also @ TechSpot: Oculus Rift secures $16 million in Series A round of funding

IC8D1A13...infection

Discussion in 'Virus and Malware Removal' started by randy, Jul 12, 2012.

Post New Reply
Page 3 of 7

  1. Broni Malware Annihilator Posts: 40,022   +187

    Go on with other scans...
    Broni, Jul 18, 2012
    #41

  2. randy Newcomer, in training Posts: 79

    GMER takin a while..
    randy, Jul 18, 2012
    #42

  3. randy Newcomer, in training Posts: 79

    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-07-18 23:14:34
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 TOSHIBA_MK1637GSX rev.DL020M
    Running: gmer.exe; Driver: C:\DOCUME~1\RANDYE~1\LOCALS~1\Temp\kgtdrpob.sys


    ---- System - GMER 1.0.15 ----

    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xAD01DF3C]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xAD01DFE4]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xAD01E080]
    SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xAD01E11C]

    ---- Kernel code sections - GMER 1.0.15 ----

    ? autjgr.sys The system cannot find the file specified. !
    .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB9D98360, 0x21DDFD, 0xE8000020]
    init C:\WINDOWS\system32\drivers\tifm21.sys entry point in "init" section [0xB9B93EBF]

    ---- Devices - GMER 1.0.15 ----

    AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
    AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
    AttachedDevice \Driver\Tcpip \Device\Tcp fssfltr_tdi.sys (Family Safety Filter Driver (TDI)/Microsoft Corporation)
    AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )

    ---- Files - GMER 1.0.15 ----

    File C:\WINDOWS\$NtUninstallKB21703$\2332286916 0 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\@ 2048 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\bckfg.tmp 758 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\cfg.ini 191 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\Desktop.ini 4608 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\keywords 363 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\kwrd.dll 223744 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\L 0 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\L\00000004.@ 218 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\L\1afb2d56 70 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\L\201d3dde 154 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\L\ebeoiplt 62976 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\U 0 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\U\00000001.@ 1536 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\U\00000002.@ 224768 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\U\00000004.@ 1024 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\U\80000000.@ 66560 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\U\80000004.@ 1024 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2332286916\U\80000032.@ 95744 bytes
    File C:\WINDOWS\$NtUninstallKB21703$\2587071871 0 bytes

    ---- EOF - GMER 1.0.15 ----
    randy, Jul 19, 2012
    #43

  4. randy Newcomer, in training Posts: 79

    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
    Run by Randy Enns at 23:18:05 on 2012-07-18
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1128 [GMT -5:00]
    .
    AV: Norton Internet Security 2006 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton Internet Worm Protection *Disabled*
    FW: Norton Internet Security 2006 *Enabled*
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    svchost.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
    C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\Toshiba.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Ask.com\Updater\Updater.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\AVG Secure Search\vprot.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\PIXELA\Everio MediaBrowser 3\MBCameraMonitor.exe
    C:\WINDOWS\system32\RAMASST.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Documents and Settings\Randy Enns\Desktop\gmer.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\WINDOWS\system32\rundll32.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://search.bearshare.com/
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.35.10\bh\BabylonToolbar.dll
    BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
    BHO: UrlHelper Class: {74322bf9-df26-493f-b0da-6d2fc5e6429e} - c:\progra~1\bearsh~1\mediabar\datamngr\IEBHO.dll
    BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.12\AVG Secure Search_toolbar.dll
    BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\progra~1\bearsh~1\mediabar\datamngr\toolbar\bsdtxmltbpi.dll
    BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: MediaBar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\progra~1\bearsh~1\mediabar\datamngr\toolbar\bsdtxmltbpi.dll
    TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.35.10\BabylonToolbarTlbr.dll
    TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
    TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.12\AVG Secure Search_toolbar.dll
    TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
    TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
    TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
    uRun: [TOSCDSPD] c:\program files\toshiba\toscdspd\toscdspd.exe
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [Alcmtr] ALCMTR.EXE
    mRun: [NDSTray.exe] NDSTray.exe
    mRun: [TFncKy] TFncKy.exe
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
    mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [NVRotateSysTray] rundll32.exe c:\windows\system32\nvsysrot.dll,Enable
    mRun: [TPSMain] TPSMain.exe
    mRun: [CFSServ.exe] CFSServ.exe -NoClient
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [DATAMNGR] c:\progra~1\bearsh~1\mediabar\datamngr\DATAMN~1.EXE
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [<NO NAME>]
    mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
    mRun: [HF_G_Jul] "c:\program files\avg secure search\HF_G_Jul.exe" /DoAction
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
    StartupFolder: c:\docume~1\randye~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office11\ONENOTEM.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\device~1.lnk - c:\program files\pixela\everio mediabrowser 3\MBCameraMonitor.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
    IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    LSP: mswsock.dll
    DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.0.1
    TCP: Interfaces\{762FBD51-8777-4DD8-B6E4-C3C9D20C54D2} : DhcpNameServer = 192.168.0.1
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\11.2.0\ViProtocol.dll
    Notify: GoToAssist Express Customer - c:\program files\citrix\gotoassist express customer\209\g2ax_winlogon.dll
    AppInit_DLLs: c:\progra~1\bearsh~1\mediabar\datamngr\datamngr.dll c:\progra~1\bearsh~1\mediabar\datamngr\IEBHO.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\randy enns\application data\mozilla\firefox\profiles\fjj6xe7h.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=IEFM1&q=
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://canuckscorner.com/
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&q=
    FF - component: c:\documents and settings\randy enns\application data\mozilla\firefox\profiles\fjj6xe7h.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\FFExternalAlert.dll
    FF - component: c:\documents and settings\randy enns\application data\mozilla\firefox\profiles\fjj6xe7h.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCore.dll
    FF - component: c:\program files\bearshare applications\mediabar\datamngr\firefoxextension\components\DataMngrHlpFF3.dll
    FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
    FF - plugin: c:\documents and settings\randy enns\application data\mozilla\firefox\profiles\fjj6xe7h.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\plugins\np-mswmp.dll
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\11.2.0\npsitesafety.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: c:\program files\microsoft\office live\npOLW.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2010-9-13 23120]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 32592]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-12-8 230608]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 40016]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]
    R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2010-2-24 54752]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-7-18 655944]
    R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    R2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\11.2.0\ToolbarUpdater.exe [2012-7-10 935008]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2010-8-3 134608]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2010-8-3 24272]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2010-8-3 16720]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-7-18 22344]
    S2 ccEvtMgr;Symantec Event Manager;"c:\program files\common files\symantec shared\ccevtmgr.exe" --> c:\program files\common files\symantec shared\ccEvtMgr.exe [?]
    S2 ccSetMgr;Symantec Settings Manager;"c:\program files\common files\symantec shared\ccsetmgr.exe" --> c:\program files\common files\symantec shared\ccSetMgr.exe [?]
    S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2011-2-5 374152]
    S2 mbr;Blueletscoaudio;c:\windows\system32\svchost.exe -k netsvcs [2006-1-29 14336]
    S2 mcafeeframework;Starwindserviceae;c:\windows\system32\svchost.exe -k netsvcs [2006-1-29 14336]
    S2 mcdetect.exe;Rdpnp;c:\windows\system32\svchost.exe -k netsvcs [2006-1-29 14336]
    S2 mclogmanagerservice;ACDaemon;c:\windows\system32\svchost.exe -k netsvcs [2006-1-29 14336]
    S2 ZDCNDIS5;VMAUDIO;c:\windows\system32\svchost.exe -k netsvcs [2006-1-29 14336]
    S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2009-8-6 704864]
    S3 GoToAssist Express Customer;GoToAssist Express Customer;c:\program files\citrix\gotoassist express customer\209\g2ax_service.exe [2010-2-23 161144]
    S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-7-12 113120]
    S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [2011-11-4 18432]
    S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;"c:\program files\roxio creator 2009\digital home 11\roxioupnprenderer11.exe" --> c:\program files\roxio creator 2009\digital home 11\RoxioUPnPRenderer11.exe [?]
    .
    =============== Created Last 30 ================
    .
    2012-07-19 01:16:00 -------- d-----w- c:\documents and settings\randy enns\application data\Malwarebytes
    2012-07-19 01:15:54 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
    2012-07-19 01:15:53 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-07-19 01:15:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-07-17 22:35:33 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
    2012-07-17 22:35:33 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
    2012-07-11 20:16:01 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
    2012-07-11 19:07:20 -------- d-----w- C:\3359bb307089d46d58a69cb8
    2012-07-11 18:29:56 -------- d-----w- c:\documents and settings\randy enns\local settings\application data\AVG Secure Search
    2012-07-10 18:21:07 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
    2012-07-10 18:05:03 -------- d-----w- c:\windows\system32\cache
    2012-07-07 16:38:47 -------- d-----w- c:\documents and settings\randy enns\application data\AVG Secure Search
    .
    ==================== Find3M ====================
    .
    2012-06-13 13:19:59 1866112 ------w- c:\windows\system32\win32k.sys
    2012-06-05 15:50:25 1372672 ------w- c:\windows\system32\msxml6.dll
    2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll
    2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll
    2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
    2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
    2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
    2012-06-02 19:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
    2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
    2012-06-02 19:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
    2012-06-02 19:18:58 214256 ----a-w- c:\windows\system32\muweb.dll
    2012-06-02 19:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
    2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
    2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll
    2012-05-11 14:42:33 43520 ------w- c:\windows\system32\licmgr10.dll
    2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2012-05-11 11:38:02 385024 ------w- c:\windows\system32\html.iec
    2012-05-04 13:16:13 2148352 ------w- c:\windows\system32\ntoskrnl.exe
    2012-05-04 12:32:19 2026496 ------w- c:\windows\system32\ntkrnlpa.exe
    2012-05-02 13:46:36 139656 ------w- c:\windows\system32\drivers\rdpwd.sys
    .
    ============= FINISH: 23:18:43.32 ===============
    randy, Jul 19, 2012
    #44

  5. randy Newcomer, in training Posts: 79

    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 2/14/2007 10:46:56 AM
    System Uptime: 7/18/2012 9:01:00 PM (2 hours ago)
    .
    Motherboard: Intel Corporation | | MPAD-MSAE Customer Reference Boards
    Processor: Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz | U1 | 1828/mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 139 GiB total, 103.518 GiB free.
    D: is FIXED (NTFS) - 10 GiB total, 7.948 GiB free.
    E: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
    Description: CD-ROM Drive
    Device ID: IDE\CDROMPIONEER_DVD-RW__DVR-K16A________________1.63____\46_0444A354C323431315739204C202020202020
    Manufacturer: (Standard CD-ROM drives)
    Name: PIONEER DVD-RW DVR-K16A
    PNP Device ID: IDE\CDROMPIONEER_DVD-RW__DVR-K16A________________1.63____\46_0444A354C323431315739204C202020202020
    Service: cdrom
    .
    ==== System Restore Points ===================
    .
    RP801: 5/1/2012 8:03:24 PM - Software Distribution Service 3.0
    RP802: 5/12/2012 12:08:40 AM - Software Distribution Service 3.0
    RP803: 7/7/2012 1:06:22 PM - System Checkpoint
    RP804: 7/10/2012 1:58:35 PM - System Checkpoint
    RP805: 7/11/2012 1:40:14 PM - Software Distribution Service 3.0
    RP806: 7/11/2012 2:05:13 PM - Software Distribution Service 3.0
    RP807: 7/11/2012 2:30:13 PM - Software Distribution Service 3.0
    RP808: 7/11/2012 6:51:48 PM - Software Distribution Service 3.0
    RP809: 7/13/2012 8:03:38 PM - Software Distribution Service 3.0
    RP810: 7/14/2012 9:19:41 PM - Software Distribution Service 3.0
    RP811: 7/15/2012 11:54:40 PM - Software Distribution Service 3.0
    RP812: 7/17/2012 2:41:58 PM - System Checkpoint
    RP813: 7/18/2012 7:33:41 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader 9.4.5
    Adobe Reader Japanese Fonts
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Ask Toolbar
    Ask Toolbar Updater
    AVG 2012
    Babylon toolbar on IE
    Bluetooth Stack for Windows by Toshiba
    Bonjour
    CC_ccProxyExt
    ccCommon
    CCleaner (remove only)
    ccPxyCore
    CD/DVD Drive Acoustic Silencer
    Compatibility Pack for the 2007 Office system
    Critical Update for Windows Media Player 11 (KB959772)
    DVD-RAM Driver
    Everio MediaBrowser 3
    FirstClassEd9
    FTP Voyager 15.1
    GoToAssist Express Customer 1.3.0.209
    High Definition Audio Driver Package - KB888111
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB954708)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    Intel(R) PRO Network Connections Drivers
    Intel(R) PROSet/Wireless Software
    InterVideo WinDVD Creator 2
    InterVideo WinDVD for TOSHIBA
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 26
    Junk Mail filter update
    Malwarebytes Anti-Malware version 1.62.0.1300
    mCore
    mDrWiFi
    MediaBar
    mHelp
    Microsoft .NET Framework 1.0 Hotfix (KB2572066)
    Microsoft .NET Framework 1.0 Hotfix (KB2604042)
    Microsoft .NET Framework 1.0 Hotfix (KB2656378)
    Microsoft .NET Framework 1.0 Hotfix (KB953295)
    Microsoft .NET Framework 1.0 Hotfix (KB979904)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656353)
    Microsoft .NET Framework 1.1 Security Update (KB2656370)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Basic Edition 2003
    Microsoft Office File Validation Add-In
    Microsoft Office Live Add-in 1.5
    Microsoft Office OneNote 2003
    Microsoft Office Outlook Connector
    Microsoft Office Professional Edition 2003
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    mIWA
    mLogView
    mMHouse
    MobileMe Control Panel
    Motorola Phone Tools
    Mozilla Firefox 13.0.1 (x86 en-US)
    Mozilla Maintenance Service
    mPfMgr
    mPfWiz
    mProSafe
    MSVCRT
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    mWlsSafe
    mXML
    mZConfig
    Need3Space
    Norton Internet Security
    Norton Protection Center
    NVIDIA Drivers
    OpenOffice.org Installer 1.0
    Opera 9.26
    Otto
    Print2RDP Client
    QuickTime
    Realtek High Definition Audio Driver
    Rhapsody Player Engine
    Safari
    SD Secure Module
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB933566)
    Security Update for Windows Internet Explorer 7 (KB937143)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB2482017)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2530548)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2699988)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2718523)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Segoe UI
    Skype Click to Call
    Skypeâ„¢ 5.5
    SmartSound Quicktracks Plugin
    Sonic Encoders
    Spelling Dictionaries Support For Adobe Reader 9
    SpywareBlaster 4.0
    Symantec KB-DocID:2003093015493306
    Synaptics Pointing Device Driver
    Texas Instruments PCIxx21/x515/xx12 drivers.
    TIPCI
    TOSHIBA Assist
    TOSHIBA ConfigFree
    TOSHIBA Controls
    TOSHIBA Hotkey Utility
    TOSHIBA PC Diagnostic Tool
    TOSHIBA Power Saver
    TOSHIBA SD Memory Card Format
    TOSHIBA Speech System Applications
    TOSHIBA Speech System SR Engine(U.S.) Version1.0
    TOSHIBA Speech System TTS Engine(U.S.) Version1.0
    Toshiba Tbiosdrv Driver
    TOSHIBA TouchPad ON/Off Utility
    TOSHIBA Utilities
    TOSHIBA Virtual Sound
    TOSHIBA Zooming Utility
    Uniblue DriverScanner
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 7 (KB976749)
    Update for Windows Internet Explorer 8 (KB975364)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB976749)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows Media Player 10 (KB910393)
    Update for Windows Media Player 10 (KB913800)
    Update for Windows Media Player 10 (KB926251)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2616676-v2)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB961503)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update Rollup 2 for Windows XP Media Center Edition 2005
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Imaging Component
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live Mail
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Upload Tool
    Windows Live Writer
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Media Center Edition 2005 KB2502898
    Windows XP Media Center Edition 2005 KB2619340
    Windows XP Media Center Edition 2005 KB2628259
    Windows XP Media Center Edition 2005 KB888316
    Windows XP Media Center Edition 2005 KB894553
    Windows XP Media Center Edition 2005 KB895678
    Windows XP Media Center Edition 2005 KB925766
    Windows XP Media Center Edition 2005 KB973768
    Windows XP Service Pack 3
    XML Paper Specification Shared Components Pack 1.0
    .
    ==== Event Viewer Messages From Past Week ========
    .
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Wwnetdde service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Webrootadminconsole service terminated with the following error: The specified module could not be

    found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Webfilter service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Wampmysqld service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Wacomvhid service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Vsbus service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The VMAUDIO service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Usbvideo service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Uhcd service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Uagp35 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The TuneUp.ProgramStatisticsSvc service terminated with the following error: The specified module could not

    be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Tsmapip service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Tosporte service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Tmlisten service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The TestHandler service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The TcUsb service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Tcpip6 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The SymIM service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Symdns service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The SWMX00 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Svcwrsssdk service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Sthda service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Starwindserviceae service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Sr_watchdog service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The SprintRcAppSvc service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The SNPSTD3 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Smserial service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Sk99202k service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Sglfb service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Sffdisk service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The SE2Bobex service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Screadspool service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The ScFBPNT2 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Sbp2port service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The S716mgmt service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The S3savagenb service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Relational service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Rdpnp service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Pxfhmdm service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Pinnaclesys.mediaserver service terminated with the following error: The specified module could not be

    found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Pdlnafac service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Pdfcreatormessages service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The PD0620VID service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The PCISys service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Pavagente service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The P2pgasvc service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The P16X service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Ovsecurityserver service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The OEM02Afx service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The NWUSBModem service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Nocashio service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Nmservice service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Nlsvc service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Nidomainservice service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The NICSer_WPC54G service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The NETGEAR_MA111 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The MS1000 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The MREMPR5 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Mpservice service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The MegaSR service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Mcproxy service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Mcmispupdmgr service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Magictuneengine service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Lxda_device service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The LMS service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Lmimaint service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The KR10I service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Ipodsrv service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Intels51 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Incdrm service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Iksyssec service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The IASJet service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Help and Support service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The GcKernel service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The EQDRV5 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Emitray service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Elservice service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The DSI_SiUSBXp_3_1 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Deltafw service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The CTHWIUT.DLL service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The CTAudSvcService service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Crauto service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Contentindex service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Com0com service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Co_mon service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Cfosspeed service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Cdudf_xp service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Ccdecode service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Btwhid service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Blueletscoaudio service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Bglivesvc service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The BCMModem service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The AVerTV service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The ATKFUSService service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Atinrvxx service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Apphostsvc service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Aolservice service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Adsexpb service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Acmservice service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The ACDaemon service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LMIGuardianSvc service to connect.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7000] - The LMIGuardianSvc service failed to start due to the following error: The service did not respond to the start

    or control request in a timely fashion.
    7/11/2012 9:48:50 AM, error: Service Control Manager [7023] - The Ipodsrv service terminated with the following error: Access is denied.
    7/11/2012 9:33:50 AM, error: Service Control Manager [7023] - The SprintRcAppSvc service terminated with the following error: Access is denied.
    7/11/2012 9:18:50 AM, error: Service Control Manager [7023] - The Blueletscoaudio service terminated with the following error: Access is denied.
    7/11/2012 9:03:50 AM, error: Service Control Manager [7023] - The SymIM service terminated with the following error: Access is denied.
    7/11/2012 8:48:51 AM, error: Service Control Manager [7023] - The LMS service terminated with the following error: Access is denied.
    7/11/2012 8:33:50 AM, error: Service Control Manager [7023] - The Mpservice service terminated with the following error: Access is denied.
    7/11/2012 8:18:49 AM, error: Service Control Manager [7023] - The Lmimaint service terminated with the following error: Access is denied.
    7/11/2012 8:03:49 AM, error: Service Control Manager [7023] - The Webrootadminconsole service terminated with the following error: Access is denied.
    7/11/2012 7:48:49 AM, error: Service Control Manager [7023] - The P16X service terminated with the following error: Access is denied.
    7/11/2012 7:33:49 AM, error: Service Control Manager [7023] - The IASJet service terminated with the following error: Access is denied.
    7/11/2012 7:18:49 AM, error: Service Control Manager [7023] - The SWMX00 service terminated with the following error: Access is denied.
    7/11/2012 7:03:49 AM, error: Service Control Manager [7023] - The ATKFUSService service terminated with the following error: Access is denied.
    7/11/2012 6:48:49 AM, error: Service Control Manager [7023] - The Incdrm service terminated with the following error: Access is denied.
    7/11/2012 6:33:49 AM, error: Service Control Manager [7023] - The Nmservice service terminated with the following error: Access is denied.
    7/11/2012 6:18:49 AM, error: Service Control Manager [7023] - The OEM02Afx service terminated with the following error: Access is denied.
    7/11/2012 6:03:48 AM, error: Service Control Manager [7023] - The Elservice service terminated with the following error: Access is denied.
    7/11/2012 5:48:48 AM, error: Service Control Manager [7023] - The TuneUp.ProgramStatisticsSvc service terminated with the following error: Access is denied.
    7/11/2012 5:33:48 AM, error: Service Control Manager [7023] - The Pdfcreatormessages service terminated with the following error: Access is denied.
    7/11/2012 5:03:47 AM, error: Service Control Manager [7023] - The Uhcd service terminated with the following error: Access is denied.
    7/11/2012 4:48:48 AM, error: Service Control Manager [7023] - The Mcproxy service terminated with the following error: Access is denied.
    7/11/2012 4:33:48 AM, error: Service Control Manager [7023] - The Sthda service terminated with the following error: Access is denied.
    7/11/2012 4:18:48 AM, error: Service Control Manager [7023] - The Tsircsrv service terminated with the following error: Access is denied.
    7/11/2012 4:03:48 AM, error: Service Control Manager [7023] - The Ovsecurityserver service terminated with the following error: Access is denied.
    7/11/2012 3:48:47 AM, error: Service Control Manager [7023] - The DSI_SiUSBXp_3_1 service terminated with the following error: Access is denied.
    7/11/2012 3:33:47 AM, error: Service Control Manager [7023] - The Com0com service terminated with the following error: Access is denied.
    7/11/2012 3:18:47 AM, error: Service Control Manager [7023] - The Sffdisk service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The Webfilter service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The Tsircsrv service terminated with the following error: The specified module could not be found.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The Tmlisten service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The TestHandler service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The SNPSTD3 service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The Sk99202k service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The SE2Bobex service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The S3savagenb service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The P2pgasvc service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The NICSer_WPC54G service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The Mcmispupdmgr service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The Intels51 service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The Bglivesvc service terminated with the following error: Access is denied.
    7/11/2012 3:03:47 AM, error: Service Control Manager [7023] - The Tcpip6 service terminated with the following error: Access is denied.
    7/11/2012 2:48:47 AM, error: Service Control Manager [7023] - The PD0620VID service terminated with the following error: Access is denied.
    7/11/2012 2:33:48 AM, error: Service Control Manager [7023] - The Apphostsvc service terminated with the following error: Access is denied.
    7/11/2012 2:20:30 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It

    has stopped monitoring the volume.
    7/11/2012 2:18:46 AM, error: Service Control Manager [7023] - The Acmservice service terminated with the following error: Access is denied.
    7/11/2012 2:03:46 AM, error: Service Control Manager [7023] - The CTHWIUT.DLL service terminated with the following error: Access is denied.
    7/11/2012 2:01:21 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure

    could not be found.
    7/11/2012 11:18:56 AM, error: Service Control Manager [7023] - The Emitray service terminated with the following error: Access is denied.
    7/11/2012 11:03:56 AM, error: Service Control Manager [7023] - The Cdudf_xp service terminated with the following error: Access is denied.
    7/11/2012 10:48:51 AM, error: Service Control Manager [7023] - The Ccdecode service terminated with the following error: Access is denied.
    7/11/2012 10:33:50 AM, error: Service Control Manager [7023] - The Nlsvc service terminated with the following error: Access is denied.
    7/11/2012 10:18:51 AM, error: Service Control Manager [7023] - The Svcwrsssdk service terminated with the following error: Access is denied.
    7/11/2012 10:03:50 AM, error: Service Control Manager [7023] - The Wacomvhid service terminated with the following error: Access is denied.
    7/11/2012 1:48:45 AM, error: Service Control Manager [7023] - The Smserial service terminated with the following error: Access is denied.
    7/11/2012 1:33:45 AM, error: Service Control Manager [7023] - The Symdns service terminated with the following error: Access is denied.
    .
    ==== End Of File ===========================
    randy, Jul 19, 2012
    #45

  6. Broni Malware Annihilator Posts: 40,022   +187

    • Download RogueKiller on the desktop
    • Close all the running programs
    • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
    • Otherwise just double-click on RogueKiller.exe
    • Pre-scan will start. Let it finish.
    • Click on SCAN button.
    • A report (RKreport.txt) should open. Post its content in your next reply. (RKreport could also be found on your desktop)
    • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

    ======================================

    Download aswMBR to your desktop.
    Double click the aswMBR.exe to run it.
    If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
    Click the "Scan" button to start scan.
    On completion of the scan click "Save log", save it to your desktop and post in your next reply.

    NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
    Broni, Jul 19, 2012
    #46
     

  7. randy Newcomer, in training Posts: 79

    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 2/14/2007 10:46:56 AM
    System Uptime: 7/18/2012 9:01:00 PM (2 hours ago)
    .
    Motherboard: Intel Corporation | | MPAD-MSAE Customer Reference Boards
    Processor: Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz | U1 | 1828/mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 139 GiB total, 103.518 GiB free.
    D: is FIXED (NTFS) - 10 GiB total, 7.948 GiB free.
    E: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E965-E325-11CE-BFC1-08002BE10318}
    Description: CD-ROM Drive
    Device ID: IDE\CDROMPIONEER_DVD-RW__DVR-K16A________________1.63____\46_0444A354C323431315739204C202020202020
    Manufacturer: (Standard CD-ROM drives)
    Name: PIONEER DVD-RW DVR-K16A
    PNP Device ID: IDE\CDROMPIONEER_DVD-RW__DVR-K16A________________1.63____\46_0444A354C323431315739204C202020202020
    Service: cdrom
    .
    ==== System Restore Points ===================
    .
    RP801: 5/1/2012 8:03:24 PM - Software Distribution Service 3.0
    RP802: 5/12/2012 12:08:40 AM - Software Distribution Service 3.0
    RP803: 7/7/2012 1:06:22 PM - System Checkpoint
    RP804: 7/10/2012 1:58:35 PM - System Checkpoint
    RP805: 7/11/2012 1:40:14 PM - Software Distribution Service 3.0
    RP806: 7/11/2012 2:05:13 PM - Software Distribution Service 3.0
    RP807: 7/11/2012 2:30:13 PM - Software Distribution Service 3.0
    RP808: 7/11/2012 6:51:48 PM - Software Distribution Service 3.0
    RP809: 7/13/2012 8:03:38 PM - Software Distribution Service 3.0
    RP810: 7/14/2012 9:19:41 PM - Software Distribution Service 3.0
    RP811: 7/15/2012 11:54:40 PM - Software Distribution Service 3.0
    RP812: 7/17/2012 2:41:58 PM - System Checkpoint
    RP813: 7/18/2012 7:33:41 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    Acrobat.com
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader 9.4.5
    Adobe Reader Japanese Fonts
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Ask Toolbar
    Ask Toolbar Updater
    AVG 2012
    Babylon toolbar on IE
    Bluetooth Stack for Windows by Toshiba
    Bonjour
    CC_ccProxyExt
    ccCommon
    CCleaner (remove only)
    ccPxyCore
    CD/DVD Drive Acoustic Silencer
    Compatibility Pack for the 2007 Office system
    Critical Update for Windows Media Player 11 (KB959772)
    DVD-RAM Driver
    Everio MediaBrowser 3
    FirstClassEd9
    FTP Voyager 15.1
    GoToAssist Express Customer 1.3.0.209
    High Definition Audio Driver Package - KB888111
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Format 11 SDK (KB929399)
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows Media Player 11 (KB939683)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB954708)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    Intel(R) PRO Network Connections Drivers
    Intel(R) PROSet/Wireless Software
    InterVideo WinDVD Creator 2
    InterVideo WinDVD for TOSHIBA
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 26
    Junk Mail filter update
    Malwarebytes Anti-Malware version 1.62.0.1300
    mCore
    mDrWiFi
    MediaBar
    mHelp
    Microsoft .NET Framework 1.0 Hotfix (KB2572066)
    Microsoft .NET Framework 1.0 Hotfix (KB2604042)
    Microsoft .NET Framework 1.0 Hotfix (KB2656378)
    Microsoft .NET Framework 1.0 Hotfix (KB953295)
    Microsoft .NET Framework 1.0 Hotfix (KB979904)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656353)
    Microsoft .NET Framework 1.1 Security Update (KB2656370)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Choice Guard
    Microsoft Compression Client Pack 1.0 for Windows XP
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Basic Edition 2003
    Microsoft Office File Validation Add-In
    Microsoft Office Live Add-in 1.5
    Microsoft Office OneNote 2003
    Microsoft Office Outlook Connector
    Microsoft Office Professional Edition 2003
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft User-Mode Driver Framework Feature Pack 1.0
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    mIWA
    mLogView
    mMHouse
    MobileMe Control Panel
    Motorola Phone Tools
    Mozilla Firefox 13.0.1 (x86 en-US)
    Mozilla Maintenance Service
    mPfMgr
    mPfWiz
    mProSafe
    MSVCRT
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    mWlsSafe
    mXML
    mZConfig
    Need3Space
    Norton Internet Security
    Norton Protection Center
    NVIDIA Drivers
    OpenOffice.org Installer 1.0
    Opera 9.26
    Otto
    Print2RDP Client
    QuickTime
    Realtek High Definition Audio Driver
    Rhapsody Player Engine
    Safari
    SD Secure Module
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB933566)
    Security Update for Windows Internet Explorer 7 (KB937143)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 7 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB2183461)
    Security Update for Windows Internet Explorer 8 (KB2360131)
    Security Update for Windows Internet Explorer 8 (KB2416400)
    Security Update for Windows Internet Explorer 8 (KB2482017)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2530548)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2559049)
    Security Update for Windows Internet Explorer 8 (KB2586448)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2699988)
    Security Update for Windows Internet Explorer 8 (KB971961)
    Security Update for Windows Internet Explorer 8 (KB974455)
    Security Update for Windows Internet Explorer 8 (KB976325)
    Security Update for Windows Internet Explorer 8 (KB978207)
    Security Update for Windows Internet Explorer 8 (KB981332)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 11 (KB936782)
    Security Update for Windows Media Player 11 (KB954154)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2718523)
    Security Update for Windows XP (KB2719985)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464-v2)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB971961)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Segoe UI
    Skype Click to Call
    Skypeâ„¢ 5.5
    SmartSound Quicktracks Plugin
    Sonic Encoders
    Spelling Dictionaries Support For Adobe Reader 9
    SpywareBlaster 4.0
    Symantec KB-DocID:2003093015493306
    Synaptics Pointing Device Driver
    Texas Instruments PCIxx21/x515/xx12 drivers.
    TIPCI
    TOSHIBA Assist
    TOSHIBA ConfigFree
    TOSHIBA Controls
    TOSHIBA Hotkey Utility
    TOSHIBA PC Diagnostic Tool
    TOSHIBA Power Saver
    TOSHIBA SD Memory Card Format
    TOSHIBA Speech System Applications
    TOSHIBA Speech System SR Engine(U.S.) Version1.0
    TOSHIBA Speech System TTS Engine(U.S.) Version1.0
    Toshiba Tbiosdrv Driver
    TOSHIBA TouchPad ON/Off Utility
    TOSHIBA Utilities
    TOSHIBA Virtual Sound
    TOSHIBA Zooming Utility
    Uniblue DriverScanner
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 7 (KB976749)
    Update for Windows Internet Explorer 8 (KB975364)
    Update for Windows Internet Explorer 8 (KB976662)
    Update for Windows Internet Explorer 8 (KB976749)
    Update for Windows Internet Explorer 8 (KB980182)
    Update for Windows Media Player 10 (KB910393)
    Update for Windows Media Player 10 (KB913800)
    Update for Windows Media Player 10 (KB926251)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2616676-v2)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB961503)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update Rollup 2 for Windows XP Media Center Edition 2005
    WebFldrs XP
    Windows Genuine Advantage Notifications (KB905474)
    Windows Imaging Component
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live Mail
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sync
    Windows Live Upload Tool
    Windows Live Writer
    Windows Media Format 11 runtime
    Windows Media Player 11
    Windows XP Media Center Edition 2005 KB2502898
    Windows XP Media Center Edition 2005 KB2619340
    Windows XP Media Center Edition 2005 KB2628259
    Windows XP Media Center Edition 2005 KB888316
    Windows XP Media Center Edition 2005 KB894553
    Windows XP Media Center Edition 2005 KB895678
    Windows XP Media Center Edition 2005 KB925766
    Windows XP Media Center Edition 2005 KB973768
    Windows XP Service Pack 3
    XML Paper Specification Shared Components Pack 1.0
    .
    ==== Event Viewer Messages From Past Week ========
    .
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Wwnetdde service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Webrootadminconsole service terminated with the following error: The specified module could not be

    found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Webfilter service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Wampmysqld service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Wacomvhid service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Vsbus service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The VMAUDIO service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Usbvideo service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Uhcd service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Uagp35 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The TuneUp.ProgramStatisticsSvc service terminated with the following error: The specified module could not

    be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Tsmapip service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Tosporte service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Tmlisten service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The TestHandler service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The TcUsb service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Tcpip6 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The SymIM service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Symdns service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The SWMX00 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Svcwrsssdk service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Sthda service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Starwindserviceae service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Sr_watchdog service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The SprintRcAppSvc service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The SNPSTD3 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Smserial service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Sk99202k service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Sglfb service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Sffdisk service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The SE2Bobex service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Screadspool service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The ScFBPNT2 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Sbp2port service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The S716mgmt service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The S3savagenb service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Relational service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Rdpnp service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Pxfhmdm service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Pinnaclesys.mediaserver service terminated with the following error: The specified module could not be

    found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Pdlnafac service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Pdfcreatormessages service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The PD0620VID service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The PCISys service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Pavagente service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The P2pgasvc service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The P16X service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Ovsecurityserver service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The OEM02Afx service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The NWUSBModem service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Nocashio service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Nmservice service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Nlsvc service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Nidomainservice service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The NICSer_WPC54G service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The NETGEAR_MA111 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The MS1000 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The MREMPR5 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Mpservice service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The MegaSR service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Mcproxy service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Mcmispupdmgr service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Magictuneengine service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Lxda_device service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The LMS service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Lmimaint service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The KR10I service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Ipodsrv service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Intels51 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Incdrm service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Iksyssec service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The IASJet service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Help and Support service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The GcKernel service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The EQDRV5 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Emitray service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Elservice service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The DSI_SiUSBXp_3_1 service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Deltafw service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The CTHWIUT.DLL service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The CTAudSvcService service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Crauto service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Contentindex service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Com0com service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Co_mon service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Cfosspeed service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Cdudf_xp service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Ccdecode service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Btwhid service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Blueletscoaudio service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Bglivesvc service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The BCMModem service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The AVerTV service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The ATKFUSService service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Atinrvxx service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Apphostsvc service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Aolservice service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Adsexpb service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The Acmservice service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7023] - The ACDaemon service terminated with the following error: The specified module could not be found.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LMIGuardianSvc service to connect.
    7/14/2012 2:38:02 PM, error: Service Control Manager [7000] - The LMIGuardianSvc service failed to start due to the following error: The service did not respond to the start

    or control request in a timely fashion.
    7/11/2012 9:48:50 AM, error: Service Control Manager [7023] - The Ipodsrv service terminated with the following error: Access is denied.
    7/11/2012 9:33:50 AM, error: Service Control Manager [7023] - The SprintRcAppSvc service terminated with the following error: Access is denied.
    7/11/2012 9:18:50 AM, error: Service Control Manager [7023] - The Blueletscoaudio service terminated with the following error: Access is denied.
    7/11/2012 9:03:50 AM, error: Service Control Manager [7023] - The SymIM service terminated with the following error: Access is denied.
    7/11/2012 8:48:51 AM, error: Service Control Manager [7023] - The LMS service terminated with the following error: Access is denied.
    7/11/2012 8:33:50 AM, error: Service Control Manager [7023] - The Mpservice service terminated with the following error: Access is denied.
    7/11/2012 8:18:49 AM, error: Service Control Manager [7023] - The Lmimaint service terminated with the following error: Access is denied.
    7/11/2012 8:03:49 AM, error: Service Control Manager [7023] - The Webrootadminconsole service terminated with the following error: Access is denied.
    7/11/2012 7:48:49 AM, error: Service Control Manager [7023] - The P16X service terminated with the following error: Access is denied.
    7/11/2012 7:33:49 AM, error: Service Control Manager [7023] - The IASJet service terminated with the following error: Access is denied.
    7/11/2012 7:18:49 AM, error: Service Control Manager [7023] - The SWMX00 service terminated with the following error: Access is denied.
    7/11/2012 7:03:49 AM, error: Service Control Manager [7023] - The ATKFUSService service terminated with the following error: Access is denied.
    7/11/2012 6:48:49 AM, error: Service Control Manager [7023] - The Incdrm service terminated with the following error: Access is denied.
    7/11/2012 6:33:49 AM, error: Service Control Manager [7023] - The Nmservice service terminated with the following error: Access is denied.
    7/11/2012 6:18:49 AM, error: Service Control Manager [7023] - The OEM02Afx service terminated with the following error: Access is denied.
    7/11/2012 6:03:48 AM, error: Service Control Manager [7023] - The Elservice service terminated with the following error: Access is denied.
    7/11/2012 5:48:48 AM, error: Service Control Manager [7023] - The TuneUp.ProgramStatisticsSvc service terminated with the following error: Access is denied.
    7/11/2012 5:33:48 AM, error: Service Control Manager [7023] - The Pdfcreatormessages service terminated with the following error: Access is denied.
    7/11/2012 5:03:47 AM, error: Service Control Manager [7023] - The Uhcd service terminated with the following error: Access is denied.
    7/11/2012 4:48:48 AM, error: Service Control Manager [7023] - The Mcproxy service terminated with the following error: Access is denied.
    7/11/2012 4:33:48 AM, error: Service Control Manager [7023] - The Sthda service terminated with the following error: Access is denied.
    7/11/2012 4:18:48 AM, error: Service Control Manager [7023] - The Tsircsrv service terminated with the following error: Access is denied.
    7/11/2012 4:03:48 AM, error: Service Control Manager [7023] - The Ovsecurityserver service terminated with the following error: Access is denied.
    7/11/2012 3:48:47 AM, error: Service Control Manager [7023] - The DSI_SiUSBXp_3_1 service terminated with the following error: Access is denied.
    7/11/2012 3:33:47 AM, error: Service Control Manager [7023] - The Com0com service terminated with the following error: Access is denied.
    7/11/2012 3:18:47 AM, error: Service Control Manager [7023] - The Sffdisk service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The Webfilter service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The Tsircsrv service terminated with the following error: The specified module could not be found.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The Tmlisten service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The TestHandler service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The SNPSTD3 service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The Sk99202k service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The SE2Bobex service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The S3savagenb service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The P2pgasvc service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The NICSer_WPC54G service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The Mcmispupdmgr service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The Intels51 service terminated with the following error: Access is denied.
    7/11/2012 3:13:19 PM, error: Service Control Manager [7023] - The Bglivesvc service terminated with the following error: Access is denied.
    7/11/2012 3:03:47 AM, error: Service Control Manager [7023] - The Tcpip6 service terminated with the following error: Access is denied.
    7/11/2012 2:48:47 AM, error: Service Control Manager [7023] - The PD0620VID service terminated with the following error: Access is denied.
    7/11/2012 2:33:48 AM, error: Service Control Manager [7023] - The Apphostsvc service terminated with the following error: Access is denied.
    7/11/2012 2:20:30 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It

    has stopped monitoring the volume.
    7/11/2012 2:18:46 AM, error: Service Control Manager [7023] - The Acmservice service terminated with the following error: Access is denied.
    7/11/2012 2:03:46 AM, error: Service Control Manager [7023] - The CTHWIUT.DLL service terminated with the following error: Access is denied.
    7/11/2012 2:01:21 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure

    could not be found.
    7/11/2012 11:18:56 AM, error: Service Control Manager [7023] - The Emitray service terminated with the following error: Access is denied.
    7/11/2012 11:03:56 AM, error: Service Control Manager [7023] - The Cdudf_xp service terminated with the following error: Access is denied.
    7/11/2012 10:48:51 AM, error: Service Control Manager [7023] - The Ccdecode service terminated with the following error: Access is denied.
    7/11/2012 10:33:50 AM, error: Service Control Manager [7023] - The Nlsvc service terminated with the following error: Access is denied.
    7/11/2012 10:18:51 AM, error: Service Control Manager [7023] - The Svcwrsssdk service terminated with the following error: Access is denied.
    7/11/2012 10:03:50 AM, error: Service Control Manager [7023] - The Wacomvhid service terminated with the following error: Access is denied.
    7/11/2012 1:48:45 AM, error: Service Control Manager [7023] - The Smserial service terminated with the following error: Access is denied.
    7/11/2012 1:33:45 AM, error: Service Control Manager [7023] - The Symdns service terminated with the following error: Access is denied.
    .
    ==== End Of File ===========================
    randy, Jul 19, 2012
    #47

  8. randy Newcomer, in training Posts: 79

    RogueKiller V7.6.4 [07/17/2012] by Tigzy
    mail: tigzyRK<at>gmail<dot>com
    Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
    Blog: http://tigzyrk.blogspot.com

    Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
    Started in : Normal mode
    User: Randy Enns [Admin rights]
    Mode: Scan -- Date: 07/18/2012 23:32:46

    ¤¤¤ Bad processes: 0 ¤¤¤

    ¤¤¤ Registry Entries: 2 ¤¤¤
    [SCRSV] HKCU\[...]\Desktop : SCRNSAVE.EXE (C:\DOCUME~1\RANDYE~1\Desktop\dds.scr) -> FOUND
    [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Particular Files / Folders: ¤¤¤
    [Faked.Drv][FAKED] ati1rvxx.sys : c:\windows\system32\drivers\ati1rvxx.sys --> CANNOT FIX
    [Faked.Drv][FAKED] ati2mtaa.sys : c:\windows\system32\drivers\ati2mtaa.sys --> CANNOT FIX
    [Faked.Drv][FAKED] atinxsxx.sys : c:\windows\system32\drivers\atinxsxx.sys --> CANNOT FIX
    [Faked.Drv][FAKED] fltmgr.sys : c:\windows\system32\drivers\fltmgr.sys --> CANNOT FIX
    [Faked.Drv][FAKED] mf.sys : c:\windows\system32\drivers\mf.sys --> CANNOT FIX
    [Faked.Drv][FAKED] mtlstrm.sys : c:\windows\system32\drivers\mtlstrm.sys --> CANNOT FIX
    [Faked.Drv][FAKED] nwlnknb.sys : c:\windows\system32\drivers\nwlnknb.sys --> CANNOT FIX
    [Faked.Drv][FAKED] ohci1394.sys : c:\windows\system32\drivers\ohci1394.sys --> CANNOT FIX
    [Faked.Drv][FAKED] slnt7554.sys : c:\windows\system32\drivers\slnt7554.sys --> CANNOT FIX
    [Faked.Drv][FAKED] tosrfcom.sys : c:\windows\system32\drivers\tosrfcom.sys --> CANNOT FIX

    ¤¤¤ Driver: [LOADED] ¤¤¤

    ¤¤¤ Infection : ZeroAccess ¤¤¤
    [ZeroAccess] (LOCKED) windir\NtUpdateKBxxxx present!

    ¤¤¤ HOSTS File: ¤¤¤


    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: TOSHIBA MK1637GSX +++++
    --- User ---
    [MBR] 5be49f611372ec84e979580a9ca6c23a
    [BSP] 498de7c4e998ece00426f7bdf0fe3ff4 : Windows XP MBR Code
    Partition table:
    0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 142129 Mo
    1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 291081735 | Size: 10244 Mo
    3 - [XXXXXX] UNKNOWN (0x88) [VISIBLE] Offset (sectors): 312062625 | Size: 251 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    +++++ PhysicalDrive1: SanDisk Cruzer Edge USB Device +++++
    --- User ---
    [MBR] 33a0f33fb7e7f518f64aedcb9dad35b0
    [BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
    Partition table:
    0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 32 | Size: 7633 Mo
    User = LL1 ... OK!
    Error reading LL2 MBR!

    Finished : << RKreport[1].txt >>
    RKreport[1].txt
    randy, Jul 19, 2012
    #48

  9. Broni Malware Annihilator Posts: 40,022   +187

    aswMBR?
    Broni, Jul 19, 2012
    #49

  10. randy Newcomer, in training Posts: 79

    still running the update..just finished, scanning now
    randy, Jul 19, 2012
    #50

  11. randy Newcomer, in training Posts: 79

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-07-18 23:40:40
    -----------------------------
    23:40:40.453 OS Version: Windows 5.1.2600 Service Pack 3
    23:40:40.453 Number of processors: 2 586 0xF06
    23:40:40.468 ComputerName: RANDY UserName:
    23:40:41.593 Initialize success
    00:08:42.718 AVAST engine defs: 12071900
    00:09:09.343 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
    00:09:09.343 Disk 0 Vendor: TOSHIBA_MK1637GSX DL020M Size: 152627MB BusType: 3
    00:09:09.375 Disk 0 MBR read successfully
    00:09:09.390 Disk 0 MBR scan
    00:09:09.437 Disk 0 Windows XP default MBR code
    00:09:09.437 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 142129 MB offset 63
    00:09:09.468 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10244 MB offset 291081735
    00:09:09.500 Disk 0 Partition 3 00 88 Linux plaintext A Kárò'ó 251 MB offset 312062625
    00:09:09.515 Disk 0 scanning sectors +312576705
    00:09:09.656 Disk 0 scanning C:\WINDOWS\system32\drivers
    00:09:42.578 Service scanning
    00:10:11.312 Modules scanning
    00:11:23.937 Disk 0 trace - called modules:
    00:11:24.296
    00:11:24.937 AVAST engine scan C:\WINDOWS
    00:12:35.140 AVAST engine scan C:\WINDOWS\system32
    00:27:26.250 AVAST engine scan C:\WINDOWS\system32\drivers
    00:28:59.468 AVAST engine scan C:\Documents and Settings\Randy Enns
    00:29:27.203 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Randy Enns\Desktop\MBR.dat"
    00:29:27.203 The log file has been saved successfully to "C:\Documents and Settings\Randy Enns\Desktop\aswMBR.txt"
    00:33:11.593 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Randy Enns\Desktop\MBR.dat"
    00:33:11.609 The log file has been saved successfully to "C:\Documents and Settings\Randy Enns\Desktop\aswMBR.txt"
    randy, Jul 19, 2012
    #51

  12. randy Newcomer, in training Posts: 79

    I will wait a few minutes then I have to stop..up early tomorrow
    randy, Jul 19, 2012
    #52

  13. Broni Malware Annihilator Posts: 40,022   +187

    Please disable "word wrap" in Notepad as some logs are harder to read.

    Download TDSSKiller and save it to your desktop.
    • Extract (unzip) its contents to your desktop.
    • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    • If an infected file is detected, the default action will be Cure, click on Continue.
    • If a suspicious file is detected, the default action will be Skip, click on Continue.
    • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
    • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
    Broni, Jul 19, 2012
    #53

  14. randy Newcomer, in training Posts: 79

    2.0924 4828 TDSS rootkit removing tool 2.7.46.0 Jul 16 2012 22:10:11
    18:42:03.0486 4828 ============================================================
    18:42:03.0486 4828 Current date / time: 2012/07/19 18:42:03.0486
    18:42:03.0486 4828 SystemInfo:
    18:42:03.0486 4828
    18:42:03.0486 4828 OS Version: 5.1.2600 ServicePack: 3.0
    18:42:03.0486 4828 Product type: Workstation
    18:42:03.0486 4828 ComputerName: RANDY
    18:42:03.0486 4828 UserName: Randy Enns
    18:42:03.0486 4828 Windows directory: C:\WINDOWS
    18:42:03.0486 4828 System windows directory: C:\WINDOWS
    18:42:03.0486 4828 Processor architecture: Intel x86
    18:42:03.0486 4828 Number of processors: 2
    18:42:03.0486 4828 Page size: 0x1000
    18:42:03.0486 4828 Boot type: Normal boot
    18:42:03.0486 4828 ============================================================
    18:42:07.0517 4828 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
    18:42:07.0533 4828 ============================================================
    18:42:07.0533 4828 \Device\Harddisk0\DR0:
    18:42:07.0533 4828 MBR partitions:
    18:42:07.0533 4828 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x11598DC8
    18:42:07.0533 4828 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x11598E07, BlocksNum 0x140249A
    18:42:07.0533 4828 ============================================================
    18:42:07.0986 4828 C: <-> \Device\Harddisk0\DR0\Partition0
    18:42:08.0455 4828 D: <-> \Device\Harddisk0\DR0\Partition1
    18:42:08.0455 4828 ============================================================
    18:42:08.0455 4828 Initialize success
    18:42:08.0455 4828 ============================================================
    18:42:17.0752 4328 ============================================================
    18:42:17.0752 4328 Scan started
    18:42:17.0752 4328 Mode: Manual;
    18:42:17.0752 4328 ============================================================
    18:42:18.0955 4328 aamqdispatcher - ok
    18:42:18.0971 4328 Abiosdsk - ok
    18:42:18.0986 4328 abp480n5 - ok
    18:42:19.0143 4328 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    18:42:19.0158 4328 ACPI - ok
    18:42:19.0158 4328 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
    18:42:19.0158 4328 ACPIEC - ok
    18:42:19.0174 4328 adfs - ok
    18:42:19.0189 4328 adihdaudaddservice - ok
    18:42:19.0189 4328 adpu160m - ok
    18:42:19.0236 4328 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    18:42:19.0236 4328 aec - ok
    18:42:19.0299 4328 AegisP (15e655baa989444f56787ef558823643) C:\WINDOWS\system32\DRIVERS\AegisP.sys
    18:42:19.0299 4328 AegisP - ok
    18:42:19.0393 4328 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
    18:42:19.0393 4328 AFD - ok
    18:42:19.0564 4328 AgereSoftModem (c41a5740468d0b9cb46e6390a0e15ce3) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
    18:42:19.0580 4328 AgereSoftModem - ok
    18:42:19.0596 4328 Aha154x - ok
    18:42:19.0596 4328 aic78u2 - ok
    18:42:19.0611 4328 aic78xx - ok
    18:42:19.0658 4328 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
    18:42:19.0658 4328 Alerter - ok
    18:42:19.0689 4328 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
    18:42:19.0705 4328 ALG - ok
    18:42:19.0705 4328 AliIde - ok
    18:42:19.0705 4328 amfilter - ok
    18:42:19.0721 4328 amsint - ok
    18:42:19.0939 4328 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    18:42:19.0939 4328 Apple Mobile Device - ok
    18:42:19.0971 4328 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
    18:42:19.0986 4328 AppMgmt - ok
    18:42:20.0158 4328 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    18:42:20.0174 4328 Arp1394 - ok
    18:42:20.0174 4328 asc - ok
    18:42:20.0189 4328 asc3350p - ok
    18:42:20.0189 4328 asc3550 - ok
    18:42:20.0330 4328 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
    18:42:20.0439 4328 aspnet_state - ok
    18:42:20.0471 4328 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    18:42:20.0471 4328 AsyncMac - ok
    18:42:20.0611 4328 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    18:42:20.0627 4328 atapi - ok
    18:42:20.0627 4328 Atdisk - ok
    18:42:20.0658 4328 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    18:42:20.0658 4328 Atmarpc - ok
    18:42:20.0658 4328 ATMsrvc - ok
    18:42:20.0705 4328 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
    18:42:20.0705 4328 AudioSrv - ok
    18:42:20.0768 4328 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    18:42:20.0768 4328 audstub - ok
    18:42:22.0111 4328 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    18:42:22.0424 4328 AVGIDSAgent - ok
    18:42:22.0939 4328 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys
    18:42:22.0939 4328 AVGIDSDriver - ok
    18:42:22.0971 4328 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys
    18:42:22.0971 4328 AVGIDSEH - ok
    18:42:23.0002 4328 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys
    18:42:23.0002 4328 AVGIDSFilter - ok
    18:42:23.0018 4328 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys
    18:42:23.0018 4328 AVGIDSShim - ok
    18:42:23.0127 4328 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
    18:42:23.0143 4328 Avgldx86 - ok
    18:42:23.0174 4328 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
    18:42:23.0174 4328 Avgmfx86 - ok
    18:42:23.0189 4328 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
    18:42:23.0205 4328 Avgrkx86 - ok
    18:42:23.0408 4328 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    18:42:23.0408 4328 avgwd - ok
    18:42:23.0424 4328 avinitnt - ok
    18:42:23.0439 4328 backupexecalertserver - ok
    18:42:23.0486 4328 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    18:42:23.0486 4328 Beep - ok
    18:42:23.0689 4328 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
    18:42:23.0689 4328 BITS - ok
    18:42:23.0705 4328 BoiHwsetup - ok
    18:42:23.0971 4328 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
    18:42:23.0986 4328 Bonjour Service - ok
    18:42:24.0049 4328 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
    18:42:24.0064 4328 Browser - ok
    18:42:24.0064 4328 btfirst - ok
    18:42:24.0080 4328 btkrnl - ok
    18:42:24.0080 4328 btwdins - ok
    18:42:24.0096 4328 captureservice - ok
    18:42:24.0143 4328 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    18:42:24.0143 4328 cbidf2k - ok
    18:42:24.0143 4328 ccalib8 - ok
    18:42:24.0236 4328 ccEvtMgr - ok
    18:42:24.0236 4328 ccSetMgr - ok
    18:42:24.0236 4328 cd20xrnt - ok
    18:42:24.0283 4328 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    18:42:24.0283 4328 Cdaudio - ok
    18:42:24.0361 4328 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    18:42:24.0361 4328 Cdfs - ok
    18:42:24.0471 4328 CFSvcs (3cb0cc8879956c187e87e18634ee5164) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    18:42:24.0471 4328 CFSvcs - ok
    18:42:24.0486 4328 Changer - ok
    18:42:24.0518 4328 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
    18:42:24.0518 4328 CiSvc - ok
    18:42:24.0549 4328 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
    18:42:24.0549 4328 ClipSrv - ok
    18:42:24.0736 4328 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    18:42:24.0830 4328 clr_optimization_v2.0.50727_32 - ok
    18:42:24.0861 4328 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
    18:42:24.0861 4328 CmBatt - ok
    18:42:24.0861 4328 CmdIde - ok
    18:42:24.0924 4328 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
    18:42:24.0924 4328 Compbatt - ok
    18:42:24.0924 4328 COMSysApp - ok
    18:42:24.0939 4328 Cpqarray - ok
    18:42:24.0939 4328 cpqdfw - ok
    18:42:24.0955 4328 cpqfws2e - ok
    18:42:25.0033 4328 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
    18:42:25.0049 4328 CryptSvc - ok
    18:42:25.0049 4328 cvspydr2 - ok
    18:42:25.0049 4328 d-link_st3402 - ok
    18:42:25.0064 4328 dac2w2k - ok
    18:42:25.0064 4328 dac960nt - ok
    18:42:25.0080 4328 datunidr - ok
    18:42:25.0174 4328 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
    18:42:25.0174 4328 DcomLaunch - ok
    18:42:25.0174 4328 Defrag32b - ok
    18:42:25.0283 4328 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
    18:42:25.0299 4328 Dhcp - ok
    18:42:25.0346 4328 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    18:42:25.0361 4328 Disk - ok
    18:42:25.0393 4328 dmadmin - ok
    18:42:25.0502 4328 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    18:42:25.0549 4328 dmboot - ok
    18:42:25.0611 4328 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    18:42:25.0658 4328 dmio - ok
    18:42:25.0689 4328 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    18:42:25.0736 4328 dmload - ok
    18:42:25.0830 4328 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
    18:42:25.0846 4328 dmserver - ok
    18:42:25.0861 4328 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    18:42:25.0877 4328 DMusic - ok
    18:42:25.0939 4328 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
    18:42:25.0955 4328 Dnscache - ok
    18:42:26.0049 4328 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
    18:42:26.0064 4328 Dot3svc - ok
    18:42:26.0064 4328 dot4ufd - ok
    18:42:26.0096 4328 dphost - ok
    18:42:26.0143 4328 dpti2o - ok
    18:42:26.0205 4328 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    18:42:26.0205 4328 drmkaud - ok
    18:42:26.0299 4328 DVD-RAM_Service (c9ffbd6b8edc46cd3d13e3c6db914fb7) C:\WINDOWS\system32\DVDRAMSV.exe
    18:42:26.0314 4328 DVD-RAM_Service - ok
    18:42:26.0393 4328 E100B (83403675cab29e7a4b885b11e7c855d8) C:\WINDOWS\system32\DRIVERS\e100b325.sys
    18:42:26.0393 4328 E100B - ok
    18:42:26.0455 4328 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
    18:42:26.0471 4328 EapHost - ok
    18:42:26.0689 4328 ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe
    18:42:26.0689 4328 ehRecvr - ok
    18:42:26.0752 4328 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe
    18:42:26.0752 4328 ehSched - ok
    18:42:26.0830 4328 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
    18:42:26.0830 4328 ERSvc - ok
    18:42:26.0877 4328 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
    18:42:26.0877 4328 Eventlog - ok
    18:42:26.0971 4328 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
    18:42:27.0002 4328 EventSystem - ok
    18:42:27.0158 4328 EvtEng (6a197698a141ffe7651b962ae3172008) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    18:42:27.0174 4328 EvtEng - ok
    18:42:27.0346 4328 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    18:42:27.0361 4328 Fastfat - ok
    18:42:27.0393 4328 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    18:42:27.0408 4328 FastUserSwitchingCompatibility - ok
    18:42:27.0439 4328 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
    18:42:27.0439 4328 Fdc - ok
    18:42:27.0455 4328 FINEPIX_PCC - ok
    18:42:27.0486 4328 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    18:42:27.0486 4328 Fips - ok
    18:42:27.0486 4328 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
    18:42:27.0486 4328 Flpydisk - ok
    18:42:27.0580 4328 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    18:42:27.0596 4328 FltMgr - ok
    18:42:27.0705 4328 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    18:42:27.0705 4328 FontCache3.0.0.0 - ok
    18:42:27.0736 4328 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
    18:42:27.0736 4328 fssfltr - ok
    18:42:27.0939 4328 fsssvc (206ad9a89bf05dfa1621f1fc7b82592d) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
    18:42:27.0955 4328 fsssvc - ok
    18:42:28.0033 4328 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    18:42:28.0033 4328 Fs_Rec - ok
    18:42:28.0064 4328 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    18:42:28.0064 4328 Ftdisk - ok
    18:42:28.0080 4328 gdihook5 - ok
    18:42:28.0127 4328 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
    18:42:28.0127 4328 GEARAspiWDM - ok
    18:42:28.0221 4328 GoToAssist Express Customer (0ff39256ae69c2980a36a25843a52ca1) C:\Program Files\Citrix\GoToAssist Express Customer\209\g2ax_service.exe
    18:42:28.0221 4328 GoToAssist Express Customer - ok
    18:42:28.0299 4328 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    18:42:28.0299 4328 Gpc - ok
    18:42:28.0393 4328 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    18:42:28.0393 4328 HDAudBus - ok
    18:42:28.0439 4328 helpsvc - ok
    18:42:28.0533 4328 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
    18:42:28.0533 4328 HidServ - ok
    18:42:28.0549 4328 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    18:42:28.0549 4328 HidUsb - ok
    18:42:28.0596 4328 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
    18:42:28.0596 4328 hkmsvc - ok
    18:42:28.0611 4328 hnmsvc - ok
    18:42:28.0611 4328 hpn - ok
    18:42:28.0830 4328 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    18:42:28.0846 4328 HTTP - ok
    18:42:28.0861 4328 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
    18:42:28.0877 4328 HTTPFilter - ok
    18:42:28.0877 4328 hwpsgt - ok
    18:42:28.0893 4328 i2omgmt - ok
    18:42:28.0893 4328 i2omp - ok
    18:42:28.0908 4328 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    18:42:28.0924 4328 i8042prt - ok
    18:42:28.0924 4328 iaimfp4 - ok
    18:42:29.0033 4328 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    18:42:29.0049 4328 IDriverT - ok
    18:42:29.0268 4328 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    18:42:29.0283 4328 idsvc - ok
    18:42:29.0299 4328 igniteservice.exe - ok
    18:42:29.0346 4328 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    18:42:29.0346 4328 Imapi - ok
    18:42:29.0393 4328 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
    18:42:29.0393 4328 ImapiService - ok
    18:42:29.0408 4328 ini910u - ok
    18:42:30.0830 4328 IntcAzAudAddService (7c09d605fcae64e3cb11ebf90fb1e3a1) C:\WINDOWS\system32\drivers\RtkHDAud.sys
    18:42:30.0861 4328 IntcAzAudAddService - ok
    18:42:31.0580 4328 IntelIde - ok
    18:42:31.0643 4328 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    18:42:31.0674 4328 intelppm - ok
    18:42:31.0721 4328 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    18:42:31.0736 4328 Ip6Fw - ok
    18:42:31.0752 4328 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    18:42:31.0768 4328 IpFilterDriver - ok
    18:42:31.0799 4328 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    18:42:31.0799 4328 IpInIp - ok
    18:42:31.0971 4328 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    18:42:32.0002 4328 IpNat - ok
    18:42:32.0689 4328 iPod Service (ca1972397b845b2f53f5dc63c22fd98a) C:\Program Files\iPod\bin\iPodService.exe
    18:42:32.0768 4328 iPod Service - ok
    18:42:32.0814 4328 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    18:42:32.0846 4328 IPSec - ok
    18:42:32.0861 4328 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    18:42:32.0861 4328 IRENUM - ok
    18:42:32.0924 4328 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    18:42:32.0939 4328 isapnp - ok
    18:42:33.0002 4328 Iviaspi (f59c3569a2f2c464bb78cb1bdcdca55e) C:\WINDOWS\system32\drivers\iviaspi.sys
    18:42:33.0002 4328 Iviaspi - ok
    18:42:33.0143 4328 JavaQuickStarterService (9dba73c2f1e76ec4cb837e67c5743596) C:\Program Files\Java\jre6\bin\jqs.exe
    18:42:33.0158 4328 JavaQuickStarterService - ok
    18:42:33.0158 4328 JRAID - ok
    18:42:33.0174 4328 k750bus - ok
    18:42:33.0205 4328 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    18:42:33.0205 4328 Kbdclass - ok
    18:42:33.0283 4328 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    18:42:33.0299 4328 kbdhid - ok
    18:42:33.0314 4328 kerbkey - ok
    18:42:33.0502 4328 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    18:42:33.0502 4328 kmixer - ok
    18:42:33.0502 4328 kodakccs - ok
    18:42:33.0518 4328 KR10N - ok
    18:42:33.0768 4328 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    18:42:33.0768 4328 KSecDD - ok
    18:42:33.0877 4328 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
    18:42:33.0893 4328 lanmanserver - ok
    18:42:33.0986 4328 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
    18:42:34.0002 4328 lanmanworkstation - ok
    18:42:34.0002 4328 lbrtfdc - ok
    18:42:34.0018 4328 lgsnd_filter - ok
    18:42:34.0064 4328 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
    18:42:34.0080 4328 LmHosts - ok
    18:42:34.0502 4328 LMIGuardianSvc (850cc3ee0507654c40e1971982f4b698) C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
    18:42:34.0549 4328 LMIGuardianSvc - ok
    18:42:34.0549 4328 lmimirr - ok
    18:42:34.0564 4328 lxct_device - ok
    18:42:34.0627 4328 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
    18:42:34.0627 4328 MBAMProtector - ok
    18:42:34.0908 4328 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    18:42:35.0018 4328 MBAMService - ok
    18:42:35.0502 4328 mbr - ok
    18:42:35.0549 4328 mcafeeframework - ok
    18:42:35.0549 4328 McciCMService - ok
    18:42:35.0564 4328 mcdetect.exe - ok
    18:42:35.0564 4328 mclogmanagerservice - ok
    18:42:35.0721 4328 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe
    18:42:35.0721 4328 McrdSvc - ok
    18:42:35.0814 4328 meiudf (7efac183a25b30fb5d64cc9d484b1eb6) C:\WINDOWS\system32\Drivers\meiudf.sys
    18:42:35.0830 4328 meiudf - ok
    18:42:35.0877 4328 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
    18:42:35.0877 4328 Messenger - ok
    18:42:35.0908 4328 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll
    18:42:35.0908 4328 MHN - ok
    18:42:35.0939 4328 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
    18:42:35.0939 4328 MHNDRV - ok
    18:42:36.0002 4328 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    18:42:36.0002 4328 mnmdd - ok
    18:42:36.0033 4328 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
    18:42:36.0033 4328 mnmsrvc - ok
    18:42:36.0080 4328 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    18:42:36.0080 4328 Modem - ok
    18:42:36.0127 4328 motmodem (59f513e9a519a5fd6fa6b03d3aa8081b) C:\WINDOWS\system32\DRIVERS\motmodem.sys
    18:42:36.0127 4328 motmodem - ok
    18:42:36.0158 4328 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    18:42:36.0158 4328 Mouclass - ok
    18:42:36.0190 4328 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    18:42:36.0190 4328 mouhid - ok
    18:42:36.0236 4328 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    18:42:36.0252 4328 MountMgr - ok
    18:42:36.0408 4328 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    18:42:36.0408 4328 MozillaMaintenance - ok
    18:42:36.0424 4328 mozyFilter - ok
    18:42:36.0424 4328 mraid35x - ok
    18:42:36.0424 4328 mrvw245 - ok
    18:42:36.0471 4328 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    18:42:36.0471 4328 MRxDAV - ok
    18:42:36.0611 4328 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    18:42:36.0611 4328 MRxSmb - ok
    18:42:36.0674 4328 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
    18:42:36.0674 4328 MSDTC - ok
    18:42:36.0721 4328 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    18:42:36.0736 4328 Msfs - ok
    18:42:36.0736 4328 MSICPL - ok
    18:42:36.0736 4328 MSIServer - ok
    18:42:36.0768 4328 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    18:42:36.0768 4328 MSKSSRV - ok
    18:42:36.0768 4328 MSMQ - ok
    18:42:36.0799 4328 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    18:42:36.0799 4328 MSPCLOCK - ok
    18:42:36.0815 4328 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    18:42:36.0830 4328 MSPQM - ok
    18:42:36.0877 4328 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    18:42:36.0877 4328 mssmbios - ok
    18:42:36.0877 4328 mssql$microsoftsmlbiz - ok
    18:42:36.0924 4328 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    18:42:36.0924 4328 Mup - ok
    18:42:36.0924 4328 mwssched - ok
    18:42:36.0940 4328 mwstick - ok
    18:42:37.0033 4328 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
    18:42:37.0049 4328 napagent - ok
    18:42:37.0080 4328 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    18:42:37.0080 4328 NDIS - ok
    18:42:37.0143 4328 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    18:42:37.0143 4328 NdisTapi - ok
    18:42:37.0205 4328 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    18:42:37.0205 4328 Ndisuio - ok
    18:42:37.0221 4328 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    18:42:37.0236 4328 NdisWan - ok
    18:42:37.0268 4328 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    18:42:37.0268 4328 NDProxy - ok
    18:42:37.0315 4328 Netaapl (1352e1648213551923a0a822e441553c) C:\WINDOWS\system32\DRIVERS\netaapl.sys
    18:42:37.0315 4328 Netaapl - ok
    18:42:37.0393 4328 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    18:42:37.0393 4328 NetBIOS - ok
    18:42:37.0611 4328 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
    18:42:37.0627 4328 NetBT - ok
    18:42:37.0690 4328 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
    18:42:37.0690 4328 NetDDE - ok
    18:42:37.0705 4328 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
    18:42:37.0705 4328 NetDDEdsdm - ok
    18:42:37.0768 4328 Netdevio (1265eb253ed4ebe4acb3bd5f548ff796) C:\WINDOWS\system32\DRIVERS\netdevio.sys
    18:42:37.0768 4328 Netdevio - ok
    18:42:37.0861 4328 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    18:42:37.0861 4328 Netlogon - ok
    18:42:38.0096 4328 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
    18:42:38.0111 4328 Netman - ok
    18:42:38.0268 4328 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    18:42:38.0268 4328 NetTcpPortSharing - ok
    18:42:38.0596 4328 NETw3x32 (50f5de54e1d1646c02078f3eddc15a8e) C:\WINDOWS\system32\DRIVERS\NETw3x32.sys
    18:42:38.0690 4328 NETw3x32 - ok
    18:42:38.0986 4328 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
    18:42:38.0986 4328 NIC1394 - ok
    18:42:39.0049 4328 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
    18:42:39.0049 4328 Nla - ok
    18:42:39.0080 4328 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    18:42:39.0080 4328 Npfs - ok
    18:42:39.0252 4328 NSCService - ok
    18:42:39.0330 4328 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    18:42:39.0346 4328 Ntfs - ok
    18:42:39.0393 4328 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    18:42:39.0393 4328 NtLmSsp - ok
    18:42:39.0455 4328 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
    18:42:39.0471 4328 NtmsSvc - ok
    18:42:39.0518 4328 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
    18:42:39.0518 4328 NuidFltr - ok
    18:42:39.0565 4328 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    18:42:39.0565 4328 Null - ok
    18:42:40.0096 4328 nv (ac5267c71f72fb42511ed5790ba0e9f5) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    18:42:40.0283 4328 nv - ok
    18:42:40.0486 4328 NVSvc (3ab553f922fc8501bf2ee5407fc28c0f) C:\WINDOWS\system32\nvsvc32.exe
    18:42:40.0486 4328 NVSvc - ok
    18:42:40.0611 4328 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    18:42:40.0611 4328 NwlnkFlt - ok
    18:42:40.0643 4328 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    18:42:40.0643 4328 NwlnkFwd - ok
    18:42:40.0643 4328 obvious - ok
    18:42:40.0705 4328 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    18:42:40.0721 4328 ohci1394 - ok
    18:42:40.0721 4328 oracle_load_balancer_60_client-forms6ip9 - ok
    18:42:40.0846 4328 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    18:42:40.0846 4328 ose - ok
    18:42:40.0861 4328 parallel - ok
    18:42:40.0924 4328 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
    18:42:40.0940 4328 Parport - ok
    18:42:40.0986 4328 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    18:42:40.0986 4328 PartMgr - ok
    18:42:41.0065 4328 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    18:42:41.0065 4328 ParVdm - ok
    18:42:41.0080 4328 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    18:42:41.0111 4328 PCI - ok
    18:42:41.0111 4328 PCIDump - ok
    18:42:41.0127 4328 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
    18:42:41.0127 4328 PCIIde - ok
    18:42:41.0236 4328 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys
    18:42:41.0268 4328 Pcmcia - ok
    18:42:41.0268 4328 PDCOMP - ok
    18:42:41.0283 4328 PDFRAME - ok
    18:42:41.0283 4328 pdlncfwk - ok
    18:42:41.0299 4328 pdlnemap - ok
    18:42:41.0299 4328 PDRELI - ok
    18:42:41.0315 4328 PDRFRAME - ok
    18:42:41.0315 4328 perc2 - ok
    18:42:41.0330 4328 perc2hib - ok
    18:42:41.0377 4328 Pfc (444f122e68db44c0589227781f3c8b3f) C:\WINDOWS\system32\drivers\pfc.sys
    18:42:41.0377 4328 Pfc - ok
    18:42:41.0377 4328 PID_08A0 - ok
    18:42:41.0549 4328 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
    18:42:41.0549 4328 PlugPlay - ok
    18:42:41.0596 4328 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    18:42:41.0611 4328 PolicyAgent - ok
    18:42:41.0674 4328 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    18:42:41.0690 4328 PptpMiniport - ok
    18:42:41.0690 4328 procdd - ok
    18:42:41.0705 4328 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    18:42:41.0705 4328 ProtectedStorage - ok
    18:42:41.0721 4328 ps2 - ok
    18:42:41.0736 4328 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    18:42:41.0752 4328 PSched - ok
    18:42:41.0830 4328 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    18:42:41.0830 4328 Ptilink - ok
    18:42:41.0908 4328 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    18:42:41.0908 4328 PxHelp20 - ok
    18:42:41.0924 4328 qbposdbservices - ok
    18:42:41.0940 4328 ql1080 - ok
    18:42:41.0940 4328 Ql10wnt - ok
    18:42:41.0955 4328 ql12160 - ok
    18:42:41.0955 4328 ql1240 - ok
    18:42:41.0971 4328 ql1280 - ok
    18:42:41.0971 4328 RapiMgr - ok
    18:42:42.0002 4328 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    18:42:42.0033 4328 RasAcd - ok
    18:42:42.0111 4328 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
    18:42:42.0127 4328 RasAuto - ok
    18:42:42.0268 4328 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    18:42:42.0268 4328 Rasl2tp - ok
    18:42:42.0471 4328 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
    18:42:42.0518 4328 RasMan - ok
    18:42:42.0611 4328 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    18:42:42.0627 4328 RasPppoe - ok
    18:42:42.0690 4328 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    18:42:42.0690 4328 Raspti - ok
    18:42:42.0705 4328 raysatxsi5_0server - ok
    18:42:43.0002 4328 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    18:42:43.0018 4328 Rdbss - ok
    18:42:43.0049 4328 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    18:42:43.0049 4328 RDPCDD - ok
    18:42:43.0143 4328 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    18:42:43.0158 4328 rdpdr - ok
    18:42:43.0268 4328 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
    18:42:43.0268 4328 RDPWD - ok
    18:42:43.0315 4328 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
    18:42:43.0330 4328 RDSessMgr - ok
    18:42:43.0377 4328 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    18:42:43.0377 4328 redbook - ok
    18:42:43.0768 4328 RegSrvc (d8f61aaae73a1fbde6f538becc891f2f) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    18:42:43.0768 4328 RegSrvc - ok
    18:42:43.0815 4328 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
    18:42:43.0815 4328 RemoteAccess - ok
    18:42:43.0846 4328 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
    18:42:43.0846 4328 RemoteRegistry - ok
    18:42:43.0861 4328 retroexplauncher - ok
    18:42:43.0861 4328 REVO - ok
    18:42:43.0877 4328 REVOSENS - ok
    18:42:43.0877 4328 rnadirectory - ok
    18:42:43.0908 4328 Roxio UPnP Renderer 11 - ok
    18:42:43.0908 4328 roxupnprenderer - ok
    18:42:43.0955 4328 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
    18:42:43.0955 4328 RpcLocator - ok
    18:42:44.0018 4328 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
    18:42:44.0033 4328 RpcSs - ok
    18:42:44.0174 4328 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
    18:42:44.0190 4328 RSVP - ok
    18:42:44.0190 4328 s116bus - ok
    18:42:44.0471 4328 S24EventMonitor (25f697e3afa7b337bbcaddbce38e6934) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    18:42:44.0518 4328 S24EventMonitor - ok
    18:42:44.0565 4328 s24trans (2862adb14481ac28f98105ff33a99eb0) C:\WINDOWS\system32\DRIVERS\s24trans.sys
    18:42:44.0565 4328 s24trans - ok
    18:42:44.0596 4328 s616mdfl - ok
    18:42:44.0627 4328 s616obex - ok
    18:42:44.0690 4328 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    18:42:44.0690 4328 SamSs - ok
    18:42:44.0736 4328 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
    18:42:44.0736 4328 SCardSvr - ok
    18:42:44.0783 4328 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
    18:42:44.0799 4328 Schedule - ok
    18:42:44.0893 4328 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys
    18:42:44.0908 4328 sdbus - ok
    18:42:44.0924 4328 sdhelper - ok
    18:42:44.0955 4328 se44bus - ok
    18:42:44.0955 4328 se44mdfl - ok
    18:42:44.0971 4328 se58bus - ok
    18:42:44.0971 4328 se58mdfl - ok
    18:42:45.0018 4328 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    18:42:45.0018 4328 Secdrv - ok
    18:42:45.0049 4328 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
    18:42:45.0049 4328 seclogon - ok
    18:42:45.0065 4328 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\System32\sens.dll
    18:42:45.0065 4328 SENS - ok
    18:42:45.0174 4328 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
    18:42:45.0221 4328 Serial - ok
    18:42:45.0299 4328 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    18:42:45.0299 4328 Sfloppy - ok
    18:42:45.0502 4328 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
    18:42:45.0533 4328 SharedAccess - ok
    18:42:45.0596 4328 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    18:42:45.0596 4328 ShellHWDetection - ok
    18:42:45.0611 4328 Simbad - ok
    18:42:45.0611 4328 SiSRaid2 - ok
    18:42:45.0627 4328 SNTIE - ok
    18:42:45.0627 4328 Sparrow - ok
    18:42:45.0674 4328 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    18:42:45.0674 4328 splitter - ok
    18:42:45.0736 4328 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
    18:42:45.0736 4328 Spooler - ok
    18:42:45.0783 4328 sqlagent$sony_mediamgr - ok
    18:42:45.0783 4328 sqlagent$soshome22 - ok
    18:42:45.0846 4328 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    18:42:45.0861 4328 sr - ok
    18:42:45.0955 4328 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
    18:42:45.0955 4328 srservice - ok
    18:42:45.0971 4328 srtspx - ok
    18:42:46.0080 4328 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    18:42:46.0111 4328 Srv - ok
    18:42:46.0143 4328 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
    18:42:46.0158 4328 SSDPSRV - ok
    18:42:46.0158 4328 ssmdrv - ok
    18:42:46.0174 4328 ssm_mdfl - ok
    18:42:46.0174 4328 ss_bus - ok
    18:42:46.0315 4328 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
    18:42:46.0393 4328 stisvc - ok
    18:42:46.0393 4328 superproserver - ok
    18:42:46.0486 4328 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    18:42:46.0486 4328 swenum - ok
    18:42:46.0611 4328 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    18:42:46.0627 4328 swmidi - ok
    18:42:46.0643 4328 SwPrv - ok
    18:42:46.0643 4328 symc810 - ok
    18:42:46.0658 4328 symc8xx - ok
    18:42:46.0752 4328 SymEvent (403bd24fa5c55fc648abdd039629a954) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
    18:42:46.0768 4328 SymEvent - ok
    18:42:46.0783 4328 symidsco - ok
    18:42:46.0846 4328 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys
    18:42:46.0846 4328 symlcbrd - ok
    18:42:46.0861 4328 symndis - ok
    18:42:46.0861 4328 sym_hi - ok
    18:42:46.0877 4328 sym_u3 - ok
    18:42:46.0986 4328 SynTP (a6cc8c28d5aad4179ef32f05bed55e91) C:\WINDOWS\system32\DRIVERS\SynTP.sys
    18:42:47.0002 4328 SynTP - ok
    18:42:47.0143 4328 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    18:42:47.0143 4328 sysaudio - ok
    18:42:47.0221 4328 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
    18:42:47.0236 4328 SysmonLog - ok
    18:42:47.0455 4328 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
    18:42:47.0471 4328 TapiSrv - ok
    18:42:47.0721 4328 TAPPSRV (36772b5eaaaf42db5c5ee6eeb0ec0af7) C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
    18:42:47.0721 4328 TAPPSRV - ok
    18:42:47.0736 4328 tb2launch - ok
    18:42:47.0768 4328 TBiosDrv (1f26d86828039c0b594399f7f2ffef09) C:\WINDOWS\system32\Drivers\Tbiosdrv.sys
    18:42:47.0783 4328 TBiosDrv - ok
    18:42:48.0065 4328 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    18:42:48.0096 4328 Tcpip - ok
    18:42:48.0143 4328 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    18:42:48.0143 4328 TDPIPE - ok
    18:42:48.0158 4328 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    18:42:48.0158 4328 TDTCP - ok
    18:42:48.0205 4328 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    18:42:48.0205 4328 TermDD - ok
    18:42:48.0330 4328 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
    18:42:48.0361 4328 TermService - ok
    18:42:48.0518 4328 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    18:42:48.0518 4328 Themes - ok
    18:42:48.0627 4328 tifm21 (244cfbffdefb77f3df571a8cd108fc06) C:\WINDOWS\system32\drivers\tifm21.sys
    18:42:48.0643 4328 tifm21 - ok
    18:42:48.0690 4328 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
    18:42:48.0705 4328 TlntSvr - ok
    18:42:48.0705 4328 tomcatcws3 - ok
    18:42:48.0705 4328 TosIde - ok
    18:42:48.0736 4328 tosrfec (cc069342ee0eae55b32a0ae99cf6185c) C:\WINDOWS\system32\DRIVERS\tosrfec.sys
    18:42:48.0736 4328 tosrfec - ok
    18:42:48.0752 4328 TPECioCtl - ok
    18:42:48.0861 4328 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
    18:42:48.0861 4328 TrkWks - ok
    18:42:48.0877 4328 tunnelguardservice - ok
    18:42:48.0924 4328 TVALD (676db15ddf2e0ff6ec03068dea428b8b) C:\WINDOWS\system32\DRIVERS\NBSMI.sys
    18:42:48.0924 4328 TVALD - ok
    18:42:48.0940 4328 Tvs (546dfba6486569120d33f7ad6e94efdd) C:\WINDOWS\system32\DRIVERS\Tvs.sys
    18:42:48.0955 4328 Tvs - ok
    18:42:49.0018 4328 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    18:42:49.0033 4328 Udfs - ok
    18:42:49.0049 4328 ufad-ws60 - ok
    18:42:49.0049 4328 ultra - ok
    18:42:49.0143 4328 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    18:42:49.0174 4328 Update - ok
    18:42:49.0330 4328 uploadmgr (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    18:42:49.0330 4328 uploadmgr - ok
    18:42:49.0393 4328 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
    18:42:49.0408 4328 upnphost - ok
    18:42:49.0455 4328 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
    18:42:49.0471 4328 UPS - ok
    18:42:49.0518 4328 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys
    18:42:49.0518 4328 USBAAPL - ok
    18:42:49.0565 4328 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
    18:42:49.0580 4328 usbaudio - ok
    18:42:49.0611 4328 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    18:42:49.0627 4328 usbccgp - ok
    18:42:49.0627 4328 usbcm - ok
    18:42:49.0674 4328 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    18:42:49.0721 4328 usbehci - ok
    18:42:49.0783 4328 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    18:42:49.0783 4328 usbhub - ok
    18:42:49.0830 4328 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    18:42:49.0830 4328 usbscan - ok
    18:42:49.0861 4328 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    18:42:49.0877 4328 USBSTOR - ok
    18:42:49.0924 4328 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    18:42:49.0940 4328 usbuhci - ok
    18:42:49.0940 4328 UVCFTR - ok
    18:42:49.0955 4328 UxTuneUp - ok
    18:42:49.0986 4328 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    18:42:49.0986 4328 VgaSave - ok
    18:42:50.0002 4328 ViaIde - ok
    18:42:50.0033 4328 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
    18:42:50.0049 4328 VolSnap - ok
    18:42:50.0096 4328 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
    18:42:50.0111 4328 VSS - ok
    18:42:50.0752 4328 vToolbarUpdater11.2.0 (8ed347bad8d1fb7c40b593bfb01786d2) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
    18:42:50.0908 4328 vToolbarUpdater11.2.0 - ok
    18:42:50.0908 4328 vxsvc - ok
    18:42:50.0924 4328 w300mdm - ok
    18:42:51.0002 4328 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
    18:42:51.0018 4328 W32Time - ok
    18:42:51.0049 4328 w810bus - ok
    18:42:51.0190 4328 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    18:42:51.0190 4328 Wanarp - ok
    18:42:51.0190 4328 wcontrol - ok
    18:42:51.0361 4328 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
    18:42:51.0377 4328 Wdf01000 - ok
    18:42:51.0393 4328 WDICA - ok
    18:42:51.0440 4328 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    18:42:51.0486 4328 wdmaud - ok
    18:42:51.0580 4328 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
    18:42:51.0596 4328 WebClient - ok
    18:42:51.0596 4328 websenseclientdeployservice - ok
    18:42:51.0768 4328 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
    18:42:51.0799 4328 winmgmt - ok
    18:42:51.0815 4328 winpower - ok
    18:42:52.0049 4328 WLSetupSvc (94a85e956a065e23e0010a6a7826243b) C:\Program Files\Windows Live\installer\WLSetupSvc.exe
    18:42:52.0080 4328 WLSetupSvc - ok
    18:42:52.0111 4328 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
    18:42:52.0111 4328 WmdmPmSN - ok
    18:42:52.0502 4328 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
    18:42:52.0518 4328 Wmi - ok
    18:42:52.0596 4328 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
    18:42:52.0596 4328 WmiApSrv - ok
    18:42:52.0893 4328 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
    18:42:52.0908 4328 WMPNetworkSvc - ok
    18:42:52.0924 4328 WmXlCore - ok
    18:42:53.0002 4328 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
    18:42:53.0002 4328 WS2IFSL - ok
    18:42:53.0033 4328 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
    18:42:53.0033 4328 wuauserv - ok
    18:42:53.0096 4328 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    18:42:53.0096 4328 WudfPf - ok
    18:42:53.0111 4328 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    18:42:53.0143 4328 WudfRd - ok
    18:42:53.0174 4328 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
    18:42:53.0174 4328 WudfSvc - ok
    18:42:53.0440 4328 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
    18:42:53.0455 4328 WZCSVC - ok
    18:42:53.0471 4328 X10UIF - ok
    18:42:53.0533 4328 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
    18:42:53.0533 4328 xmlprov - ok
    18:42:53.0549 4328 YahooAUService - ok
    18:42:53.0549 4328 ZDCNDIS5 - ok
    18:42:53.0580 4328 MBR (0x1B8) (09ce7397af23d4c0b331b89d0297cc7e) \Device\Harddisk0\DR0
    18:42:54.0236 4328 \Device\Harddisk0\DR0 - ok
    18:42:54.0268 4328 Boot (0x1200) (5873cdebd4162c7aa0143fc0177e18e0) \Device\Harddisk0\DR0\Partition0
    18:42:54.0268 4328 \Device\Harddisk0\DR0\Partition0 - ok
    18:42:54.0299 4328 Boot (0x1200) (431159caab94db8ad800b6ed5ac8e146) \Device\Harddisk0\DR0\Partition1
    18:42:54.0299 4328 \Device\Harddisk0\DR0\Partition1 - ok
    18:42:54.0315 4328 ============================================================
    18:42:54.0315 4328 Scan finished
    18:42:54.0315 4328 ============================================================
    18:42:54.0315 4320 Detected object count: 0
    18:42:54.0315 4320 Actual detected object count: 0
    randy, Jul 19, 2012
    #54

  15. Broni Malware Annihilator Posts: 40,022   +187

    Please download ComboFix from Here, Here or Here to your Desktop.

    **Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
    • Never rename Combofix unless instructed.
    • Close any open browsers.
    • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    • Double click on combofix.exe & follow the prompts.

    • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
      NOTE 2. If Combofix asks you to update the program, always do so.
    • When finished, it will produce a report for you.
    • Please post the "C:\ComboFix.txt"
    **Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
    **Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
    Use AppRemover to uninstall it: http://www.appremover.com/
    We can reinstall it when we're done with CF.
    **Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
    **Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


    Make sure, you re-enable your security programs, when you're done with Combofix.

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    NOTE.
    If, for some reason, Combofix refuses to run, try one of the following:

    1. Run Combofix from Safe Mode.

    2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
    Do NOT run it yet.
    Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
    There are 4 different versions. If one of them won't run then download and try to run the other one.
    Vista and Win7 users need to right click Rkill and choose Run as Administrator
    You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

    * Rkill.com
    * Rkill.scr
    * Rkill.exe
    • Double-click on the Rkill icon to run the tool.
    • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • Do not reboot until instructed.
    • If the tool does not run from any of the links provided, please let me know.
    Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

    If normal mode still doesn't work, run BOTH tools from safe mode.

    In case #2, please post BOTH logs, rKill and Combofix.

    DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!
    Broni, Jul 19, 2012
    #55

  16. randy Newcomer, in training Posts: 79

    looks like Norton internet security 2006 is running. but I cant locate where it is. I did a search and it says there is an error and it says report or dont send..? combofix is warning I continue at my own risk..what now?
    randy, Jul 19, 2012
    #56

  17. Broni Malware Annihilator Posts: 40,022   +187

    Go on and run it.
    Broni, Jul 19, 2012
    #57

  18. randy Newcomer, in training Posts: 79

    Combofix seems stuck. Deleting folders: has 5 folders listed. Been a while just sitting there, I am on my Androidms stuck, although
    randy, Jul 19, 2012
    #58

  19. Broni Malware Annihilator Posts: 40,022   +187

    Restart to safe mode and try from there.
    Broni, Jul 19, 2012
    #59

  20. randy Newcomer, in training Posts: 79

    Sorry Bronx..I can't seem to figure out how..
    randy, Jul 19, 2012
    #60
Page 3 of 7

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...

Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.