | ---- | M] () -- C:\Users\joylynn\Desktop\HiJackThis.lnk
[2011/10/16 19:31:07 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForjoylynn.job
[2011/10/16 19:12:39 | 001,008,092 | ---- | M] () -- C:\Users\joylynn\Desktop\jllik.scr
[2011/10/03 06:34:51 | 000,054,272 | ---- | M] () -- C:\Users\joylynn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/03 06:29:02 | 000,000,868 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/03 06:25:34 | 000,001,809 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/10/03 05:34:58 | 001,547,568 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\joylynn\Desktop\kfgj.exe
[2011/10/03 05:32:44 | 001,402,880 | ---- | M] () -- C:\Users\joylynn\Desktop\HiJackThis.msi
[2011/10/03 05:30:32 | 000,388,608 | ---- | M] () -- C:\Users\joylynn\Desktop\HijackThis.exe
[2011/10/03 01:56:29 | 000,000,000 | ---- | M] () -- C:\Windows\3591436020
[2011/09/26 22:04:15 | 000,000,916 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3513781084-200415242-206230267-1000UA.job
[2011/09/26 22:04:14 | 000,000,864 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3513781084-200415242-206230267-1000Core.job
[2011/09/26 21:07:25 | 000,000,821 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/09/26 16:05:42 | 002,949,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011/09/26 02:30:10 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\ProgramData\DisplayTrayManager.dll
[26 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\joylynn\*.tmp files -> C:\Users\joylynn\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/20 02:40:41 | 000,459,264 | ---- | C] () -- C:\Users\joylynn\Desktop\CKScanner.exe
[2011/10/20 02:36:34 | 003,514,358 | ---- | C] () -- C:\Users\joylynn\Desktop\WVCheck.exe
[2011/10/16 21:10:48 | 000,000,332 | ---- | C] () -- C:\Windows\tasks\HP WEP.job
[2011/10/16 20:32:19 | 000,002,617 | ---- | C] () -- C:\Users\joylynn\Desktop\HiJackThis.lnk
[2011/10/16 19:24:45 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
[2011/10/16 19:12:31 | 001,008,092 | ---- | C] () -- C:\Users\joylynn\Desktop\jllik.scr
[2011/10/03 06:29:02 | 000,000,868 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/03 06:25:34 | 000,001,809 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/10/03 05:32:40 | 001,402,880 | ---- | C] () -- C:\Users\joylynn\Desktop\HiJackThis.msi
[2011/10/03 05:30:29 | 000,388,608 | ---- | C] () -- C:\Users\joylynn\Desktop\HijackThis.exe
[2011/09/29 02:39:49 | 3622,363,136 | -HS- | C] () -- C:\hiberfil.sys
[2011/09/26 22:04:15 | 000,000,916 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3513781084-200415242-206230267-1000UA.job
[2011/09/26 22:04:14 | 000,000,864 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3513781084-200415242-206230267-1000Core.job
[2011/09/26 21:07:25 | 000,000,821 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2011/09/01 04:31:34 | 000,006,407 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2011/05/07 07:28:22 | 000,009,450 | -HS- | C] () -- C:\Users\joylynn\AppData\Local\vcld8ur6r20st846jff156851eb2b12575o
[2011/05/07 07:28:22 | 000,009,450 | -HS- | C] () -- C:\ProgramData\vcld8ur6r20st846jff156851eb2b12575o
[2010/03/18 22:05:32 | 000,201,462 | ---- | C] () -- C:\Windows\hpoins43.dat
[2010/01/26 03:00:24 | 000,146,891 | ---- | C] () -- C:\Windows\hpoins31.dat
[2010/01/22 08:05:56 | 000,096,768 | ---- | C] () -- C:\Windows\SlantAdj.dll
[2010/01/22 08:05:56 | 000,003,136 | ---- | C] () -- C:\Windows\Ade001.bin
[2010/01/22 08:05:56 | 000,001,571 | ---- | C] () -- C:\Windows\Faxcpp1.ini
[2010/01/22 08:05:56 | 000,000,422 | ---- | C] () -- C:\Windows\Faxcpp.ini
[2010/01/22 08:05:56 | 000,000,072 | ---- | C] () -- C:\Windows\System32\epDPE.ini
[2010/01/22 07:15:56 | 000,000,036 | ---- | C] () -- C:\Users\joylynn\AppData\Local\housecall.guid.cache
[2009/11/30 00:46:01 | 000,000,000 | ---- | C] () -- C:\Users\joylynn\AppData\Roaming\wklnhst.dat
[2009/10/15 21:01:34 | 000,001,356 | ---- | C] () -- C:\Users\joylynn\AppData\Local\d3d9caps.dat
[2009/06/11 03:34:22 | 000,000,675 | ---- | C] () -- C:\Windows\hpomdl43.dat
[2008/12/11 15:11:44 | 000,000,945 | ---- | C] () -- C:\Windows\hpomdl31.dat
[2008/09/14 23:33:06 | 000,000,008 | ---- | C] () -- C:\Users\joylynn\AppData\Local\.mpid
[2008/08/31 03:00:24 | 000,106,605 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2008/08/31 03:00:24 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/06/12 13:54:07 | 002,927,104 | ---- | C] () -- C:\Windows\expl.dat
[2008/06/12 13:54:07 | 000,314,880 | ---- | C] () -- C:\Windows\System32\winl.dat
[2008/06/12 13:54:07 | 000,021,504 | ---- | C] () -- C:\Windows\System32\svch.dat
[2008/04/03 17:51:06 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2008/03/31 05:44:34 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2008/03/25 04:25:34 | 000,210,944 | ---- | C] () -- C:\Windows\System32\Msvcrt10.dll
[2008/03/25 04:25:33 | 000,065,536 | ---- | C] () -- C:\Windows\System32\adistres.dll
[2008/02/06 08:17:47 | 000,016,384 | ---- | C] () -- C:\Windows\System32\FileOps.exe
[2008/01/30 04:00:54 | 000,001,732 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2008/01/14 04:13:55 | 000,054,272 | ---- | C] () -- C:\Users\joylynn\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/12/02 16:07:12 | 000,001,284 | ---- | C] () -- C:\Windows\photoimpression.ini
[2007/12/02 14:28:32 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2007/11/02 13:11:32 | 000,159,744 | ---- | C] () -- C:\Windows\System32\hppatusg01.dll
[2007/09/27 08:08:42 | 000,107,026 | ---- | C] () -- C:\Windows\hpqins13.dat
[2007/09/27 07:56:01 | 000,061,440 | ---- | C] () -- C:\Windows\System32\OsdRemove.exe
[2007/09/27 07:53:37 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll
[2007/09/27 07:53:37 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll
[2007/09/12 10:19:56 | 000,008,784 | ---- | C] () -- C:\Windows\System32\ractrlkeyhook.dll
[2007/07/19 08:07:52 | 000,000,000 | ---- | C] () -- C:\Windows\System32\px.ini
[2006/12/13 23:01:36 | 000,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll
[2006/12/13 23:01:36 | 000,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll
[2006/11/02 05:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 05:47:37 | 002,482,720 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 05:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 03:33:01 | 000,604,264 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 03:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 03:33:01 | 000,103,964 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 03:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 03:24:01 | 046,249,416 | ---- | C] () -- C:\Windows\System32\mrt.exe
[2006/11/02 03:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 01:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 01:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 00:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 00:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/09/19 10:07:28 | 000,827,392 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2006/03/20 12:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2006/03/20 12:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2006/03/20 12:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2006/03/20 12:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2006/03/20 12:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2006/03/20 12:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2006/03/20 12:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2006/03/20 12:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2006/03/20 12:43:15 | 000,045,056 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2004/02/27 17:36:18 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[1999/03/21 10:00:00 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL

========== Alternate Data Streams ==========

@Alternate Data Stream - 24 bytes -> C:\Windows:FA33A119A0AD10B0
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
rjmc
Regular Member
 
Posts: 22
Joined: October 16th, 2011, 11:14 pm

Re: Updates Fail, Firefox won't connect, IE does, but redire

Unread postby rjmc » October 23rd, 2011, 4:11 am

OTL Extras logfile created on: 10/22/2011 7:32:55 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\joylynn\Desktop
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.37 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 64.23% Memory free
6.96 Gb Paging File | 5.18 Gb Available in Paging File | 74.41% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289.21 Gb Total Space | 48.67 Gb Free Space | 16.83% Space Free | Partition Type: NTFS
Drive D: | 8.88 Gb Total Space | 1.24 Gb Free Space | 13.94% Space Free | Partition Type: NTFS
Drive F: | 3.84 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: FAT32
Drive M: | 465.76 Gb Total Space | 335.61 Gb Free Space | 72.06% Space Free | Partition Type: NTFS

Computer Name: OFFICE | User Name: joylynn | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3513781084-200415242-206230267-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 1
"InternetSettingsDisableNotify" = 1
"AutoUpdateDisableNotify" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- (EarthLink, Inc.)


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0725D4D8-E2E5-44F8-BC79-9248CA99DE29}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{29CFC8D3-9ACB-4E39-B0DF-F37DA15F8194}" = lport=10243 | protocol=6 | dir=in | app=system |
"{45A00E0B-8D89-47B9-BCC0-DCFE91651811}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{4AA8CBD1-8437-482A-A0A4-B17C138E59CE}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{4CC93B7C-C9EA-4AED-8D1B-D70861E31AE1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{4F7E91CB-78CE-4F19-916E-D384BB51D2CA}" = lport=139 | protocol=6 | dir=in | app=system |
"{51A9E265-5FDF-4CF7-92DF-E010CBF11088}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{5213E81A-7AF9-4BAD-BA2D-9AC23F400063}" = lport=5985 | protocol=6 | dir=in | app=system |
"{546E96B1-E606-45AE-BEE9-6BE4D6476AA3}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=c:\windows\system32\vds.exe |
"{57DC22A2-5880-4402-81B2-6A879B4BB53A}" = lport=138 | protocol=17 | dir=in | app=system |
"{6118A134-DDF1-4935-8690-BA6F9E7BDA9E}" = rport=137 | protocol=17 | dir=out | app=system |
"{70EB5CE2-6C96-4AC6-9850-BA8E0DA7EB03}" = lport=445 | protocol=6 | dir=in | app=system |
"{71C5466D-5E4E-4DB7-B7EF-C5E5182DA1CD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{866557CF-DAA4-460D-B9F8-793BAEF1C9B2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8A18FD22-A92B-4A76-843C-D10E4D3A3B8F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{8AA3A2FF-BF43-4443-BCC6-9183E34B291E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=c:\windows\system32\svchost.exe |
"{8C0B8422-C9EE-4C50-8E69-3EC3CEEA7341}" = rport=139 | protocol=6 | dir=out | app=system |
"{A2961229-F131-43C7-86C6-8BA04217B9B5}" = rport=445 | protocol=6 | dir=out | app=system |
"{B0C36960-5375-4F74-BC1B-A0B4F6182A76}" = rport=138 | protocol=17 | dir=out | app=system |
"{B1B694F7-4062-415C-9F02-A61D405B422C}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\vdsldr.exe |
"{BCBFE322-1946-4388-8C0D-67159A1FA88B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=c:\windows\system32\svchost.exe |
"{C12F5572-D11C-42D6-AE59-2024D05A2112}" = lport=445 | protocol=6 | dir=in | app=system |
"{C41E8540-E8BE-46AB-8473-146D83F9A017}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{C62B2397-A496-41EB-9325-607B0C75AA5C}" = lport=rpc | protocol=6 | dir=in | app=c:\windows\system32\services.exe |
"{C7AEDB17-EE28-4D13-872D-B67A8F20AD21}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{CEB47F0E-640F-457D-AD3A-82A1C215EB0D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DEA17E44-4155-41CA-88D0-404CE1F896BC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E2EFA22A-B947-4A02-9545-2427D6577412}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E515D6A9-423C-4BCF-AB6E-9235D1F5BDB4}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=c:\windows\system32\svchost.exe |
"{E6A2FA46-F445-4726-8F8E-D266760101B6}" = lport=67 | protocol=17 | dir=in | name=dhcp discovery service |
"{E6A432F4-5731-4D4F-9969-6D6E615EA254}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{E7DF7C8C-4E77-4459-9939-C80FD128F946}" = lport=80 | protocol=6 | dir=in | name=@wsmres.dll,-50 |
"{F80EF286-36F1-45D0-8DDD-6F7A7AC299E6}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{021E4573-7F29-4260-AA9A-EE0580813F2E}" = protocol=6 | dir=in | app=c:\program files\windows defender\msascui.exe |
"{0A1A47A3-8A49-46FD-A9C6-F3B7FC2E6E70}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{0FFDA085-9E9B-4386-A612-BF227F2F4876}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"{1A6220E1-D646-4D8D-9F10-A022FA96E8FE}" = protocol=6 | dir=out | app=system |
"{294AD208-B75C-46D7-B1B5-F516CC857317}" = protocol=17 | dir=in | app=c:\program files\windows defender\msascui.exe |
"{337BAE00-45BD-413C-9BCD-57BB125FE288}" = protocol=6 | dir=in | app=c:\program files\pure networks\network magic\nmsrvc.exe |
"{34F94CFC-38B9-4150-B689-E84A8DD83609}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{3AF363E1-EE0F-49A9-8E86-473A8A37CE2D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{44F79DE0-B38B-44EA-9151-E6297E7FC5C6}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5F4F0429-9790-4C3A-930E-2406A346BDF7}" = protocol=6 | dir=out | app=system |
"{653A1D26-E35F-456E-B1E0-29681F6A2B62}" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{680D1457-63B2-4AE1-82FC-4F4865904DDD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6DEEBCF9-E559-40A1-BA8B-E57751C00B04}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{798A58B7-41E4-408B-A47E-A77DC48A7A40}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{7D86AA31-95CD-4C48-A5F3-CEC589D1C041}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmpnetwk.exe |
"{88DD0FAF-4838-4BF3-AAB6-18D571836344}" = protocol=6 | dir=in | app=c:\program files\pure networks\network magic\nmsrvc.exe |
"{890F6408-345E-4F93-828F-061B49A38752}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{8CBCDC39-ED30-4F01-8E5A-02735C6F4263}" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"{8CD0CD56-4A41-4E13-A8E4-B70E905CEC2A}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{918708DB-A674-487E-A510-1E1E167CED5C}" = protocol=6 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{AC1EA94D-F0E5-495C-8C7D-30487334C78F}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{BCB21A9F-A15D-42C9-BF28-E278F9B3206A}" = protocol=17 | dir=in | app=c:\program files\pure networks\network magic\nmsrvc.exe |
"{C070E14A-37D2-4911-88C4-656426B00B6A}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{CCCE06A9-EF75-4706-851C-A8A2CFA4C9F0}" = protocol=6 | dir=in | app=c:\program files\windows media player\wmpnetwk.exe |
"{D49FE7C6-09FC-4F4E-A497-5FF134B4EB52}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{D6044AD4-4FD6-4CD0-B212-04617CE99DCB}" = protocol=17 | dir=in | app=c:\program files\pure networks\network magic\nmsrvc.exe |
"{DDA8AC9F-B0C9-43DE-973F-2D069031ED24}" = protocol=6 | dir=out | app=c:\windows\system32\wudfhost.exe |
"{E2E6D34B-9339-4DAA-B28C-7D2A97F2A5AC}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{E32C76B6-7CA5-4883-A338-AB259920355C}" = protocol=17 | dir=out | app=c:\program files\windows media player\wmplayer.exe |
"{F0B158C5-71E5-4EFF-8A14-EC57CF8699E2}" = protocol=17 | dir=in | app=c:\program files\windows media player\wmplayer.exe |
"{FB2B98F0-0D2E-471A-B556-23F6BD4A4122}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FBF9A3E0-A380-4B08-A746-E1207EBB6260}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{25479D6C-CF1C-481E-A8EC-C024779D3D4B}C:\program files\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"TCP Query User{5691C321-1900-4026-B5F1-C526A7B651A8}C:\users\joylynn\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\joylynn\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{7F9E36DF-F5C7-4AAA-B3EF-38A400AAB418}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=6 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"TCP Query User{A4ED2D9F-C25A-4831-BF48-70BE0A6F1EF9}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{B3B8E9CD-F7AF-4B0A-B6E3-68A909F9A645}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{B7B824D7-508E-40EA-AE53-0C04CB1471F1}C:\users\joylynn\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\joylynn\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{FAD46FF3-55F8-4748-90D0-AD810AF42F3C}C:\program files\aim\aim.exe" = protocol=6 | dir=in | app=c:\program files\aim\aim.exe |
"UDP Query User{25ABD358-CA7E-4F55-A3FF-A24683ABDD03}C:\users\joylynn\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\joylynn\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{347904C8-463A-4F69-8FA3-C43C82816BF2}C:\program files\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |
"UDP Query User{438A738D-C0C3-4DB6-8BC1-2ED145C8A3D9}C:\program files\yahoo!\messenger\yahoomessenger.exe" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"UDP Query User{64D5064A-88ED-4E87-B59A-A51F3F05B4CC}C:\program files\veoh networks\veohwebplayer\veohwebplayer.exe" = protocol=17 | dir=in | app=c:\program files\veoh networks\veohwebplayer\veohwebplayer.exe |
"UDP Query User{704995D8-4AC0-4C88-ADA2-90D452A15F9E}C:\program files\aim\aim.exe" = protocol=17 | dir=in | app=c:\program files\aim\aim.exe |
"UDP Query User{A5AB0171-E808-4A95-A891-3918D88214B8}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{AA96850A-B4A5-45C7-9395-706E1B597800}C:\users\joylynn\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\joylynn\appdata\roaming\mjusbsp\magicjack.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{0134A1A1-C283-4A47-91A1-92F19F960372}" = Adobe Creative Suite 2
"{029B5901-1F27-4347-9923-E8ACC8F54E15}" = Snapfish Picture Mover
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08C0729E-3E50-11DF-9D81-005056806466}" = Google Earth
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{0A2C5854-557E-48C8-835A-3B9F074BDCAA}" = Python 2.5
"{0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}" = HP Active Support Library
"{0AAA9C97-74D4-47CE-B089-0B147EF3553C}" = Windows Live Messenger
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DDA7620-4F8B-43B3-8828-CA5EE292FA3B}" = HP Total Care Advisor
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{0F931735-0098-4FF6-A49D-17882A294F51}" = Microsoft VC90 CRT + OMP
"{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}" = Roxio Creator EasyArchive
"{14AF024E-2E3B-49D0-A175-D1C1A06B155A}" = muvee autoProducer 6.0
"{14F70205-1940-4000-88C7-BE799A6B2CAD}" = Adobe Soundbooth CS4
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server
"{1BF17EE7-6E06-4601-961C-01A481344D06}" = SecureZIP for Windows 12.00.0018
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1E187923-04E5-4E1F-9BF2-40E32D93A1C4}" = HP Color LaserJet CP1210 Series Toolbox
"{2012D762-5DCA-455A-B5FE-EDF79BC93E18}" = HP Photosmart C4700 All-In-One Driver Software 13.0 Rel .6
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{209CDA54-D390-46A2-A97C-7BF61734418D}" = WeatherBug Gadget
"{2168245A-B5AD-40D8-A641-48E3E070B5B6}" = Adobe Flash CS4 STI-en
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}" = EPSON TWAIN 5
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = Media Player Classic - Home Cinema v1.5.2.3456
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 23
"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}" = Rhapsody Player Engine
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{305D4B08-5807-4475-B1C8-D54685534864}" = LightScribeTemplateLabeler
"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java(TM) SE Runtime Environment 6 Update 1
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Roxio Activation Module
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3AC54383-31D1-4907-961B-B12CBB1D0AE8}" = MobileMe Control Panel
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3BEF9769-BA52-18F7-1D02-2362F6A27E38}" = Adobe Media Player
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}" = ccCommon
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{40F7AED3-0C7D-4582-99F6-484A515C73F2}" = HP Easy Setup - Frontend
"{412033BC-44CF-48D9-B813-4B835101F4D3}" = Adobe Illustrator 10
"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4
"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs
"{54360A73-B080-4A69-BFD4-53C190DD3AB0}" = HP Color LaserJet CP1210 Series
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EAD5443-7194-46CC-A055-428E6ABB1BAF}" = Adobe Encore CS4
"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}" = HP Active Support Library 32 bit components
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4
"{75247E38-5C9B-45D6-ADF8-E11CB56B4990}" = Network
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78AC18A2-12A9-4102-B0B7-C7558182D212}" = C6300
"{793D1D88-6141-43DE-BE58-59BCE31B4090}" = Adobe Flash CS4 Extension - Flash Lite STI en
"{7B02BF60-796D-4616-908B-B31A63CFDEFB}" = HPCarePackCore
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}" = iTunes
"{7E7658A2-CD3F-48A7-93EA-0882BCA4FD2A}" = LogMeIn
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{88D18C5E-5113-4A1E-8EC9-2B7E24688A14}" = PS_AIO_04_C6300_Software_Min
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{91A4AD99-69CE-4745-97B7-0E0DFBECFDE5}" = Adobe Illustrator CS
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{938B1CD7-7C60-491E-AA90-1F1888168240}" = Roxio MyDVD Basic v9
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C09E3A4-850A-40B2-B94F-EBFB5349C238}" = hppusgCP1215
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A55F4F9F-CCA8-4732-AA1F-0390A4A50947}" = C4700
"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4
"{A89768CF-CD21-44FD-A723-16D5A8557415}" = NEF Codec
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5E289E-76BF-4251-9F3F-9B763F681AE0}" = HP Customer Experience Enhancements
"{AC76BA86-1033-F400-7760-000000000004}" = Adobe Acrobat 9 Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-AA0000000001}" = Adobe Reader X
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4
"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4
"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B301674E-78A1-4FD1-80A3-5A139D4D8A02}" = ET USB Driver
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{B7C61755-DB48-4003-948F-3D34DB8EAF69}" = MSRedist
"{B8281D46-D846-4BB9-BC84-F1115A7BF820}" = Maxtor Manager
"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4
"{BA8DF709-6BAB-4092-91E0-4D67EFC12A98}" = HP Photosmart C6300 All-In-One Driver Software 12.0 Rel .4
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C2E4B5BD-32DB-4817-A060-341AB17C3F90}" = Bonjour
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}" = Suite Specific
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C6CA8874-5F22-4AF0-9BE3-016BF299C536}" = Windows Live Essentials
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator Basic v9
"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D499F8DE-3F31-4900-9157-61061613704B}" = Adobe Premiere Pro CS4
"{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}" = Full Tilt Poker
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D81FDF0F-FB87-4AB6-925E-76E35B7333DB}" = SymNet
"{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}" = LiveUpdate Notice (Symantec Corporation)
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DDC87CB0-CB02-4454-9B05-EE09CB9D035D}" = MrvlUsgTracking
"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4
"{E36F3199-C282-47CA-BAC7-2B77D247E760}" = PS_AIO_06_C4700_SW_Min
"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}" = ScanToWeb
"{EE0D5DCD-2B97-4473-98DF-E93C0BD92F7A}" = Adobe Stock Photos 1.0
"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby
"{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}" = AppCore
"{EFC97089-04D6-42CE-A707-A343B4A7D2CD}" = Ghost Recon Advanced Warfighter
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3A52623-4890-415D-A43A-F71A3A39C273}" = HPCarePackProducts
"{F6BD194C-4190-4D73-B1B1-C48C99921BFE}" = Windows Live Call
"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FA54AFB1-5745-4389-B8C1-9F7509672ED1}" = iPhone Configuration Utility
"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs
"{FBCCF9CE-61EE-425E-BE4D-959D76FA7701}" = Adobe GoLive 5.0
"{FC0F1F55-DB40-462C-9B2E-ABFF2187C147}" = Web-Based Email Tools
"{FC656543-4E4C-46F8-86F0-F9F907ABE5FD}" = HP LaserJet Toolbox
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"{FF0B0792-F6E7-4627-B820-EA50617E223B}" = QuarkXPress 6.1
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe SVG Viewer" = Adobe SVG Viewer
"Adobe Type Manager Deluxe 4.0" = Adobe Type Manager Deluxe 4.0
"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection
"AGEIA PhysX v2.3.3" = AGEIA PhysX v2.3.3
"AIM_7" = AIM 7
"AnyDVD" = AnyDVD
"Applet_App" = Applet_App
"Applet_Copy" = Applet_Copy
"Applet_Creativity" = Applet_Creativity
"Applet_Email" = Applet_Email
"Applet_Epp" = Applet_Epp
"Applet_File" = Applet_File
"Applet_OCR" = Applet_OCR
"Applet_Web" = Applet_Web
"ArcSoft PhotoImpression 3.0" = ArcSoft PhotoImpression 3.0
"AVI to DVD Converter" = AVI to DVD Converter
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"CloneDVD2" = CloneDVD2
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Soft Data Fax Modem with SmartCP
"com.adobe.amp.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"Copy Utility" = Copy Utility
"Core FTP LE 2.0" = Core FTP LE 2.0
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX Setup
"DVD Decrypter" = DVD Decrypter (Remove Only)
"EmpirePoker" = EmpirePoker
"EPSON Photo Print" = EPSON Photo Print
"EPSON Smart Panel" = EPSON Smart Panel
"HP Color LaserJet CP1210 Series" = HP Color LaserJet CP1210 Series
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"InstallShield_{B8281D46-D846-4BB9-BC84-F1115A7BF820}" = Maxtor Manager
"LiveUpdate" = LiveUpdate 3.2 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 6.0.2 (x86 en-US)" = Mozilla Firefox 6.0.2 (x86 en-US)
"Network Magic" = Pure Networks Network Magic
"NVIDIA Drivers" = NVIDIA Drivers
"OfficeTrial" = Microsoft Office Home and Student 60 day trial
"OsdMaestro" = HP On-Screen Cap/Num/Scroll Lock Indicator
"PC-Doctor 5 for Windows" = Hardware Diagnostic Tools
"PokerStars" = PokerStars
"RegCure" = RegCure
"Rhapsody" = Rhapsody
"Shop for HP Supplies" = Shop for HP Supplies
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SymSetup.{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}" = Norton Internet Security (Symantec Corporation)
"Veoh Web Player Beta" = Veoh Web Player Beta
"VLC media player" = VLC media player 1.1.11
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"Yahoo! Mail" = Yahoo! Internet Mail
"Yahoo! Messenger" = Yahoo! Messenger
"Yahoo! Software Update" = Yahoo! Software Update
"YInstHelper" = Yahoo! Install Manager

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3513781084-200415242-206230267-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"magicJack" = magicJack
"Move Networks Player - IE" = Move Networks Media Player for Internet Explorer
"Sprint Digital Lounge" = Sprint Digital Lounge

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 10/22/2011 8:49:47 PM | Computer Name = office | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x80004005

Error - 10/22/2011 9:01:29 PM | Computer Name = office | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x80004005

Error - 10/22/2011 9:13:56 PM | Computer Name = office | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x80004005

Error - 10/22/2011 9:26:49 PM | Computer Name = office | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x80004005

Error - 10/22/2011 9:39:09 PM | Computer Name = office | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x80004005

Error - 10/22/2011 9:50:13 PM | Computer Name = office | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x80004005

Error - 10/22/2011 10:00:00 PM | Computer Name = office | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x80004005

Error - 10/22/2011 10:09:23 PM | Computer Name = office | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x80004005

Error - 10/22/2011 10:19:30 PM | Computer Name = office | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x80004005

Error - 10/22/2011 10:30:46 PM | Computer Name = office | Source = Automatic LiveUpdate Scheduler | ID = 101
Description = Information Level: error Initialization of the COM subsystem failed.
Error code: 0x80004005

[ System Events ]
Error - 10/20/2011 8:19:03 AM | Computer Name = office | Source = Service Control Manager | ID = 7000
Description =

Error - 10/20/2011 8:19:03 AM | Computer Name = office | Source = Service Control Manager | ID = 7000
Description =

Error - 10/20/2011 8:21:44 AM | Computer Name = office | Source = Service Control Manager | ID = 7009
Description =

Error - 10/20/2011 8:21:44 AM | Computer Name = office | Source = Service Control Manager | ID = 7000
Description =

Error - 10/21/2011 7:53:53 PM | Computer Name = office | Source = DCOM | ID = 10010
Description =

Error - 10/22/2011 10:31:58 PM | Computer Name = office | Source = disk | ID = 262151
Description = The device, \Device\Harddisk6\DR6, has a bad block.

Error - 10/22/2011 10:31:58 PM | Computer Name = office | Source = disk | ID = 262151
Description = The device, \Device\Harddisk6\DR6, has a bad block.

Error - 10/22/2011 10:31:58 PM | Computer Name = office | Source = disk | ID = 262151
Description = The device, \Device\Harddisk6\DR6, has a bad block.

Error - 10/22/2011 10:31:58 PM | Computer Name = office | Source = disk | ID = 262151
Description = The device, \Device\Harddisk6\DR6, has a bad block.

Error - 10/22/2011 10:31:58 PM | Computer Name = office | Source = disk | ID = 262151
Description = The device, \Device\Harddisk6\DR6, has a bad block.


< End of report >
rjmc
Regular Member
 
Posts: 22
Joined: October 16th, 2011, 11:14 pm

Re: Updates Fail, Firefox won't connect, IE does, but redire

Unread postby pgmigg » October 23rd, 2011, 2:09 pm

Hello rjmc,

Rootkit Warning

Your computer has multiple infections, including a Rootkit. A rootkit is a set of software tools intended for concealing running processes, files or system data from the operating system.

You are strongly advised to do the following:

  • Disconnect the computer from the Internet and from any networked computers until it is cleaned.
  • Back up all your important data except programs. The programs can be reinstalled back from the original disc or from the Net.
  • Call all your banks, financial institutions, credit card companies and inform them that you may be a victim of identity theft and put a watch on your accounts. If you don't mind the hassle, change all your account numbers.
  • From a clean computer, change all your passwords (ISP login password, your email address(es) passwords, financial accounts, PayPal, eBay, Amazon, online groups and forums and any other online activities you carry out which require a username and password).

DO NOT change your passwords from this computer as the attacker will be able to get all the new passwords and transaction records.

Due to its rootkit functionality, your computer is very likely to have been compromised and there is no way that it can be trusted again. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be to do a reformat and re-installation of the operating system (OS). However, if you do not have the resources to reinstall your OS and would like me to attempt to clean your machine, I will be happy to do so.

To help you understand more, please take some time to read the following articles:

What are rootkits from Wikipedia
Why are rootkits dangerous
How do I respond to a possible identity theft and how do I prevent it
When should do a reformat and reinstallation of my OS
Where to backup your files
How to backup your files in Windows XP
Restoring your backups

Should you have any questions please feel free to ask.

Please let us know what you have decided to do in your next post.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Updates Fail, Firefox won't connect, IE does, but redire

Unread postby rjmc » October 24th, 2011, 9:38 pm

I'm in the process of backing up files, but I would like to try and clean the machine first rather then reinstall the OS. Where do we start?
rjmc
Regular Member
 
Posts: 22
Joined: October 16th, 2011, 11:14 pm

Re: Updates Fail, Firefox won't connect, IE does, but redire

Unread postby pgmigg » October 25th, 2011, 12:08 pm

Hello rjmc,

Thank you for your decision to clean you computer. :) Let continue our treatment...

Step 1.
TDSSKiller - Rootkit Removal Tool - Scan and Fix
  1. First go to Start > Computer > C: and delete the TDSSKiller log that was created there.
  2. Next right-click on TDSSKiller.exe and select "Run As Administrator..." to run it.
  3. Click on Start Scan, the scan will run.
  4. When the scan has finished, ensure Cure ( the default) is selected... then click Continue > Reboot now.
  5. When finished re-booting, a log of the cleanup will be found at C:\TDSSKiller._version_.MM.YYYY_HH.MM.SS_log.txt.
  6. To find the log go to Start > Computer > C:
  7. Post the contents of that log in your next reply please.

Step 2.
Download and Run ComboFix
  1. Please download ComboFix from one of the following links.

    Link 1.

    Link 2.

    **IMPORTANT !!! Save ComboFix.exe to your Desktop**
  2. Please disable any Antivirus and Firewall you have active, as shown in this topic. Please close all open application windows.
  3. Double click on ComboFix.exe and follow the prompts.
  4. When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply
A word of warning: Neither I nor sUBs are responsible for any damage you may cause to your machine by running ComboFix on your own. This tool is not a toy and not for everyday use!
ComboFix SHOULD NOT be used unless requested by a forum helper.


Please include in your next reply:
  1. Do you have any problems executing the instructions?
  2. Contents of TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt log file after fix
  3. Contents of C:\ComboFix.tx
  4. Do you see any changes in computer behavior?

Thanks,
pgmigg
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Updates Fail, Firefox won't connect, IE does, but redire

Unread postby rjmc » October 26th, 2011, 7:46 am

Hi pgmigg,

When I run TDSS Killer, my only options are Skip, Copy to Quarantine or Delete. Which one should I choose?

Thanks
rjmc
Regular Member
 
Posts: 22
Joined: October 16th, 2011, 11:14 pm

Re: Updates Fail, Firefox won't connect, IE does, but redire

Unread postby pgmigg » October 26th, 2011, 12:29 pm

Hello rjmc,

Good question!

Please select and click on "Copy All to Quarantine" button above the Threats detected list.
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Updates Fail, Firefox won't connect, IE does, but redire

Unread postby rjmc » October 27th, 2011, 7:38 am

03:39:42.0535 57996 TDSS rootkit removing tool 2.6.12.0 Oct 21 2011 11:23:48
03:39:42.0796 57996 ============================================================
03:39:42.0796 57996 Current date / time: 2011/10/27 03:39:42.0796
03:39:42.0796 57996 SystemInfo:
03:39:42.0796 57996
03:39:42.0796 57996 OS Version: 6.0.6001 ServicePack: 1.0
03:39:42.0796 57996 Product type: Workstation
03:39:42.0797 57996 ComputerName: OFFICE
03:39:42.0797 57996 UserName: joylynn
03:39:42.0797 57996 Windows directory: C:\Windows
03:39:42.0797 57996 System windows directory: C:\Windows
03:39:42.0797 57996 Processor architecture: Intel x86
03:39:42.0797 57996 Number of processors: 2
03:39:42.0797 57996 Page size: 0x1000
03:39:42.0797 57996 Boot type: Normal boot
03:39:42.0797 57996 ============================================================
03:39:52.0391 57996 Initialize success
03:39:59.0020 57768 ============================================================
03:39:59.0020 57768 Scan started
03:39:59.0020 57768 Mode: Manual;
03:39:59.0020 57768 ============================================================
03:39:59.0511 57768 56068045 (89fdba391985968401f51a5c577933cd) C:\Windows\system32\drivers\98560963.sys
03:39:59.0581 57768 62794571 (89fdba391985968401f51a5c577933cd) C:\Windows\system32\drivers\63478084.sys
03:39:59.0623 57768 a2acc - ok
03:39:59.0729 57768 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
03:39:59.0733 57768 ACPI - ok
03:39:59.0815 57768 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
03:39:59.0816 57768 adfs - ok
03:39:59.0930 57768 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
03:39:59.0936 57768 adp94xx - ok
03:40:00.0005 57768 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
03:40:00.0007 57768 adpahci - ok
03:40:00.0066 57768 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
03:40:00.0068 57768 adpu160m - ok
03:40:00.0095 57768 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
03:40:00.0097 57768 adpu320 - ok
03:40:00.0194 57768 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
03:40:00.0199 57768 AFD - ok
03:40:00.0306 57768 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
03:40:00.0307 57768 agp440 - ok
03:40:00.0365 57768 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
03:40:00.0367 57768 aic78xx - ok
03:40:00.0391 57768 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
03:40:00.0391 57768 aliide - ok
03:40:00.0470 57768 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
03:40:00.0471 57768 amdagp - ok
03:40:00.0518 57768 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
03:40:00.0519 57768 amdide - ok
03:40:00.0556 57768 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
03:40:00.0557 57768 AmdK7 - ok
03:40:00.0596 57768 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
03:40:00.0598 57768 AmdK8 - ok
03:40:00.0684 57768 AnyDVD (133b7b6d6a3ec9e46fbe742ee1516c37) C:\Windows\system32\Drivers\AnyDVD.sys
03:40:00.0685 57768 AnyDVD - ok
03:40:00.0764 57768 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
03:40:00.0766 57768 arc - ok
03:40:00.0807 57768 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
03:40:00.0809 57768 arcsas - ok
03:40:00.0855 57768 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
03:40:00.0857 57768 AsyncMac - ok
03:40:00.0901 57768 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
03:40:00.0903 57768 atapi - ok
03:40:01.0000 57768 ATMhelpr (3ef1db7f168851914517d4ed36b57c04) C:\Windows\system32\drivers\ATMhelpr.sys
03:40:01.0001 57768 ATMhelpr - ok
03:40:01.0051 57768 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
03:40:01.0053 57768 avgntflt - ok
03:40:01.0108 57768 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
03:40:01.0110 57768 avipbb - ok
03:40:01.0176 57768 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
03:40:01.0177 57768 Beep - ok
03:40:01.0229 57768 blbdrive - ok
03:40:01.0331 57768 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
03:40:01.0332 57768 bowser - ok
03:40:01.0380 57768 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
03:40:01.0381 57768 BrFiltLo - ok
03:40:01.0451 57768 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
03:40:01.0452 57768 BrFiltUp - ok
03:40:01.0536 57768 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\Drivers\Brserid.sys
03:40:01.0538 57768 Brserid - ok
03:40:01.0602 57768 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
03:40:01.0604 57768 BrSerWdm - ok
03:40:01.0679 57768 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
03:40:01.0679 57768 BrUsbMdm - ok
03:40:01.0721 57768 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\Drivers\BrUsbSer.sys
03:40:01.0722 57768 BrUsbSer - ok
03:40:01.0775 57768 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
03:40:01.0777 57768 BTHMODEM - ok
03:40:01.0866 57768 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
03:40:01.0868 57768 cdfs - ok
03:40:01.0923 57768 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
03:40:01.0924 57768 cdrom - ok
03:40:01.0958 57768 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
03:40:01.0959 57768 circlass - ok
03:40:02.0019 57768 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
03:40:02.0021 57768 CLFS - ok
03:40:02.0093 57768 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
03:40:02.0094 57768 cmdide - ok
03:40:02.0155 57768 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
03:40:02.0156 57768 Compbatt - ok
03:40:02.0176 57768 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
03:40:02.0178 57768 crcdisk - ok
03:40:02.0198 57768 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
03:40:02.0199 57768 Crusoe - ok
03:40:02.0290 57768 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
03:40:02.0291 57768 DfsC - ok
03:40:02.0415 57768 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
03:40:02.0416 57768 disk - ok
03:40:02.0470 57768 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
03:40:02.0471 57768 Dot4 - ok
03:40:02.0490 57768 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
03:40:02.0491 57768 Dot4Print - ok
03:40:02.0560 57768 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
03:40:02.0560 57768 dot4usb - ok
03:40:02.0613 57768 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
03:40:02.0614 57768 drmkaud - ok
03:40:02.0661 57768 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
03:40:02.0669 57768 DXGKrnl - ok
03:40:02.0765 57768 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
03:40:02.0766 57768 E1G60 - ok
03:40:02.0816 57768 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
03:40:02.0819 57768 Ecache - ok
03:40:02.0895 57768 eeCtrl (e89cc1363cb7f5320ae3b41c1333d0c3) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
03:40:02.0901 57768 eeCtrl - ok
03:40:02.0994 57768 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\Windows\system32\Drivers\ElbyCDIO.sys
03:40:02.0994 57768 ElbyCDIO - ok
03:40:03.0041 57768 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
03:40:03.0046 57768 elxstor - ok
03:40:03.0127 57768 EraserUtilRebootDrv (e7d1a496c71cd56bdd97f32c9141a03b) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
03:40:03.0129 57768 EraserUtilRebootDrv - ok
03:40:03.0229 57768 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
03:40:03.0231 57768 exfat - ok
03:40:03.0271 57768 f4f610d6 ( Rootkit.Win32.PMax.gen ) - infected
03:40:03.0271 57768 f4f610d6 - detected Rootkit.Win32.PMax.gen (0)
03:40:03.0319 57768 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
03:40:03.0322 57768 fastfat - ok
03:40:03.0407 57768 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
03:40:03.0408 57768 fdc - ok
03:40:03.0433 57768 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
03:40:03.0434 57768 FileInfo - ok
03:40:03.0462 57768 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
03:40:03.0463 57768 Filetrace - ok
03:40:03.0485 57768 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
03:40:03.0487 57768 flpydisk - ok
03:40:03.0582 57768 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
03:40:03.0584 57768 FltMgr - ok
03:40:03.0618 57768 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
03:40:03.0619 57768 Fs_Rec - ok
03:40:03.0649 57768 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
03:40:03.0651 57768 gagp30kx - ok
03:40:03.0749 57768 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
03:40:03.0750 57768 GEARAspiWDM - ok
03:40:03.0813 57768 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
03:40:03.0817 57768 HdAudAddService - ok
03:40:03.0890 57768 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
03:40:03.0892 57768 HDAudBus - ok
03:40:03.0920 57768 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
03:40:03.0921 57768 HidBth - ok
03:40:03.0940 57768 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
03:40:03.0942 57768 HidIr - ok
03:40:03.0976 57768 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
03:40:03.0977 57768 HidUsb - ok
03:40:04.0075 57768 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
03:40:04.0076 57768 HpCISSs - ok
03:40:04.0163 57768 HSF_DP (88749fbf8beb18c90e7d6626c8c1910b) C:\Windows\system32\DRIVERS\HSX_DP.sys
03:40:04.0168 57768 HSF_DP - ok
03:40:04.0240 57768 HSXHWBS2 (fe440536bd98af772130dc3a6fe1915f) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
03:40:04.0242 57768 HSXHWBS2 - ok
03:40:04.0279 57768 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
03:40:04.0282 57768 HTTP - ok
03:40:04.0310 57768 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
03:40:04.0312 57768 i2omp - ok
03:40:04.0411 57768 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
03:40:04.0413 57768 i8042prt - ok
03:40:04.0435 57768 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
03:40:04.0439 57768 iaStorV - ok
03:40:04.0467 57768 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
03:40:04.0468 57768 iirsp - ok
03:40:04.0597 57768 IntcAzAudAddService (edc37b918e583a5a813c53d4f5588255) C:\Windows\system32\drivers\RTKVHDA.sys
03:40:04.0620 57768 IntcAzAudAddService - ok
03:40:04.0705 57768 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
03:40:04.0706 57768 intelide - ok
03:40:04.0733 57768 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
03:40:04.0734 57768 intelppm - ok
03:40:04.0781 57768 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:40:04.0782 57768 IpFilterDriver - ok
03:40:04.0841 57768 IpInIp - ok
03:40:04.0870 57768 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
03:40:04.0872 57768 IPMIDRV - ok
03:40:04.0910 57768 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
03:40:04.0911 57768 IPNAT - ok
03:40:04.0963 57768 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
03:40:04.0964 57768 IRENUM - ok
03:40:05.0054 57768 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
03:40:05.0056 57768 isapnp - ok
03:40:05.0104 57768 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
03:40:05.0106 57768 iScsiPrt - ok
03:40:05.0120 57768 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
03:40:05.0122 57768 iteatapi - ok
03:40:05.0212 57768 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
03:40:05.0213 57768 iteraid - ok
03:40:05.0234 57768 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
03:40:05.0235 57768 kbdclass - ok
03:40:05.0257 57768 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
03:40:05.0257 57768 kbdhid - ok
03:40:05.0304 57768 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
03:40:05.0311 57768 KSecDD - ok
03:40:05.0420 57768 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
03:40:05.0421 57768 lltdio - ok
03:40:05.0497 57768 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
03:40:05.0498 57768 LMIInfo - ok
03:40:05.0585 57768 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
03:40:05.0586 57768 lmimirr - ok
03:40:05.0602 57768 LMIRfsClientNP - ok
03:40:05.0626 57768 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
03:40:05.0627 57768 LMIRfsDriver - ok
03:40:05.0663 57768 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
03:40:05.0664 57768 LSI_FC - ok
03:40:05.0736 57768 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
03:40:05.0738 57768 LSI_SAS - ok
03:40:05.0751 57768 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
03:40:05.0753 57768 LSI_SCSI - ok
03:40:05.0796 57768 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
03:40:05.0797 57768 luafv - ok
03:40:05.0885 57768 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
03:40:05.0887 57768 MBAMProtector - ok
03:40:05.0914 57768 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
03:40:05.0916 57768 mdmxsdk - ok
03:40:05.0942 57768 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
03:40:05.0944 57768 megasas - ok
03:40:05.0973 57768 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
03:40:05.0975 57768 Modem - ok
03:40:06.0060 57768 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
03:40:06.0062 57768 monitor - ok
03:40:06.0087 57768 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
03:40:06.0087 57768 mouclass - ok
03:40:06.0153 57768 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
03:40:06.0154 57768 mouhid - ok
03:40:06.0189 57768 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
03:40:06.0190 57768 MountMgr - ok
03:40:06.0270 57768 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
03:40:06.0271 57768 mpio - ok
03:40:06.0305 57768 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
03:40:06.0307 57768 mpsdrv - ok
03:40:06.0329 57768 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
03:40:06.0331 57768 Mraid35x - ok
03:40:06.0369 57768 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
03:40:06.0371 57768 MRxDAV - ok
03:40:06.0486 57768 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
03:40:06.0489 57768 mrxsmb - ok
03:40:06.0540 57768 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:40:06.0543 57768 mrxsmb10 - ok
03:40:06.0559 57768 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:40:06.0561 57768 mrxsmb20 - ok
03:40:06.0591 57768 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
03:40:06.0592 57768 msahci - ok
03:40:06.0668 57768 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
03:40:06.0670 57768 msdsm - ok
03:40:06.0717 57768 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
03:40:06.0718 57768 Msfs - ok
03:40:06.0763 57768 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
03:40:06.0764 57768 msisadrv - ok
03:40:06.0856 57768 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
03:40:06.0857 57768 MSKSSRV - ok
03:40:06.0876 57768 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
03:40:06.0878 57768 MSPCLOCK - ok
03:40:06.0887 57768 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
03:40:06.0888 57768 MSPQM - ok
03:40:06.0930 57768 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
03:40:06.0933 57768 MsRPC - ok
03:40:07.0019 57768 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
03:40:07.0021 57768 mssmbios - ok
03:40:07.0047 57768 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
03:40:07.0047 57768 MSTEE - ok
03:40:07.0080 57768 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
03:40:07.0082 57768 Mup - ok
03:40:07.0207 57768 MXOPSWD (216ac775320f64de28cfeb7c179c4ff9) C:\Windows\system32\DRIVERS\mxopswd.sys
03:40:07.0208 57768 MXOPSWD - ok
03:40:07.0261 57768 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
03:40:07.0263 57768 NativeWifiP - ok
03:40:07.0301 57768 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
03:40:07.0309 57768 NDIS - ok
03:40:07.0389 57768 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
03:40:07.0390 57768 NdisTapi - ok
03:40:07.0422 57768 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
03:40:07.0423 57768 Ndisuio - ok
03:40:07.0463 57768 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
03:40:07.0465 57768 NdisWan - ok
03:40:07.0551 57768 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
03:40:07.0553 57768 NDProxy - ok
03:40:07.0591 57768 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
03:40:07.0592 57768 NetBIOS - ok
03:40:07.0634 57768 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
03:40:07.0637 57768 netbt - ok
03:40:07.0727 57768 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
03:40:07.0729 57768 nfrd960 - ok
03:40:07.0770 57768 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
03:40:07.0771 57768 Npfs - ok
03:40:07.0809 57768 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
03:40:07.0810 57768 nsiproxy - ok
03:40:07.0918 57768 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
03:40:07.0931 57768 Ntfs - ok
03:40:07.0955 57768 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
03:40:07.0956 57768 ntrigdigi - ok
03:40:08.0041 57768 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
03:40:08.0042 57768 Null - ok
03:40:08.0115 57768 NVENETFD (74c825c573aa6e115590d94e7bf86901) C:\Windows\system32\DRIVERS\nvmfdx32.sys
03:40:08.0127 57768 NVENETFD - ok
03:40:08.0365 57768 nvlddmkm (fbba09782f2fac5a57619df378ba9372) C:\Windows\system32\DRIVERS\nvlddmkm.sys
03:40:08.0503 57768 nvlddmkm - ok
03:40:08.0584 57768 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
03:40:08.0586 57768 nvraid - ok
03:40:08.0608 57768 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
03:40:08.0609 57768 nvstor - ok
03:40:08.0643 57768 nvstor32 (a1ce1a6fd74c046f029448fcfa5e386d) C:\Windows\system32\drivers\nvstor32.sys
03:40:08.0644 57768 nvstor32 - ok
03:40:08.0664 57768 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
03:40:08.0666 57768 nv_agp - ok
03:40:08.0724 57768 NwlnkFlt - ok
03:40:08.0737 57768 NwlnkFwd - ok
03:40:08.0776 57768 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
03:40:08.0780 57768 ohci1394 - ok
03:40:08.0820 57768 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
03:40:08.0822 57768 Parport - ok
03:40:08.0886 57768 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
03:40:08.0887 57768 partmgr - ok
03:40:08.0900 57768 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
03:40:08.0902 57768 Parvdm - ok
03:40:08.0944 57768 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
03:40:08.0947 57768 pci - ok
03:40:08.0965 57768 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
03:40:08.0966 57768 pciide - ok
03:40:09.0031 57768 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
03:40:09.0034 57768 pcmcia - ok
03:40:09.0112 57768 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
03:40:09.0123 57768 PEAUTH - ok
03:40:09.0209 57768 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
03:40:09.0211 57768 PptpMiniport - ok
03:40:09.0271 57768 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
03:40:09.0272 57768 Processor - ok
03:40:09.0316 57768 Ps2 (390c204ced3785609ab24e9c52054a84) C:\Windows\system32\DRIVERS\PS2.sys
03:40:09.0318 57768 Ps2 - ok
03:40:09.0357 57768 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
03:40:09.0358 57768 PSched - ok
03:40:09.0423 57768 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
03:40:09.0425 57768 PxHelp20 - ok
03:40:09.0475 57768 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
03:40:09.0480 57768 ql2300 - ok
03:40:09.0504 57768 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
03:40:09.0507 57768 ql40xx - ok
03:40:09.0563 57768 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
03:40:09.0565 57768 QWAVEdrv - ok
03:40:09.0595 57768 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
03:40:09.0596 57768 RasAcd - ok
03:40:09.0646 57768 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
03:40:09.0648 57768 Rasl2tp - ok
03:40:09.0720 57768 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
03:40:09.0722 57768 RasPppoe - ok
03:40:09.0743 57768 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
03:40:09.0745 57768 RasSstp - ok
03:40:09.0762 57768 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
03:40:09.0766 57768 rdbss - ok
03:40:09.0801 57768 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
03:40:09.0802 57768 RDPCDD - ok
03:40:09.0888 57768 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
03:40:09.0893 57768 rdpdr - ok
03:40:09.0901 57768 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
03:40:09.0903 57768 RDPENCDD - ok
03:40:09.0947 57768 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
03:40:09.0950 57768 RDPWD - ok
03:40:10.0010 57768 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
03:40:10.0011 57768 rspndr - ok
03:40:10.0089 57768 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
03:40:10.0091 57768 sbp2port - ok
03:40:10.0122 57768 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
03:40:10.0123 57768 secdrv - ok
03:40:10.0147 57768 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
03:40:10.0149 57768 Serenum - ok
03:40:10.0165 57768 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
03:40:10.0168 57768 Serial - ok
03:40:10.0205 57768 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
03:40:10.0206 57768 sermouse - ok
03:40:10.0296 57768 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
03:40:10.0298 57768 sffdisk - ok
03:40:10.0316 57768 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
03:40:10.0317 57768 sffp_mmc - ok
03:40:10.0340 57768 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
03:40:10.0341 57768 sffp_sd - ok
03:40:10.0358 57768 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
03:40:10.0359 57768 sfloppy - ok
03:40:10.0436 57768 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
03:40:10.0438 57768 sisagp - ok
03:40:10.0462 57768 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
03:40:10.0463 57768 SiSRaid2 - ok
03:40:10.0478 57768 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
03:40:10.0480 57768 SiSRaid4 - ok
03:40:10.0517 57768 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
03:40:10.0519 57768 Smb - ok
03:40:10.0831 57768 SNPSTD3 (11bb0e11d42cc3a43d741d9b30839be1) C:\Windows\system32\DRIVERS\snpstd3.sys
03:40:11.0032 57768 SNPSTD3 - ok
03:40:11.0109 57768 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
03:40:11.0111 57768 spldr - ok
03:40:11.0190 57768 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
03:40:11.0195 57768 srv - ok
03:40:11.0256 57768 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
03:40:11.0258 57768 srv2 - ok
03:40:11.0278 57768 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
03:40:11.0280 57768 srvnet - ok
03:40:11.0371 57768 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys
03:40:11.0373 57768 sscdbus - ok
03:40:11.0411 57768 sscdmdfl (8a1be0c347814f482f493aea619d57f6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
03:40:11.0412 57768 sscdmdfl - ok
03:40:11.0457 57768 sscdmdm (5ab0b1987f682a59b15b78f84c6ad7d0) C:\Windows\system32\DRIVERS\sscdmdm.sys
03:40:11.0459 57768 sscdmdm - ok
03:40:11.0527 57768 sscdserd (751e66eb32efa80633b80f5d7ff0a1d8) C:\Windows\system32\DRIVERS\sscdserd.sys
03:40:11.0529 57768 sscdserd - ok
03:40:11.0590 57768 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
03:40:11.0591 57768 ssmdrv - ok
03:40:11.0636 57768 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
03:40:11.0637 57768 StillCam - ok
03:40:11.0700 57768 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
03:40:11.0702 57768 swenum - ok
03:40:11.0757 57768 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
03:40:11.0759 57768 Symc8xx - ok
03:40:11.0797 57768 SYMDNS (1d8fb1e5d6859d38e3ebca5febc6839f) C:\Windows\System32\Drivers\SYMDNS.SYS
03:40:11.0798 57768 SYMDNS - ok
03:40:11.0862 57768 SymEvent (9e4188476848b2ef86f9c44d5164e724) C:\Windows\system32\Drivers\SYMEVENT.SYS
03:40:11.0863 57768 SymEvent - ok
03:40:11.0892 57768 SYMFW (91fcddf2cbaf898126ae7dfa5ce570ed) C:\Windows\System32\Drivers\SYMFW.SYS
03:40:11.0895 57768 SYMFW - ok
03:40:11.0908 57768 SYMIDS (9584e278787ad65e82eec5694f77cb54) C:\Windows\System32\Drivers\SYMIDS.SYS
03:40:11.0910 57768 SYMIDS - ok
03:40:11.0946 57768 SYMNDISV (60350bc7919e6e45dd8130ad55665f48) C:\Windows\System32\Drivers\SYMNDISV.SYS
03:40:11.0948 57768 SYMNDISV - ok
03:40:11.0998 57768 SYMREDRV (9181892e5af5df8d2ac3d9d2cea48afd) C:\Windows\System32\Drivers\SYMREDRV.SYS
03:40:11.0999 57768 SYMREDRV - ok
03:40:12.0019 57768 SYMTDI (d539f317e6caaa4e08911a84c2180938) C:\Windows\System32\Drivers\SYMTDI.SYS
03:40:12.0023 57768 SYMTDI - ok
03:40:12.0066 57768 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
03:40:12.0067 57768 Sym_hi - ok
03:40:12.0094 57768 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
03:40:12.0095 57768 Sym_u3 - ok
03:40:12.0209 57768 Tcpip (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\drivers\tcpip.sys
03:40:12.0220 57768 Tcpip - ok
03:40:12.0261 57768 Tcpip6 (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\DRIVERS\tcpip.sys
03:40:12.0266 57768 Tcpip6 - ok
03:40:12.0307 57768 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
03:40:12.0308 57768 tcpipreg - ok
03:40:12.0373 57768 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
03:40:12.0374 57768 TDPIPE - ok
03:40:12.0403 57768 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
03:40:12.0404 57768 TDTCP - ok
03:40:12.0447 57768 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
03:40:12.0449 57768 tdx - ok
03:40:12.0493 57768 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
03:40:12.0495 57768 TermDD - ok
03:40:12.0582 57768 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
03:40:12.0583 57768 tssecsrv - ok
03:40:12.0620 57768 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
03:40:12.0621 57768 tunmp - ok
03:40:12.0682 57768 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
03:40:12.0683 57768 tunnel - ok
03:40:12.0742 57768 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
03:40:12.0744 57768 uagp35 - ok
03:40:12.0782 57768 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
03:40:12.0786 57768 udfs - ok
03:40:12.0829 57768 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
03:40:12.0831 57768 uliagpkx - ok
03:40:12.0852 57768 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
03:40:12.0856 57768 uliahci - ok
03:40:12.0915 57768 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
03:40:12.0918 57768 UlSata - ok
03:40:12.0938 57768 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
03:40:12.0941 57768 ulsata2 - ok
03:40:12.0991 57768 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
03:40:12.0992 57768 umbus - ok
03:40:13.0054 57768 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
03:40:13.0056 57768 USBAAPL - ok
03:40:13.0102 57768 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
03:40:13.0104 57768 usbaudio - ok
03:40:13.0172 57768 usbbus (5353218b3265e3b8190335059f697a11) C:\Windows\system32\DRIVERS\lgusbbus.sys
03:40:13.0173 57768 usbbus - ok
03:40:13.0231 57768 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
03:40:13.0234 57768 usbccgp - ok
03:40:13.0263 57768 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
03:40:13.0265 57768 usbcir - ok
03:40:13.0315 57768 UsbDiag (7dd3eefc62a1ef44e5f940fa651ed9ed) C:\Windows\system32\DRIVERS\lgusbdiag.sys
03:40:13.0316 57768 UsbDiag - ok
03:40:13.0353 57768 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
03:40:13.0354 57768 usbehci - ok
03:40:13.0428 57768 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
03:40:13.0431 57768 usbhub - ok
03:40:13.0482 57768 USBModem (083031a78822eccbd7510bccd3e20d4c) C:\Windows\system32\DRIVERS\lgusbmodem.sys
03:40:13.0483 57768 USBModem - ok
03:40:13.0501 57768 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
03:40:13.0502 57768 usbohci - ok
03:40:13.0574 57768 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
03:40:13.0576 57768 usbprint - ok
03:40:13.0613 57768 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
03:40:13.0614 57768 usbscan - ok
03:40:13.0662 57768 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:40:13.0663 57768 USBSTOR - ok
03:40:13.0692 57768 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
03:40:13.0693 57768 usbuhci - ok
03:40:13.0748 57768 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
03:40:13.0750 57768 vga - ok
03:40:13.0781 57768 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
03:40:13.0783 57768 VgaSave - ok
03:40:13.0825 57768 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
03:40:13.0827 57768 viaagp - ok
03:40:13.0847 57768 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
03:40:13.0849 57768 ViaC7 - ok
03:40:13.0904 57768 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
03:40:13.0905 57768 viaide - ok
03:40:13.0935 57768 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
03:40:13.0937 57768 volmgr - ok
03:40:13.0994 57768 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
03:40:13.0999 57768 volmgrx - ok
03:40:14.0050 57768 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
03:40:14.0054 57768 volsnap - ok
03:40:14.0094 57768 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
03:40:14.0096 57768 vsmraid - ok
03:40:14.0145 57768 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
03:40:14.0147 57768 WacomPen - ok
03:40:14.0177 57768 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
03:40:14.0178 57768 Wanarp - ok
03:40:14.0193 57768 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
03:40:14.0194 57768 Wanarpv6 - ok
03:40:14.0245 57768 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
03:40:14.0247 57768 Wd - ok
03:40:14.0292 57768 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
03:40:14.0300 57768 Wdf01000 - ok
03:40:14.0385 57768 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
03:40:14.0393 57768 winachsf - ok
03:40:14.0471 57768 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
03:40:14.0472 57768 WmiAcpi - ok
03:40:14.0558 57768 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
03:40:14.0559 57768 WpdUsb - ok
03:40:14.0624 57768 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
03:40:14.0625 57768 ws2ifsl - ok
03:40:14.0697 57768 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
03:40:14.0700 57768 WUDFRd - ok
03:40:14.0736 57768 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
03:40:14.0737 57768 XAudio - ok
03:40:14.0771 57768 MBR (0x1B8) (8913823ff508ccf109db74b636c301da) \Device\Harddisk0\DR0
03:40:14.0804 57768 \Device\Harddisk0\DR0 - ok
03:40:14.0837 57768 MBR (0x1B8) (a4a15d6782e6fe1dce41a606cb3affe3) \Device\Harddisk6\DR6
03:40:15.0660 57768 \Device\Harddisk6\DR6 - ok
03:40:15.0671 57768 Boot (0x1200) (70b8d41842d56e6187a65da7808ccf92) \Device\Harddisk0\DR0\Partition0
03:40:15.0672 57768 \Device\Harddisk0\DR0\Partition0 - ok
03:40:15.0675 57768 Boot (0x1200) (fdfcb2b6a11a3469c6bac483c852d6d8) \Device\Harddisk0\DR0\Partition1
03:40:15.0676 57768 \Device\Harddisk0\DR0\Partition1 - ok
03:40:15.0691 57768 Boot (0x1200) (2727c5861400f09ddea8135a113a3b92) \Device\Harddisk6\DR6\Partition0
03:40:15.0699 57768 \Device\Harddisk6\DR6\Partition0 - ok
03:40:15.0699 57768 ============================================================
03:40:15.0699 57768 Scan finished
03:40:15.0699 57768 ============================================================
03:40:15.0710 13288 Detected object count: 1
03:40:15.0710 13288 Actual detected object count: 1
03:41:00.0301 13288 f4f610d6 ( Rootkit.Win32.PMax.gen ) - User select action: Quarantine
03:41:06.0608 31636 ============================================================
03:41:06.0608 31636 Scan started
03:41:06.0608 31636 Mode: Manual;
03:41:06.0608 31636 ============================================================
03:41:06.0844 31636 56068045 (89fdba391985968401f51a5c577933cd) C:\Windows\system32\drivers\98560963.sys
03:41:06.0890 31636 62794571 (89fdba391985968401f51a5c577933cd) C:\Windows\system32\drivers\63478084.sys
03:41:06.0927 31636 a2acc - ok
03:41:06.0971 31636 ACPI (fcb8c7210f0135e24c6580f7f649c73c) C:\Windows\system32\drivers\acpi.sys
03:41:06.0973 31636 ACPI - ok
03:41:07.0057 31636 adfs (6d7f09cd92a9fef3a8efce66231fdd79) C:\Windows\system32\drivers\adfs.sys
03:41:07.0058 31636 adfs - ok
03:41:07.0097 31636 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
03:41:07.0099 31636 adp94xx - ok
03:41:07.0121 31636 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
03:41:07.0123 31636 adpahci - ok
03:41:07.0191 31636 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
03:41:07.0192 31636 adpu160m - ok
03:41:07.0212 31636 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
03:41:07.0213 31636 adpu320 - ok
03:41:07.0277 31636 AFD (48eb99503533c27ac6135648e5474457) C:\Windows\system32\drivers\afd.sys
03:41:07.0279 31636 AFD - ok
03:41:07.0314 31636 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
03:41:07.0315 31636 agp440 - ok
03:41:07.0381 31636 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
03:41:07.0382 31636 aic78xx - ok
03:41:07.0399 31636 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
03:41:07.0400 31636 aliide - ok
03:41:07.0420 31636 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
03:41:07.0421 31636 amdagp - ok
03:41:07.0451 31636 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
03:41:07.0452 31636 amdide - ok
03:41:07.0464 31636 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
03:41:07.0465 31636 AmdK7 - ok
03:41:07.0546 31636 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys
03:41:07.0547 31636 AmdK8 - ok
03:41:07.0592 31636 AnyDVD (133b7b6d6a3ec9e46fbe742ee1516c37) C:\Windows\system32\Drivers\AnyDVD.sys
03:41:07.0593 31636 AnyDVD - ok
03:41:07.0631 31636 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
03:41:07.0631 31636 arc - ok
03:41:07.0699 31636 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
03:41:07.0700 31636 arcsas - ok
03:41:07.0730 31636 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
03:41:07.0731 31636 AsyncMac - ok
03:41:07.0768 31636 atapi (2d9c903dc76a66813d350a562de40ed9) C:\Windows\system32\drivers\atapi.sys
03:41:07.0768 31636 atapi - ok
03:41:07.0800 31636 ATMhelpr (3ef1db7f168851914517d4ed36b57c04) C:\Windows\system32\drivers\ATMhelpr.sys
03:41:07.0801 31636 ATMhelpr - ok
03:41:07.0892 31636 avgntflt (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
03:41:07.0893 31636 avgntflt - ok
03:41:07.0908 31636 avipbb (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
03:41:07.0909 31636 avipbb - ok
03:41:07.0931 31636 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
03:41:07.0932 31636 Beep - ok
03:41:07.0949 31636 blbdrive - ok
03:41:07.0991 31636 bowser (8153396d5551276227fa146900f734e6) C:\Windows\system32\DRIVERS\bowser.sys
03:41:07.0992 31636 bowser - ok
03:41:08.0088 31636 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
03:41:08.0089 31636 BrFiltLo - ok
03:41:08.0101 31636 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
03:41:08.0102 31636 BrFiltUp - ok
03:41:08.0120 31636 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\Drivers\Brserid.sys
03:41:08.0120 31636 Brserid - ok
03:41:08.0135 31636 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
03:41:08.0136 31636 BrSerWdm - ok
03:41:08.0154 31636 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
03:41:08.0154 31636 BrUsbMdm - ok
03:41:08.0171 31636 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\Drivers\BrUsbSer.sys
03:41:08.0172 31636 BrUsbSer - ok
03:41:08.0250 31636 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
03:41:08.0251 31636 BTHMODEM - ok
03:41:08.0292 31636 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
03:41:08.0293 31636 cdfs - ok
03:41:08.0323 31636 cdrom (1ec25cea0de6ac4718bf89f9e1778b57) C:\Windows\system32\DRIVERS\cdrom.sys
03:41:08.0324 31636 cdrom - ok
03:41:08.0342 31636 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
03:41:08.0342 31636 circlass - ok
03:41:08.0419 31636 CLFS (465745561c832b29f7c48b488aab3842) C:\Windows\system32\CLFS.sys
03:41:08.0421 31636 CLFS - ok
03:41:08.0460 31636 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
03:41:08.0461 31636 cmdide - ok
03:41:08.0472 31636 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
03:41:08.0473 31636 Compbatt - ok
03:41:08.0493 31636 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
03:41:08.0494 31636 crcdisk - ok
03:41:08.0556 31636 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
03:41:08.0557 31636 Crusoe - ok
03:41:08.0623 31636 DfsC (a3e9fa213f443ac77c7746119d13feec) C:\Windows\system32\Drivers\dfsc.sys
03:41:08.0624 31636 DfsC - ok
03:41:08.0666 31636 disk (64109e623abd6955c8fb110b592e68b7) C:\Windows\system32\drivers\disk.sys
03:41:08.0666 31636 disk - ok
03:41:08.0703 31636 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys
03:41:08.0704 31636 Dot4 - ok
03:41:08.0765 31636 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys
03:41:08.0766 31636 Dot4Print - ok
03:41:08.0785 31636 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys
03:41:08.0785 31636 dot4usb - ok
03:41:08.0822 31636 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
03:41:08.0822 31636 drmkaud - ok
03:41:08.0869 31636 DXGKrnl (85f33880b8cfb554bd3d9ccdb486845a) C:\Windows\System32\drivers\dxgkrnl.sys
03:41:08.0873 31636 DXGKrnl - ok
03:41:08.0948 31636 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
03:41:08.0949 31636 E1G60 - ok
03:41:08.0991 31636 Ecache (dd2cd259d83d8b72c02c5f2331ff9d68) C:\Windows\system32\drivers\ecache.sys
03:41:08.0992 31636 Ecache - ok
03:41:09.0062 31636 eeCtrl (e89cc1363cb7f5320ae3b41c1333d0c3) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
03:41:09.0065 31636 eeCtrl - ok
03:41:09.0152 31636 ElbyCDIO (d71233d7ccc2e64f8715a20428d5a33b) C:\Windows\system32\Drivers\ElbyCDIO.sys
03:41:09.0153 31636 ElbyCDIO - ok
03:41:09.0183 31636 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
03:41:09.0185 31636 elxstor - ok
03:41:09.0260 31636 EraserUtilRebootDrv (e7d1a496c71cd56bdd97f32c9141a03b) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
03:41:09.0261 31636 EraserUtilRebootDrv - ok
03:41:09.0362 31636 exfat (0d858eb20589a34efb25695acaa6aa2d) C:\Windows\system32\drivers\exfat.sys
03:41:09.0364 31636 exfat - ok
03:41:09.0388 31636 f4f610d6 ( Rootkit.Win32.PMax.gen ) - infected
03:41:09.0388 31636 f4f610d6 - detected Rootkit.Win32.PMax.gen (0)
03:41:09.0436 31636 fastfat (3c489390c2e2064563727752af8eab9e) C:\Windows\system32\drivers\fastfat.sys
03:41:09.0437 31636 fastfat - ok
03:41:09.0466 31636 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
03:41:09.0466 31636 fdc - ok
03:41:09.0542 31636 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
03:41:09.0543 31636 FileInfo - ok
03:41:09.0571 31636 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
03:41:09.0572 31636 Filetrace - ok
03:41:09.0586 31636 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
03:41:09.0586 31636 flpydisk - ok
03:41:09.0624 31636 FltMgr (05ea53afe985443011e36dab07343b46) C:\Windows\system32\drivers\fltmgr.sys
03:41:09.0625 31636 FltMgr - ok
03:41:09.0702 31636 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
03:41:09.0702 31636 Fs_Rec - ok
03:41:09.0733 31636 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
03:41:09.0733 31636 gagp30kx - ok
03:41:09.0766 31636 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys
03:41:09.0767 31636 GEARAspiWDM - ok
03:41:09.0805 31636 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
03:41:09.0807 31636 HdAudAddService - ok
03:41:09.0882 31636 HDAudBus (c87b1ee051c0464491c1a7b03fa0bc99) C:\Windows\system32\DRIVERS\HDAudBus.sys
03:41:09.0883 31636 HDAudBus - ok
03:41:09.0912 31636 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
03:41:09.0913 31636 HidBth - ok
03:41:09.0932 31636 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
03:41:09.0933 31636 HidIr - ok
03:41:09.0968 31636 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
03:41:09.0969 31636 HidUsb - ok
03:41:10.0050 31636 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
03:41:10.0051 31636 HpCISSs - ok
03:41:10.0107 31636 HSF_DP (88749fbf8beb18c90e7d6626c8c1910b) C:\Windows\system32\DRIVERS\HSX_DP.sys
03:41:10.0113 31636 HSF_DP - ok
03:41:10.0132 31636 HSXHWBS2 (fe440536bd98af772130dc3a6fe1915f) C:\Windows\system32\DRIVERS\HSXHWBS2.sys
03:41:10.0134 31636 HSXHWBS2 - ok
03:41:10.0221 31636 HTTP (96e241624c71211a79c84f50a8e71cab) C:\Windows\system32\drivers\HTTP.sys
03:41:10.0224 31636 HTTP - ok
03:41:10.0244 31636 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
03:41:10.0245 31636 i2omp - ok
03:41:10.0278 31636 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
03:41:10.0278 31636 i8042prt - ok
03:41:10.0352 31636 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
03:41:10.0354 31636 iaStorV - ok
03:41:10.0384 31636 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
03:41:10.0385 31636 iirsp - ok
03:41:10.0456 31636 IntcAzAudAddService (edc37b918e583a5a813c53d4f5588255) C:\Windows\system32\drivers\RTKVHDA.sys
03:41:10.0468 31636 IntcAzAudAddService - ok
03:41:10.0547 31636 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
03:41:10.0547 31636 intelide - ok
03:41:10.0566 31636 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
03:41:10.0567 31636 intelppm - ok
03:41:10.0606 31636 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
03:41:10.0608 31636 IpFilterDriver - ok
03:41:10.0675 31636 IpInIp - ok
03:41:10.0704 31636 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
03:41:10.0705 31636 IPMIDRV - ok
03:41:10.0743 31636 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
03:41:10.0744 31636 IPNAT - ok
03:41:10.0779 31636 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
03:41:10.0780 31636 IRENUM - ok
03:41:10.0863 31636 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
03:41:10.0863 31636 isapnp - ok
03:41:10.0896 31636 iScsiPrt (f247eec28317f6c739c16de420097301) C:\Windows\system32\DRIVERS\msiscsi.sys
03:41:10.0898 31636 iScsiPrt - ok
03:41:10.0912 31636 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
03:41:10.0913 31636 iteatapi - ok
03:41:10.0937 31636 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
03:41:10.0938 31636 iteraid - ok
03:41:11.0025 31636 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
03:41:11.0026 31636 kbdclass - ok
03:41:11.0057 31636 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
03:41:11.0057 31636 kbdhid - ok
03:41:11.0105 31636 KSecDD (7a0cf7908b6824d6a2a1d313e5ae3dca) C:\Windows\system32\Drivers\ksecdd.sys
03:41:11.0109 31636 KSecDD - ok
03:41:11.0212 31636 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
03:41:11.0213 31636 lltdio - ok
03:41:11.0281 31636 LMIInfo (4f69faaabb7db0d43e327c0b6aab40fc) C:\Program Files\LogMeIn\x86\RaInfo.sys
03:41:11.0281 31636 LMIInfo - ok
03:41:11.0319 31636 lmimirr (4477689e2d8ae6b78ba34c9af4cc1ed1) C:\Windows\system32\DRIVERS\lmimirr.sys
03:41:11.0319 31636 lmimirr - ok
03:41:11.0383 31636 LMIRfsClientNP - ok
03:41:11.0401 31636 LMIRfsDriver (3faa563ddf853320f90259d455a01d79) C:\Windows\system32\drivers\LMIRfsDriver.sys
03:41:11.0402 31636 LMIRfsDriver - ok
03:41:11.0438 31636 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
03:41:11.0439 31636 LSI_FC - ok
03:41:11.0453 31636 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
03:41:11.0454 31636 LSI_SAS - ok
03:41:11.0468 31636 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
03:41:11.0469 31636 LSI_SCSI - ok
03:41:11.0521 31636 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
03:41:11.0522 31636 luafv - ok
03:41:11.0585 31636 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
03:41:11.0586 31636 MBAMProtector - ok
03:41:11.0623 31636 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
03:41:11.0624 31636 mdmxsdk - ok
03:41:11.0651 31636 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
03:41:11.0652 31636 megasas - ok
03:41:11.0715 31636 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
03:41:11.0716 31636 Modem - ok
03:41:11.0786 31636 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
03:41:11.0786 31636 monitor - ok
03:41:11.0803 31636 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
03:41:11.0804 31636 mouclass - ok
03:41:11.0870 31636 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
03:41:11.0871 31636 mouhid - ok
03:41:11.0931 31636 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
03:41:11.0932 31636 MountMgr - ok
03:41:11.0987 31636 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
03:41:11.0987 31636 mpio - ok
03:41:12.0022 31636 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
03:41:12.0023 31636 mpsdrv - ok
03:41:12.0046 31636 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
03:41:12.0047 31636 Mraid35x - ok
03:41:12.0102 31636 MRxDAV (ae3de84536b6799d2267443cec8edbb9) C:\Windows\system32\drivers\mrxdav.sys
03:41:12.0104 31636 MRxDAV - ok
03:41:12.0195 31636 mrxsmb (5734a0f2be7e495f7d3ed6efd4b9f5a1) C:\Windows\system32\DRIVERS\mrxsmb.sys
03:41:12.0196 31636 mrxsmb - ok
03:41:12.0248 31636 mrxsmb10 (6b5fa5adfacac9dbbe0991f4566d7d55) C:\Windows\system32\DRIVERS\mrxsmb10.sys
03:41:12.0250 31636 mrxsmb10 - ok
03:41:12.0284 31636 mrxsmb20 (5c80d8159181c7abf1b14ba703b01e0b) C:\Windows\system32\DRIVERS\mrxsmb20.sys
03:41:12.0285 31636 mrxsmb20 - ok
03:41:12.0317 31636 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
03:41:12.0317 31636 msahci - ok
03:41:12.0368 31636 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
03:41:12.0369 31636 msdsm - ok
03:41:12.0417 31636 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
03:41:12.0418 31636 Msfs - ok
03:41:12.0471 31636 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
03:41:12.0472 31636 msisadrv - ok
03:41:12.0506 31636 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
03:41:12.0507 31636 MSKSSRV - ok
03:41:12.0560 31636 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
03:41:12.0561 31636 MSPCLOCK - ok
03:41:12.0570 31636 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
03:41:12.0571 31636 MSPQM - ok
03:41:12.0614 31636 MsRPC (b5614aecb05a9340aa0fb55bf561cc63) C:\Windows\system32\drivers\MsRPC.sys
03:41:12.0615 31636 MsRPC - ok
03:41:12.0669 31636 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
03:41:12.0670 31636 mssmbios - ok
03:41:12.0730 31636 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
03:41:12.0731 31636 MSTEE - ok
03:41:12.0764 31636 Mup (6dfd1d322de55b0b7db7d21b90bec49c) C:\Windows\system32\Drivers\mup.sys
03:41:12.0765 31636 Mup - ok
03:41:12.0849 31636 MXOPSWD (216ac775320f64de28cfeb7c179c4ff9) C:\Windows\system32\DRIVERS\mxopswd.sys
03:41:12.0850 31636 MXOPSWD - ok
03:41:12.0919 31636 NativeWifiP (3c21ce48ff529bb73dadb98770b54025) C:\Windows\system32\DRIVERS\nwifi.sys
03:41:12.0921 31636 NativeWifiP - ok
03:41:12.0968 31636 NDIS (9bdc71790fa08f0a0b5f10462b1bd0b1) C:\Windows\system32\drivers\ndis.sys
03:41:12.0972 31636 NDIS - ok
03:41:13.0056 31636 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
03:41:13.0057 31636 NdisTapi - ok
03:41:13.0089 31636 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
03:41:13.0090 31636 Ndisuio - ok
03:41:13.0130 31636 NdisWan (3d14c3b3496f88890d431e8aa022a411) C:\Windows\system32\DRIVERS\ndiswan.sys
03:41:13.0131 31636 NdisWan - ok
03:41:13.0168 31636 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
03:41:13.0169 31636 NDProxy - ok
03:41:13.0258 31636 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
03:41:13.0259 31636 NetBIOS - ok
03:41:13.0301 31636 netbt (7c5fee5b1c5728507cd96fb4a13e7a02) C:\Windows\system32\DRIVERS\netbt.sys
03:41:13.0303 31636 netbt - ok
03:41:13.0336 31636 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
03:41:13.0337 31636 nfrd960 - ok
03:41:13.0378 31636 Npfs (ecb5003f484f9ed6c608d6d6c7886cbb) C:\Windows\system32\drivers\Npfs.sys
03:41:13.0379 31636 Npfs - ok
03:41:13.0468 31636 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
03:41:13.0468 31636 nsiproxy - ok
03:41:13.0527 31636 Ntfs (b4effe29eb4f15538fd8a9681108492d) C:\Windows\system32\drivers\Ntfs.sys
03:41:13.0533 31636 Ntfs - ok
03:41:13.0606 31636 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
03:41:13.0606 31636 ntrigdigi - ok
03:41:13.0641 31636 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
03:41:13.0642 31636 Null - ok
03:41:13.0691 31636 NVENETFD (74c825c573aa6e115590d94e7bf86901) C:\Windows\system32\DRIVERS\nvmfdx32.sys
03:41:13.0697 31636 NVENETFD - ok
03:41:13.0932 31636 nvlddmkm (fbba09782f2fac5a57619df378ba9372) C:\Windows\system32\DRIVERS\nvlddmkm.sys
03:41:13.0971 31636 nvlddmkm - ok
03:41:14.0051 31636 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
03:41:14.0052 31636 nvraid - ok
03:41:14.0066 31636 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
03:41:14.0067 31636 nvstor - ok
03:41:14.0102 31636 nvstor32 (a1ce1a6fd74c046f029448fcfa5e386d) C:\Windows\system32\drivers\nvstor32.sys
03:41:14.0103 31636 nvstor32 - ok
03:41:14.0122 31636 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
03:41:14.0123 31636 nv_agp - ok
03:41:14.0183 31636 NwlnkFlt - ok
03:41:14.0193 31636 NwlnkFwd - ok
03:41:14.0226 31636 ohci1394 (790e27c3db53410b40ff9ef2fd10a1d9) C:\Windows\system32\DRIVERS\ohci1394.sys
03:41:14.0227 31636 ohci1394 - ok
03:41:14.0262 31636 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
03:41:14.0263 31636 Parport - ok
03:41:14.0294 31636 partmgr (3b38467e7c3daed009dfe359e17f139f) C:\Windows\system32\drivers\partmgr.sys
03:41:14.0295 31636 partmgr - ok
03:41:14.0351 31636 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
03:41:14.0351 31636 Parvdm - ok
03:41:14.0395 31636 pci (01b94418deb235dff777cc80076354b4) C:\Windows\system32\drivers\pci.sys
03:41:14.0396 31636 pci - ok
03:41:14.0415 31636 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
03:41:14.0416 31636 pciide - ok
03:41:14.0454 31636 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
03:41:14.0455 31636 pcmcia - ok
03:41:14.0537 31636 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
03:41:14.0543 31636 PEAUTH - ok
03:41:14.0626 31636 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
03:41:14.0627 31636 PptpMiniport - ok
03:41:14.0654 31636 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
03:41:14.0655 31636 Processor - ok
03:41:14.0725 31636 Ps2 (390c204ced3785609ab24e9c52054a84) C:\Windows\system32\DRIVERS\PS2.sys
03:41:14.0725 31636 Ps2 - ok
03:41:14.0758 31636 PSched (bfef604508a0ed1eae2a73e872555ffb) C:\Windows\system32\DRIVERS\pacer.sys
03:41:14.0759 31636 PSched - ok
03:41:14.0798 31636 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\Windows\system32\Drivers\PxHelp20.sys
03:41:14.0799 31636 PxHelp20 - ok
03:41:14.0850 31636 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
03:41:14.0856 31636 ql2300 - ok
03:41:14.0905 31636 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
03:41:14.0906 31636 ql40xx - ok
03:41:14.0939 31636 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
03:41:14.0940 31636 QWAVEdrv - ok
03:41:14.0970 31636 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
03:41:14.0972 31636 RasAcd - ok
03:41:15.0013 31636 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
03:41:15.0014 31636 Rasl2tp - ok
03:41:15.0065 31636 RasPppoe (3e9d9b048107b40d87b97df2e48e0744) C:\Windows\system32\DRIVERS\raspppoe.sys
03:41:15.0066 31636 RasPppoe - ok
03:41:15.0102 31636 RasSstp (a7d141684e9500ac928a772ed8e6b671) C:\Windows\system32\DRIVERS\rassstp.sys
03:41:15.0103 31636 RasSstp - ok
03:41:15.0121 31636 rdbss (6e1c5d0457622f9ee35f683110e93d14) C:\Windows\system32\DRIVERS\rdbss.sys
03:41:15.0123 31636 rdbss - ok
03:41:15.0159 31636 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
03:41:15.0160 31636 RDPCDD - ok
03:41:15.0230 31636 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
03:41:15.0232 31636 rdpdr - ok
03:41:15.0253 31636 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
03:41:15.0254 31636 RDPENCDD - ok
03:41:15.0298 31636 RDPWD (e1c18f4097a5abcec941dc4b2f99db7e) C:\Windows\system32\drivers\RDPWD.sys
03:41:15.0299 31636 RDPWD - ok
03:41:15.0369 31636 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
03:41:15.0370 31636 rspndr - ok
03:41:15.0431 31636 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
03:41:15.0432 31636 sbp2port - ok
03:41:15.0472 31636 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
03:41:15.0473 31636 secdrv - ok
03:41:15.0497 31636 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
03:41:15.0498 31636 Serenum - ok
03:41:15.0516 31636 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
03:41:15.0517 31636 Serial - ok
03:41:15.0555 31636 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
03:41:15.0556 31636 sermouse - ok
03:41:15.0621 31636 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
03:41:15.0622 31636 sffdisk - ok
03:41:15.0642 31636 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
03:41:15.0642 31636 sffp_mmc - ok
03:41:15.0657 31636 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
03:41:15.0658 31636 sffp_sd - ok
03:41:15.0675 31636 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
03:41:15.0675 31636 sfloppy - ok
03:41:15.0736 31636 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
03:41:15.0737 31636 sisagp - ok
03:41:15.0762 31636 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
03:41:15.0763 31636 SiSRaid2 - ok
03:41:15.0779 31636 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
03:41:15.0780 31636 SiSRaid4 - ok
03:41:15.0817 31636 Smb (031e6bcd53c9b2b9ace111eafec347b6) C:\Windows\system32\DRIVERS\smb.sys
03:41:15.0818 31636 Smb - ok
03:41:16.0098 31636 SNPSTD3 (11bb0e11d42cc3a43d741d9b30839be1) C:\Windows\system32\DRIVERS\snpstd3.sys
03:41:16.0156 31636 SNPSTD3 - ok
03:41:16.0234 31636 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
03:41:16.0235 31636 spldr - ok
03:41:16.0307 31636 srv (2252aef839b1093d16761189f45af885) C:\Windows\system32\DRIVERS\srv.sys
03:41:16.0309 31636 srv - ok
03:41:16.0364 31636 srv2 (b7ff59408034119476b00a81bb53d5d1) C:\Windows\system32\DRIVERS\srv2.sys
03:41:16.0366 31636 srv2 - ok
03:41:16.0386 31636 srvnet (2accc9b12af02030f531e6cca6f8b76e) C:\Windows\system32\DRIVERS\srvnet.sys
03:41:16.0387 31636 srvnet - ok
03:41:16.0472 31636 sscdbus (d5dffeaa1e15d4effabb9d9a3068ac5b) C:\Windows\system32\DRIVERS\sscdbus.sys
03:41:16.0472 31636 sscdbus - ok
03:41:16.0503 31636 sscdmdfl (8a1be0c347814f482f493aea619d57f6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
03:41:16.0504 31636 sscdmdfl - ok
03:41:16.0541 31636 sscdmdm (5ab0b1987f682a59b15b78f84c6ad7d0) C:\Windows\system32\DRIVERS\sscdmdm.sys
03:41:16.0542 31636 sscdmdm - ok
03:41:16.0577 31636 sscdserd (751e66eb32efa80633b80f5d7ff0a1d8) C:\Windows\system32\DRIVERS\sscdserd.sys
03:41:16.0579 31636 sscdserd - ok
03:41:16.0665 31636 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
03:41:16.0666 31636 ssmdrv - ok
03:41:16.0711 31636 StillCam (ef70b3d22b4bffda6ea851ecb063efaa) C:\Windows\system32\DRIVERS\serscan.sys
03:41:16.0712 31636 StillCam - ok
03:41:16.0742 31636 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
03:41:16.0743 31636 swenum - ok
03:41:16.0782 31636 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
03:41:16.0783 31636 Symc8xx - ok
03:41:16.0864 31636 SYMDNS (1d8fb1e5d6859d38e3ebca5febc6839f) C:\Windows\System32\Drivers\SYMDNS.SYS
03:41:16.0865 31636 SYMDNS - ok
03:41:16.0895 31636 SymEvent (9e4188476848b2ef86f9c44d5164e724) C:\Windows\system32\Drivers\SYMEVENT.SYS
03:41:16.0897 31636 SymEvent - ok
03:41:16.0907 31636 SYMFW (91fcddf2cbaf898126ae7dfa5ce570ed) C:\Windows\System32\Drivers\SYMFW.SYS
03:41:16.0909 31636 SYMFW - ok
03:41:16.0926 31636 SYMIDS (9584e278787ad65e82eec5694f77cb54) C:\Windows\System32\Drivers\SYMIDS.SYS
03:41:16.0926 31636 SYMIDS - ok
03:41:17.0013 31636 SYMNDISV (60350bc7919e6e45dd8130ad55665f48) C:\Windows\System32\Drivers\SYMNDISV.SYS
03:41:17.0014 31636 SYMNDISV - ok
03:41:17.0048 31636 SYMREDRV (9181892e5af5df8d2ac3d9d2cea48afd) C:\Windows\System32\Drivers\SYMREDRV.SYS
03:41:17.0049 31636 SYMREDRV - ok
03:41:17.0069 31636 SYMTDI (d539f317e6caaa4e08911a84c2180938) C:\Windows\System32\Drivers\SYMTDI.SYS
03:41:17.0071 31636 SYMTDI - ok
03:41:17.0100 31636 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
03:41:17.0100 31636 Sym_hi - ok
03:41:17.0169 31636 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
03:41:17.0170 31636 Sym_u3 - ok
03:41:17.0260 31636 Tcpip (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\drivers\tcpip.sys
03:41:17.0265 31636 Tcpip - ok
03:41:17.0285 31636 Tcpip6 (6216a954ed7045b62880a92d6c9b9fc7) C:\Windows\system32\DRIVERS\tcpip.sys
03:41:17.0291 31636 Tcpip6 - ok
03:41:17.0324 31636 tcpipreg (d4a2e4a4b011f3a883af77315a5ae76b) C:\Windows\system32\drivers\tcpipreg.sys
03:41:17.0325 31636 tcpipreg - ok
03:41:17.0406 31636 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
03:41:17.0407 31636 TDPIPE - ok
03:41:17.0436 31636 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
03:41:17.0437 31636 TDTCP - ok
03:41:17.0473 31636 tdx (d09276b1fab033ce1d40dcbdf303d10f) C:\Windows\system32\DRIVERS\tdx.sys
03:41:17.0474 31636 tdx - ok
03:41:17.0502 31636 TermDD (a048056f5e1a96a9bf3071b91741a5aa) C:\Windows\system32\DRIVERS\termdd.sys
03:41:17.0502 31636 TermDD - ok
03:41:17.0541 31636 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
03:41:17.0542 31636 tssecsrv - ok
03:41:17.0628 31636 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
03:41:17.0629 31636 tunmp - ok
03:41:17.0666 31636 tunnel (6042505ff6fa9ac1ef7684d0e03b6940) C:\Windows\system32\DRIVERS\tunnel.sys
03:41:17.0667 31636 tunnel - ok
03:41:17.0701 31636 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
03:41:17.0701 31636 uagp35 - ok
03:41:17.0782 31636 udfs (8b5088058fa1d1cd897a2113ccff6c58) C:\Windows\system32\DRIVERS\udfs.sys
03:41:17.0784 31636 udfs - ok
03:41:17.0813 31636 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
03:41:17.0814 31636 uliagpkx - ok
03:41:17.0836 31636 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
03:41:17.0838 31636 uliahci - ok
03:41:17.0866 31636 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
03:41:17.0867 31636 UlSata - ok
03:41:17.0939 31636 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
03:41:17.0940 31636 ulsata2 - ok
03:41:17.0966 31636 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
03:41:17.0967 31636 umbus - ok
03:41:18.0013 31636 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\Windows\system32\Drivers\usbaapl.sys
03:41:18.0013 31636 USBAAPL - ok
03:41:18.0061 31636 usbaudio (292a25bb75a568ae2c67169ba2c6365a) C:\Windows\system32\drivers\usbaudio.sys
03:41:18.0061 31636 usbaudio - ok
03:41:18.0123 31636 usbbus (5353218b3265e3b8190335059f697a11) C:\Windows\system32\DRIVERS\lgusbbus.sys
03:41:18.0123 31636 usbbus - ok
03:41:18.0157 31636 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
03:41:18.0158 31636 usbccgp - ok
03:41:18.0188 31636 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
03:41:18.0189 31636 usbcir - ok
03:41:18.0224 31636 UsbDiag (7dd3eefc62a1ef44e5f940fa651ed9ed) C:\Windows\system32\DRIVERS\lgusbdiag.sys
03:41:18.0224 31636 UsbDiag - ok
03:41:18.0270 31636 usbehci (cebe90821810e76320155beba722fcf9) C:\Windows\system32\DRIVERS\usbehci.sys
03:41:18.0270 31636 usbehci - ok
03:41:18.0320 31636 usbhub (cc6b28e4ce39951357963119ce47b143) C:\Windows\system32\DRIVERS\usbhub.sys
03:41:18.0321 31636 usbhub - ok
03:41:18.0374 31636 USBModem (083031a78822eccbd7510bccd3e20d4c) C:\Windows\system32\DRIVERS\lgusbmodem.sys
03:41:18.0374 31636 USBModem - ok
03:41:18.0401 31636 usbohci (7bdb7b0e7d45ac0402d78b90789ef47c) C:\Windows\system32\DRIVERS\usbohci.sys
03:41:18.0402 31636 usbohci - ok
03:41:18.0441 31636 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
03:41:18.0442 31636 usbprint - ok
03:41:18.0480 31636 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
03:41:18.0481 31636 usbscan - ok
03:41:18.0537 31636 USBSTOR (87ba6b83c5d19b69160968d07d6e2982) C:\Windows\system32\DRIVERS\USBSTOR.SYS
03:41:18.0538 31636 USBSTOR - ok
03:41:18.0584 31636 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
03:41:18.0585 31636 usbuhci - ok
03:41:18.0607 31636 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
03:41:18.0608 31636 vga - ok
03:41:18.0656 31636 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
03:41:18.0657 31636 VgaSave - ok
03:41:18.0676 31636 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
03:41:18.0676 31636 viaagp - ok
03:41:18.0723 31636 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
03:41:18.0724 31636 ViaC7 - ok
03:41:18.0754 31636 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
03:41:18.0755 31636 viaide - ok
03:41:18.0811 31636 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
03:41:18.0812 31636 volmgr - ok
03:41:18.0853 31636 volmgrx (98f5ffe6316bd74e9e2c97206c190196) C:\Windows\system32\drivers\volmgrx.sys
03:41:18.0855 31636 volmgrx - ok
03:41:18.0900 31636 volsnap (d8b4a53dd2769f226b3eb374374987c9) C:\Windows\system32\drivers\volsnap.sys
03:41:18.0901 31636 volsnap - ok
03:41:18.0952 31636 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
03:41:18.0953 31636 vsmraid - ok
03:41:19.0004 31636 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
03:41:19.0005 31636 WacomPen - ok
03:41:19.0052 31636 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
03:41:19.0053 31636 Wanarp - ok
03:41:19.0058 31636 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
03:41:19.0059 31636 Wanarpv6 - ok
03:41:19.0104 31636 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
03:41:19.0105 31636 Wd - ok
03:41:19.0151 31636 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
03:41:19.0155 31636 Wdf01000 - ok
03:41:19.0252 31636 winachsf (72cc6a8ca7891031d6380db5025c773c) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
03:41:19.0256 31636 winachsf - ok
03:41:19.0313 31636 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
03:41:19.0314 31636 WmiAcpi - ok
03:41:19.0367 31636 WpdUsb (0cec23084b51b8288099eb710224e955) C:\Windows\system32\DRIVERS\wpdusb.sys
03:41:19.0368 31636 WpdUsb - ok
03:41:19.0441 31636 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
03:41:19.0442 31636 ws2ifsl - ok
03:41:19.0489 31636 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
03:41:19.0491 31636 WUDFRd - ok
03:41:19.0528 31636 XAudio (dab33cfa9dd24251aaa389ff36b64d4b) C:\Windows\system32\DRIVERS\xaudio.sys
03:41:19.0528 31636 XAudio - ok
03:41:19.0547 31636 MBR (0x1B8) (8913823ff508ccf109db74b636c301da) \Device\Harddisk0\DR0
03:41:19.0579 31636 \Device\Harddisk0\DR0 - ok
03:41:19.0619 31636 MBR (0x1B8) (a4a15d6782e6fe1dce41a606cb3affe3) \Device\Harddisk6\DR6
03:41:20.0440 31636 \Device\Harddisk6\DR6 - ok
03:41:20.0455 31636 Boot (0x1200) (70b8d41842d56e6187a65da7808ccf92) \Device\Harddisk0\DR0\Partition0
03:41:20.0455 31636 \Device\Harddisk0\DR0\Partition0 - ok
03:41:20.0460 31636 Boot (0x1200) (fdfcb2b6a11a3469c6bac483c852d6d8) \Device\Harddisk0\DR0\Partition1
03:41:20.0460 31636 \Device\Harddisk0\DR0\Partition1 - ok
03:41:20.0478 31636 Boot (0x1200) (2727c5861400f09ddea8135a113a3b92) \Device\Harddisk6\DR6\Partition0
03:41:20.0486 31636 \Device\Harddisk6\DR6\Partition0 - ok
03:41:20.0487 31636 ============================================================
03:41:20.0487 31636 Scan finished
03:41:20.0487 31636 ============================================================
03:41:20.0497 8016 Detected object count: 1
03:41:20.0497 8016 Actual detected object count: 1
03:41:42.0213 8016 f4f610d6 ( Rootkit.Win32.PMax.gen ) - User select action: Quarantine
03:42:03.0240 16996 Deinitialize success


ComboFix 11-10-19.06 - joylynn 10/27/2011 4:16.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3454.2354 [GMT -7:00]
Running from: c:\users\joylynn\Desktop\ComboFix2.exe
AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
- REDUCED FUNCTIONALITY MODE -
.
ADS - Windows: deleted 24 bytes in 1 streams.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\_Setup.dll
c:\programdata\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\_Setupx.dll
c:\programdata\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\Setup.dat
c:\programdata\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\Setup.exe
c:\programdata\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\Setup.ico
c:\windows\expl.dat
c:\windows\system32\drivers\etc\hosts.txt
c:\windows\system32\jucheck.exe
c:\windows\system32\jusched.exe
c:\windows\system32\svch.dat
c:\windows\system32\winl.dat
M:\Autorun.inf
.
c:\windows\explorer.exe . . . is infected!! . . .Failed to restore. Attempting to replace on reboot
.
Infected copy of c:\windows\System32\svchost.exe was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
.
c:\windows\System32\winlogon.exe . . . is infected!! . . .Failed to restore. Attempting to replace on reboot
.
Infected copy of c:\windows\explorer.exe was found and disinfected
Restored copy from - c:\windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
Infected copy of c:\windows\System32\winlogon.exe was found and disinfected
Restored copy from - c:\windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
Infected copy of c:\windows\System32\svchost.exe was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
.
((((((((((((((((((((((((( Files Created from 2011-09-27 to 2011-10-27 )))))))))))))))))))))))))))))))
.
.
2011-10-27 11:19 . 2011-10-27 11:25 -------- d-----w- c:\users\joylynn\AppData\Local\temp
2011-10-27 11:19 . 2011-10-27 11:19 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp
2011-10-27 11:19 . 2011-10-27 11:19 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp
2011-10-27 11:19 . 2011-10-27 11:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-27 11:19 . 2011-10-27 11:19 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-10-17 04:00 . 2011-10-17 04:00 -------- d-----w- c:\users\Administrator\AppData\Roaming\Malwarebytes
2011-10-17 03:32 . 2011-10-17 03:32 388096 ----a-r- c:\users\joylynn\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-10-17 02:17 . 2011-10-20 09:41 -------- d-----w- C:\MGADiagToolOutput
2011-10-17 02:15 . 2011-10-17 02:15 -------- d-----w- c:\programdata\Office Genuine Advantage
2011-10-17 01:54 . 2011-10-17 01:54 -------- d-----w- c:\users\joylynn\AppData\Roaming\Avira
2011-10-03 13:28 . 2011-09-01 00:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-03 13:25 . 2011-07-21 19:15 138192 ----a-w- c:\windows\system32\drivers\avipbb.sys
2011-10-03 13:25 . 2011-07-21 19:15 66616 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2011-10-03 13:25 . 2011-10-03 13:25 -------- d-----w- c:\programdata\Avira
2011-10-03 13:25 . 2011-10-03 13:25 -------- d-----w- c:\program files\Avira
2011-10-03 12:33 . 2011-10-03 12:33 -------- d-----w- c:\program files\Trend Micro
2011-10-03 07:05 . 2011-10-03 07:05 -------- d-----w- c:\users\joylynn\AppData\Roaming\yahoo!
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-27 11:21 . 2011-10-27 11:03 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{771DCE72-6D46-4F30-95C4-07859C5A9F36}\offreg.dll
2011-10-03 12:39 . 2008-06-12 20:51 54784 ----a-w- c:\windows\system32\drivers\i8042prt.sys
2011-09-26 09:30 . 2011-09-26 09:30 94208 ----a-w- c:\programdata\DisplayTrayManager.dll
2011-09-12 23:14 . 2011-09-23 08:51 7269712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{771DCE72-6D46-4F30-95C4-07859C5A9F36}\mpengine.dll
2011-08-30 22:11 . 2011-06-16 05:14 273408 ----a-w- c:\windows\system32\drivers\afd.sys
2011-09-07 20:28 . 2011-06-03 10:29 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"AnyDVD"="c:\program files\SlySoft\AnyDVD\AnyDVDtray.exe" [2011-06-17 5140088]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"cdloader"="c:\users\joylynn\AppData\Roaming\mjusbsp\cdloader2.exe" [2011-05-16 50592]
"VeohPlugin"="c:\program files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe" [2008-12-16 3528440]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-06-01 5252408]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"AOL OCP Update"="c:\users\joylynn\AppData\Local\AOL OCP\AOLUpdate\AOLupdt32.exe" [2011-09-26 87040]
"DisplayTrayManager"="c:\programdata\DisplayTrayManager.dll" [2011-09-26 94208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-05-24 71176]
"nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2006-06-24 1029712]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2007-08-03 63048]
"AGEIA PhysX SysTray"="c:\program files\AGEIA Technologies\TrayIcon.exe" [2006-03-20 331776]
"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2008-06-12 37232]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2008-06-12 640376]
"hpbdfawep"="c:\program files\HP\Dfawep\bin\hpbdfawep.exe" [2007-04-25 954368]
"PrnStatusMX"="c:\program files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe" [2007-07-14 1077248]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-09 54840]
"mxomssmenu"="c:\program files\Maxtor\OneTouch Status\maxmenumgr.exe" [2007-09-06 169264]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-10 35736]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-10 932288]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-08 421160]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2011-04-21 281768]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-09-01 449608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-04-03 44168]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 110592]
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 110592]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [1999-3-21 65588]
Snapfish Media Detector.lnk - c:\program files\Snapfish Picture Mover\SnapfishMediaDetector.exe [2007-5-7 1273856]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
2007-01-09 22:59 115816 ----a-w- c:\program files\Common Files\Symantec Shared\ccApp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DisplayTrayManager]
2011-09-26 09:30 94208 ----a-w- c:\programdata\DisplayTrayManager.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
2006-12-08 16:16 65536 ----a-w- c:\hp\KBD\KbdStub.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2009-03-17 20:17 2387968 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2008-05-22 21:49 13539872 ----a-w- c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2008-05-22 21:49 92704 ----a-w- c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snpstd3]
2006-09-19 17:07 827392 ----a-w- c:\windows\vsnpstd3.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateReg]
2007-04-07 09:56 54936 ----a-w- c:\windows\System32\jureg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
2008-01-30 00:38 583048 ----a-w- c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 a2AntiMalware;Emsisoft Anti-Malware 5.1 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 135664]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-09-01 366152]
R3 a2acc;a2acc;c:\program files\EMSISOFT ANTI-MALWARE\a2accx86.sys [x]
R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 135664]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S1 ATMhelpr;ATMhelpr; [x]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2011-04-21 136360]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [2011-07-18 374152]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [2008-02-28 12856]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2008-01-18 109616]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-09-01 22216]
S3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2007-10-31 37936]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
HPService REG_MULTI_SZ HPSLPSVC
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\shell\AutoRun\command - F:\autorun.exe
\shell\phone\command - F:\autorun.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{80ceb365-4de2-11dd-88bb-001d609c520a}]
\shell\AutoRun\command - K:\autorun.exe
\shell\phone\command - K:\autorun.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e52ebc9d-4037-11de-a988-001d609c520a}]
\shell\AutoRun\command - K:\autorun.exe
\shell\phone\command - K:\autorun.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f26fe9d4-cb34-11dc-bf67-001d609c520a}]
\shell\AutoRun\command - L:\LaunchU3.exe -a
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f26fe9d5-cb34-11dc-bf67-001d609c520a}]
\shell\AutoRun\command - M:\d.com
\shell\explore\Command - M:\d.com
\shell\open\Command - M:\d.com
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2009-03-08 11:32 128512 ----a-w- c:\windows\System32\advpack.dll
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 16:56]
.
2011-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-06 16:56]
.
2011-10-27 c:\windows\Tasks\HP WEP.job
- c:\program files\HP\Dfawep\bin\hpbdfawep.exe [2007-04-25 21:28]
.
2011-10-27 c:\windows\Tasks\HPCeeScheduleForjoylynn.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-09-27 23:55]
.
2011-10-27 c:\windows\Tasks\RegCure Program Check.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 23:20]
.
2011-10-27 c:\windows\Tasks\RegCure.job
- c:\program files\RegCure\RegCure.exe [2010-05-19 23:20]
.
2011-10-27 c:\windows\Tasks\User_Feed_Synchronization-{A5DC2E62-20D3-4BB2-A30C-C5C329E38109}.job
- c:\windows\system32\msfeedssync.exe [2011-06-16 04:32]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
Trusted Zone: secureserver.net\email
TCP: DhcpNameServer = 192.168.0.1
DPF: Web-Based Email Tools - hxxp://email.secureserver.net/Download.CAB
FF - ProfilePath - c:\users\joylynn\AppData\Roaming\Mozilla\Firefox\Profiles\modvzzop.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/sli ... ie7&query=
FF - prefs.js: browser.search.selectedEngine - Bing
FF - prefs.js: browser.startup.homepage - www.yahoo.com
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=Z128&form ... 0110829&q=
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - (no file)
SafeBoot-33470211.sys
SafeBoot-56068045.sys
SafeBoot-62794571.sys
SafeBoot-66797100.sys
SafeBoot-67733131.sys
MSConfigStartUp--1270128792 - c:\users\joylynn\AppData\Local\Temp\\jucheck.exe
MSConfigStartUp-Mregaduxox - c:\users\joylynn\AppData\Local\insid32.dll
MSConfigStartUp-StartNowToolbarHelper - c:\program files\StartNow Toolbar\ToolbarHelper.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-27 04:25
Windows 6.0.6001 Service Pack 1 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
.
c:\windows\$NtUninstallKB7135$:SummaryInformation 0 bytes hidden from API
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Symantec Shared\ccSvcHst.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Pure Networks\Network Magic\nmsrvc.exe
c:\windows\system32\WUDFHost.exe
c:\windows\servicing\TrustedInstaller.exe
c:\windows\RtHDVCpl.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\System32\rundll32.exe
c:\windows\ehome\ehmsas.exe
c:\windows\System32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\Yahoo!\Messenger\ymsgr_tray.exe
c:\windows\system32\consent.exe
c:\windows\System32\schtasks.exe
c:\windows\System32\wsqmcons.exe
.
**************************************************************************
.
Completion time: 2011-10-27 04:31:28 - machine was rebooted
ComboFix-quarantined-files.txt 2011-10-27 11:31
.
Pre-Run: 56,384,294,912 bytes free
Post-Run: 56,366,780,416 bytes free
.
- - End Of File - - F49EAD3EBFDA6C02BD6881C96C412B91
rjmc
Regular Member
 
Posts: 22
Joined: October 16th, 2011, 11:14 pm

Re: Updates Fail, Firefox won't connect, IE does, but redire

Unread postby pgmigg » October 27th, 2011, 2:56 pm

Hello rjmc,

Please tell me, is this computer used for business purposes or connected to a business network?
I need to know it - so I can provide the proper instructions.

Thanks,
pgmigg
User avatar
pgmigg
Admin/Teacher
Admin/Teacher
 
Posts: 5457
Joined: July 8th, 2008, 1:25 pm
Location: GMT-05:00

Re: Updates Fail, Firefox won't connect, IE does, but redire

Unread postby rjmc » October 29th, 2011, 8:22 am

Hi pgmigg,

It's my home office pc. It is not connected to a business network. You're doing a great job, cuz I see a little change. IE is not crashing as often and it's not redirecting to ad pages.

Thanks,
rjmc
rjmc
Regular Member
 
Posts: 22
Joined: October 16th, 2011, 11:14 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 142 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware