Inactive Monitor goes black

M

MontanaGallery

Posts: 16   +0
My name is Cyndy. I use this computer daily. It is part of a network of computers in our home.

This computer has slowly lost functionality of Internet Explorer. When online, pages do not load with colors and layout as source code is written. Most web pages load without color, only white, on any given site and text boxes with links often appear on top of each other making it impossible to click to a link. It is impossible to fill out forms such as US Postal website for creating labels for shipping.

Then the problem became worse. The monitor began to flicker then began flashing black and to the screen. I replaced the monitor only to have the same issue re-occur. Hooking up an additional monitor to the computer enabled me to work to back up my files recently created, however, I discovered, after shutting down computer and leaving it off for a couple days, then turning it back on to try to back up some files that the original monitor would work again. Sometimes the monitor will randomly respond as if it is burning out, other times it will remain on and the monitor functions normally for a long period of time.

I found some malware that I removed, but have not been able to correct the issues I have described. I am hopeful that it was a malware issue that has shut off the monitor. I have tried to update the driver for the monitor as well as other drivers. I cannot restore to previous time either.

Most programs that I have attempted to download to run malware scans have been blocked from downloading or running. Those that do download, find no issues.

I replaced this computer in the network with my laptop, only to find the monitor black as well. I am leary of installing any new computer on the network until the issue can be identified and resolved. Any help to correct issues would be greatly appreciated.



I have followed the UPDATED 5-step Viruses/Spyware/Malware Preliminary Removal Instructions and included the results of the scans.


GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-07-16 11:44:38
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD800BB-75JHC0 rev.06.01C06
Running: hbkc4b8e.exe; Driver: C:\DOCUME~1\FRONTD~1\LOCALS~1\Temp\uxlyapow.sys

---- System - GMER 1.0.15 ----
SSDT 86941E58 ZwAlertResumeThread
SSDT 86BC6A80 ZwAlertThread
SSDT 86A27EA0 ZwAllocateVirtualMemory
SSDT 86A07790 ZwAssignProcessToJobObject
SSDT 86C0FA08 ZwConnectPort
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xF62A1980]
SSDT 86BC4AF8 ZwCreateMutant
SSDT 86A289B8 ZwCreateSymbolicLinkObject
SSDT 86A36F28 ZwCreateThread
SSDT 86BA9AD0 ZwDebugActiveProcess
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xF62A1C00]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xF62A1F10]
SSDT 86BBD380 ZwDuplicateObject
SSDT 86A08828 ZwFreeVirtualMemory
SSDT 86BC6920 ZwImpersonateAnonymousToken
SSDT 86BC6958 ZwImpersonateThread
SSDT 86BAF290 ZwLoadDriver
SSDT 86A08728 ZwMapViewOfSection
SSDT 86BC4A18 ZwOpenEvent
SSDT 86BDA3F0 ZwOpenProcess
SSDT 86A27F90 ZwOpenProcessToken
SSDT 86BC3578 ZwOpenSection
SSDT 86BBD450 ZwOpenThread
SSDT 86A076C0 ZwProtectVirtualMemory
SSDT 86BE7CD0 ZwResumeThread
SSDT 86C16BD0 ZwSetContextThread
SSDT 86BC1AF0 ZwSetInformationProcess
SSDT 86BA9BB0 ZwSetSystemInformation
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xF62A2160]
SSDT 86BC35F0 ZwSuspendProcess
SSDT 86BE7DB0 ZwSuspendThread
SSDT 86BD9970 ZwTerminateProcess
SSDT 86C16AF0 ZwTerminateThread
SSDT 86BC1BE0 ZwUnmapViewOfSection
SSDT 86A0BDA0 ZwWriteVirtualMemory
---- Kernel code sections - GMER 1.0.15 ----
? SYMDS.SYS The system cannot find the file specified. !
? SYMEFA.SYS The system cannot find the file specified. !
init C:\WINDOWS\system32\drivers\senfilt.sys entry point in "init" section [0xF5D53F80]
? C:\DOCUME~1\FRONTD~1\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !
? C:\DOCUME~1\FRONTD~1\LOCALS~1\Temp\uxlyapog.sys The system cannot find the file specified. !
---- User code sections - GMER 1.0.15 ----
.text C:\program files\real\realplayer\update\realsched.exe[2036] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E1DF4C9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E354846 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3547C7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E35480B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E354753 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E35478D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!DialogBoxIndirectParamA 7E456D7D 1 Byte [E9]
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E354881 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E20177A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] ole32.dll!OleLoadFromStream 7752983B 5 Bytes JMP 3E354A43 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device B040AD20
AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device Cdfs.SYS (CD-ROM File System Driver/Microsoft Corporation)
Device DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
---- Files - GMER 1.0.15 ----
File C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\NCW\ncwfoim.db-journal 0 bytes
---- EOF - GMER 1.0.15 ----
[FONT=Times New Roman].
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.5730.13
Run by Front Desk User at 16:52:20 on 2012-07-13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.395 [GMT -6:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\HitmanPro\hmpsched.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Dell Network Assistant\hnm_svc.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.google.com/hws/sb/dell-inc/en/side.html?channel=us
uStart Page = hxxp://www.google.com/
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\19.1.0.28\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\19.1.0.28\ips\IPSBHO.DLL
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - No File
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\19.1.0.28\coIEPlg.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [InstallIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun
mRun: [ClamWin] "c:\program files\clamwin\bin\ClamTray.exe" --logon
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Info Center] c:\program files\pcpitstop\info center\InfoCenter.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
uPolicies-explorer: NoViewOnDrive = 0 (0x0)
uPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
uPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
uPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
uPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
uPolicies-explorer: NoFile = 0 (0x0)
uPolicies-explorer: HideClock = 0 (0x0)
uPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
uPolicies-explorer: NoDFSTab = 0 (0x0)
uPolicies-explorer: NoWindowsUpdate = 0 (0x0)
uPolicies-explorer: NoEncryptOnMove = 0 (0x0)
uPolicies-explorer: NoResolveTrack = 0 (0x0)
uPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
uPolicies-system: NoDispAppearancePage = 0 (0x0)
uPolicies-system: NoDispSettingsPage = 0 (0x0)
mPolicies-explorer: NoViewOnDrive = 0 (0x0)
mPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
mPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
mPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
mPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
mPolicies-explorer: NoFile = 0 (0x0)
mPolicies-explorer: HideClock = 0 (0x0)
mPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
mPolicies-explorer: NoDFSTab = 0 (0x0)
mPolicies-explorer: NoWindowsUpdate = 0 (0x0)
mPolicies-explorer: NoEncryptOnMove = 0 (0x0)
mPolicies-explorer: NoResolveTrack = 0 (0x0)
mPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
mPolicies-system: NoDispAppearancePage = 0 (0x0)
mPolicies-system: NoDispSettingsPage = 0 (0x0)
dPolicies-explorer: NoViewOnDrive = 0 (0x0)
dPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
dPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
dPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
dPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
dPolicies-explorer: NoFile = 0 (0x0)
dPolicies-explorer: HideClock = 0 (0x0)
dPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
dPolicies-explorer: NoDFSTab = 0 (0x0)
dPolicies-explorer: NoWindowsUpdate = 0 (0x0)
dPolicies-explorer: NoEncryptOnMove = 0 (0x0)
dPolicies-explorer: NoResolveTrack = 0 (0x0)
dPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
dPolicies-system: NoDispAppearancePage = 0 (0x0)
dPolicies-system: NoDispSettingsPage = 0 (0x0)
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - hxxps://picasaweb.google.com/s/v/71.37/uploader2.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1343579813000
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342196884379
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages =
.
============= SERVICES / DRIVERS ===============
.
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1301000.01c\SymDS.sys [2012-7-21 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1301000.01c\SymEFA.sys [2012-7-21 897656]
R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\bashdefs\20120804.001\BHDrvx86.sys [2012-8-8 821920]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1301000.01c\ccSetx86.sys [2012-7-21 132744]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1301000.01c\Ironx86.sys [2012-7-21 149624]
R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\hitmanpro\hmpsched.exe [2012-7-21 105832]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-7-12 399432]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-7-12 676936]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.1.0.28\ccSvcHst.exe [2012-7-21 138760]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-10 106656]
R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\ipsdefs\20120809.001\IDSXpx86.sys [2012-8-9 369632]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-7-12 22856]
R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\virusdefs\20120810.001\NAVENG.SYS [2012-8-10 87928]
R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\virusdefs\20120810.001\NAVEX15.SYS [2012-8-10 1589752]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-19 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-29 250056]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-19 135664]
S3 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\pcpitstop\PCPitstopScheduleService.exe [2012-1-4 91816]
.
=============== File Associations ===============
.
JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
.
=============== Created Last 30 ================
.
2012-10-08 17:07:59 155648 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-10-08 17:07:59 143360 ----a-w- c:\windows\system32\igfxpph.dll
2012-10-08 17:07:58 57344 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-10-08 17:07:56 73728 ----a-w- c:\windows\system32\hccutils.dll
2012-10-08 17:07:54 876666 ----a-w- c:\windows\system32\ialmdd5.dll
2012-10-08 17:07:52 194298 ----a-w- c:\windows\system32\ialmdev5.dll
2012-10-08 17:07:51 110203 ----a-w- c:\windows\system32\ialmdnt5.dll
2012-10-08 17:07:50 38014 ----a-w- c:\windows\system32\ialmrnt5.dll
2012-10-08 17:07:49 830684 ----a-w- c:\windows\system32\drivers\ialmnt5.sys
2012-09-26 20:14:24 -------- d-----w- c:\documents and settings\front desk user\application data\FinalMediaPlayer
2012-08-14 15:03:13 114688 ----a-w- c:\windows\system32\SET5A.tmp
2012-08-14 15:03:12 900218 ----a-w- c:\windows\system32\SET26.tmp
2012-08-14 15:03:12 77824 ----a-w- c:\windows\system32\SET54.tmp
2012-08-14 15:03:12 73728 ----a-w- c:\windows\system32\SET35.tmp
2012-08-14 15:03:12 57344 ----a-w- c:\windows\system32\SET38.tmp
2012-08-14 15:03:12 36990 ----a-w- c:\windows\system32\SET1D.tmp
2012-08-14 15:03:12 213274 ----a-w- c:\windows\system32\SET23.tmp
2012-08-14 15:03:12 1503232 ----a-w- c:\windows\system32\SET57.tmp
2012-08-14 15:03:12 147456 ----a-w- c:\windows\system32\SET3E.tmp
2012-08-14 15:03:12 118395 ----a-w- c:\windows\system32\SET20.tmp
2012-08-14 14:34:19 -------- d-----w- c:\program files\SystemRequirementsLab
2012-08-03 18:35:27 -------- d-----w- c:\program files\Free Window Registry Repair
2012-07-27 20:51:30 184248 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2012-07-21 23:31:21 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
2012-07-21 23:31:21 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2012-07-21 23:31:20 -------- d-----w- c:\program files\Symantec
2012-07-21 23:29:28 -------- d-----w- c:\program files\NortonInstaller
2012-07-21 23:13:00 -------- d-----w- c:\program files\HitmanPro
2012-07-21 23:12:02 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro
2012-07-21 22:10:05 -------- d-----w- c:\documents and settings\front desk user\application data\Malwarebytes
2012-07-21 22:09:50 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2012-07-21 19:55:31 -------- d-----w- c:\documents and settings\all users\application data\6F63A59FF10D56B7157AAD037B07D329
2012-07-21 19:54:46 -------- d-----w- c:\documents and settings\front desk user\application data\Kaix
2012-07-21 19:54:46 -------- d-----w- c:\documents and settings\front desk user\application data\Fydu
2012-07-15 17:59:13 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-07-13 17:43:52 -------- d-----w- c:\documents and settings\front desk user\local settings\application data\Avg2013
2012-07-13 17:43:50 -------- d-----w- c:\documents and settings\front desk user\local settings\application data\MFAData
2012-07-12 17:32:50 711240 ----a-w- c:\windows\isRS-000.tmp
2012-07-12 17:07:55 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-12 17:07:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-11 23:14:27 -------- d-----w- c:\program files\Trend Micro
2012-07-11 22:57:58 -------- d-----w- c:\windows\system32\CatRoot2
2012-07-11 22:10:40 5632 ----a-w- c:\windows\system32\wbem\snmp\smimsgif.dll
2012-07-11 22:10:40 5632 ----a-w- c:\windows\system32\wbem\snmp\smierrsy.dll
2012-07-11 22:10:40 5632 ----a-w- c:\windows\system32\dllcache\smimsgif.dll
2012-07-11 22:10:40 5632 ----a-w- c:\windows\system32\dllcache\smierrsy.dll
2012-07-11 22:10:40 15872 ----a-w- c:\windows\system32\wbem\snmp\smierrsm.dll
2012-07-11 22:10:40 15872 ----a-w- c:\windows\system32\dllcache\smierrsm.dll
2012-07-11 22:10:40 10240 ----a-w- c:\windows\system32\wbem\snmpstup.dll
2012-07-11 22:10:40 10240 ----a-w- c:\windows\system32\dllcache\snmpstup.dll
2012-07-11 22:00:51 -------- d-----w- c:\program files\CheckPoint
2012-07-11 22:00:49 -------- d-----w- c:\documents and settings\all users\application data\CheckPoint
2012-07-11 21:53:48 429928 ----a-r- c:\windows\system32\hpinkstsa011.dll
2012-07-11 21:53:48 270696 ----a-r- c:\windows\system32\hpinkstsa011LM.dll
2012-07-11 21:53:48 216424 ----a-r- c:\windows\system32\hpinkcoia011.dll
2012-07-11 21:45:14 1929576 ----a-r- c:\windows\system32\HPScanTRDrv_DJ3050A_J611.dll
2012-07-11 21:45:13 488296 ----a-r- c:\windows\system32\HPWia1_DJ3050A_J611.dll
2012-07-11 19:59:06 135168 ----a-w- c:\windows\system32\igfxres.dll
2012-07-11 19:44:03 -------- d-----w- c:\windows\system32\vmm32
.
==================== Find3M ====================
.
2012-09-19 16:59:24 2241 ----a-w- c:\windows\panose.bin
2012-08-16 20:32:11 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-16 20:32:11 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-04 23:35:26 222448 ----a-w- c:\windows\system32\muweb.dll
2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 21:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 21:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 21:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 21:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 21:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 21:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 21:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-01 15:55:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-15 15:39:54 832512 ----a-w- c:\windows\system32\wininet.dll
2012-05-04 13:12:30 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32:19 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46:36 139656 ------w- c:\windows\system32\drivers\rdpwd.sys
2012-04-23 14:46:47 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-04-23 14:46:47 1830912 ------w- c:\windows\system32\inetcpl.cpl
2012-04-23 14:46:47 17408 ----a-w- c:\windows\system32\corpol.dll
.
============= FINISH: 16:54:24.37 ===============
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org[/FONT]
[FONT=Times New Roman]Database version: v2012.09.07.13[/FONT]
[FONT=Times New Roman]Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Front Desk User :: D8T63P91 [administrator][/FONT]
[FONT=Times New Roman]9/26/2012 3:22:12 PM
mbam-log-2012-09-26 (15-22-12).txt[/FONT]
[FONT=Times New Roman]Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 281718
Time elapsed: 1 hour(s), 27 minute(s), 21 second(s)[/FONT]
[FONT=Times New Roman]Memory Processes Detected: 0
(No malicious items detected)[/FONT]
[FONT=Times New Roman]Memory Modules Detected: 0
(No malicious items detected)[/FONT]
[FONT=Times New Roman]Registry Keys Detected: 0
(No malicious items detected)[/FONT]
[FONT=Times New Roman]Registry Values Detected: 0
(No malicious items detected)[/FONT]
[FONT=Times New Roman]Registry Data Items Detected: 0
(No malicious items detected)[/FONT]
[FONT=Times New Roman]Folders Detected: 0
(No malicious items detected)[/FONT]
[FONT=Times New Roman]Files Detected: 0
(No malicious items detected)[/FONT]
[FONT=Times New Roman](end)[/FONT]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 4/13/2006 4:26:41 PM
System Uptime: 7/13/2012 11:48:35 AM (5 hours ago)
.
Motherboard: Dell Computer Corp. | | 0WF887
Processor: Intel(R) Celeron(R) CPU 2.53GHz | Microprocessor | 2527/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 71 GiB total, 30.696 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP2258: 9/12/2012 11:07:51 AM - System Checkpoint
RP2259: 9/13/2012 11:58:39 AM - System Checkpoint
RP2260: 9/14/2012 12:58:40 PM - System Checkpoint
RP2261: 9/15/2012 1:58:40 PM - System Checkpoint
RP2262: 9/16/2012 2:58:40 PM - System Checkpoint
RP2263: 9/17/2012 2:59:45 PM - System Checkpoint
RP2264: 9/18/2012 3:58:41 PM - System Checkpoint
RP2265: 9/19/2012 4:59:47 PM - System Checkpoint
RP2266: 9/20/2012 5:59:47 PM - System Checkpoint
RP2267: 9/21/2012 6:58:42 PM - System Checkpoint
RP2268: 9/22/2012 7:58:41 PM - System Checkpoint
RP2269: 9/23/2012 8:58:42 PM - System Checkpoint
RP2270: 9/24/2012 9:36:58 PM - System Checkpoint
RP2271: 9/25/2012 10:36:59 PM - System Checkpoint
RP2272: 9/26/2012 12:17:05 PM - Removed Google Drive
RP2273: 9/27/2012 1:08:31 PM - System Checkpoint
RP2274: 10/4/2012 9:05:22 AM - System Checkpoint
RP2275: 10/5/2012 9:51:37 AM - System Checkpoint
RP2276: 10/6/2012 10:40:13 AM - System Checkpoint
RP2277: 10/7/2012 11:40:14 AM - System Checkpoint
RP2278: 10/8/2012 10:38:05 AM - Restore Operation
RP2279: 7/8/2012 12:05:35 PM - System Checkpoint
RP2280: 7/9/2012 12:52:38 PM - System Checkpoint
RP2281: 7/10/2012 1:45:54 PM - System Checkpoint
RP2282: 7/11/2012 1:44:00 PM - Installed Dell Resource CD
RP2283: 7/11/2012 1:59:53 PM - Installed Dell System Software
RP2284: 7/11/2012 2:00:07 PM - Installed Desktop System Software
RP2285: 7/11/2012 4:57:18 PM - Installed Microsoft Fix it 50528
RP2286: 7/12/2012 5:23:23 PM - System Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Adobe Flash Player 11 ActiveX
Adobe Illustrator CS
Adobe PageMaker 6.5
Adobe Photoshop 7.0
Adobe Reader X (10.1.4)
Adobe SVG Viewer 3.0
AIO_Scan
AOLIcon
Apple Application Support
Apple Software Update
ArtRage 2
Banctec Service Agreement
BufferChm
CCleaner
ClamWin Free Antivirus 0.97
Conexant D850 PCI V.92 Modem
Copy
Corel Paint Shop Pro X
CustomerResearchQFolder
Dell CinePlayer
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Network Assistant
Dell Resource CD
Dell System Restore
DellSupport
Destinations
DeviceManagementQFolder
Digital Content Portal
Digital Line Detect
DJ_AIO_ProductContext
DJ_AIO_Software
DJ_AIO_Software_min
EarthLink setup files
EducateU
ELIcon
eSupportQFolder
F2100
F2100_Help
FOX News Live Stream
Free File Opener v2011.6.0.4
Free Window Registry Repair
Google Update Helper
HijackThis 2.0.2
HitmanPro 3.6
Hotfix for Windows XP (KB2633952)
HP Customer Participation Program 8.0
HP Deskjet All-In-One Software 8.0
HP Imaging Device Functions 8.0
HP Photosmart Essential
HP Product Assistant
HP Smart Web Printing 4.60
HP Solution Center 8.0
HP Update
HPProductAssistant
HPSSupply
Info Center 1.0.0.7
InstallIQ Updater
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet for Wired Connections
InVision 3.0
Java Auto Updater
Java(TM) 6 Update 29
Learn2 Player (Uninstall Only)
Malwarebytes Anti-Malware version 1.65.0.1400
MapSource
MarketResearch
MCU
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Professional
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Modem Helper
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Musicmatch® Jukebox
Nero Suite
NetWaiting
Norton Internet Security
OverDrive Media Console
PC Matic 1.1.0.44
QuickBooks Premier: Retail Edition 2004
QuickTime
QuickTime for Windows (32-bit)
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Roxio DLA
Roxio RecordNow Audio
Roxio RecordNow Copy
Roxio RecordNow Data
Scan
Search Assist
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB2586448)
Security Update for Windows Internet Explorer 7 (KB2618444)
Security Update for Windows Internet Explorer 7 (KB2647516)
Security Update for Windows Internet Explorer 7 (KB2675157)
Security Update for Windows Internet Explorer 7 (KB2699988)
Security Update for Windows Media Player (KB911564)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2718523)
SmartWebPrinting
SolutionCenter
Sonic Activation Module
Sonic Update Manager
Status
System Requirements Lab for Intel
Terragen
Terragen 2 Technology Preview
Toolbox
TrayApp
UnloadSupport
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
URL Assistant
Viewpoint Media Player
WebCyberCoach 3.2 Dell
WebFldrs XP
WebReg
WildTangent Web Driver
Windows Driver Package - Conexant (winachsf) Modem (07/03/2007 7.67.00.50)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows XP Service Pack 3
Xerox Phaser 860
ZoneAlarm Free Antivirus + Firewall
.
==== Event Viewer Messages From Past Week ========
.
9/26/2012 12:17:20 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
7/12/2012 5:30:13 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NIS service.
7/12/2012 11:12:23 AM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
7/12/2012 11:11:50 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
7/11/2012 2:04:45 PM, error: NtServicePack [4375] - Windows XP Service Pack 3 uninstall failed.
The system cannot find the file specified.
10/8/2012 11:10:03 AM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period.
10/8/2012 10:22:38 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
10/8/2012 10:13:31 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx86 ccSet_NIS eeCtrl Fips intelppm SRTSPX SymIRON SYMTDI
10/8/2012 10:12:25 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10/4/2012 8:37:51 AM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
.
==== End Of File ===========================
 
Hello, and welcome to TechSpot.


rulesx.png
Please see here for the board rules and other FAQ.

Please feel free to introduce yourself, after you follow the steps below to get started.

Information
  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • If you have already asked for help somewhere, please post the link to the topic you were helped.
  • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

ComboFix scan

Please download ComboFix
combofix.gif
by sUBs
From BleepingComputer.com

Please save the file to your Desktop.

Important information about ComboFix


After the download:
  • Close any open browsers.
  • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
  • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.
Running ComboFix:
  • Double click on ComboFix.exe & follow the prompts.
  • When ComboFix finishes, it will produce a report for you.
  • Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.
Troubleshooting ComboFix

Safe Mode:

If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

(To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
logo appears. A list of options will appear, select "Safe Mode.")

Re-downloading:

If this doesn't work either, try the same method (above method), but try to download it again, except name
ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.
 
ComboFix 12-10-16.02 - Front Desk User 07/16/2012 16:56:53.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.719 [GMT -6:00]
Running from: c:\documents and settings\Front Desk User\Desktop\ComboFix.exe
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Front Desk User\Application Data\.#
c:\documents and settings\Front Desk User\Application Data\.#\MBX@E54@3F3F70.###
c:\documents and settings\Front Desk User\Application Data\.#\MBX@E54@3F3FA0.###
c:\documents and settings\Front Desk User\Application Data\Kaix
c:\documents and settings\Front Desk User\Application Data\Kaix\yvygi.neg
c:\documents and settings\Front Desk User\Application Data\PriceGong
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\1.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\a.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\b.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\c.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\d.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\e.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\f.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\g.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\h.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\I.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\J.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\k.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\l.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\m.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\n.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\o.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\p.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\q.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\r.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\s.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\t.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\u.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\v.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\w.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\x.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\y.xml
c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\z.xml
c:\documents and settings\Front Desk User\WINDOWS
C:\Images
c:\windows\system32\SET1D.tmp
c:\windows\system32\SET20.tmp
c:\windows\system32\SET23.tmp
c:\windows\system32\SET26.tmp
c:\windows\system32\SET35.tmp
c:\windows\system32\SET38.tmp
c:\windows\system32\SET3E.tmp
c:\windows\system32\SET50.tmp
c:\windows\system32\SET54.tmp
c:\windows\system32\SET57.tmp
c:\windows\system32\SET5A.tmp
c:\windows\system32\SET5C.tmp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\wt
c:\windows\wt\data.wts
c:\windows\wt\updater\wt.ini
c:\windows\wt\webdriver.dll
c:\windows\wt\webdriver\4.1.1\actorobject.dll
c:\windows\wt\webdriver\4.1.1\dx5drv.dll
c:\windows\wt\webdriver\4.1.1\dx7drv.dll
c:\windows\wt\webdriver\4.1.1\objectbundle.dll
c:\windows\wt\webdriver\4.1.1\sound.dll
c:\windows\wt\webdriver\4.1.1\wdcaps.ded
c:\windows\wt\webdriver\4.1.1\wdengine.dll
c:\windows\wt\webdriver\4.1.1\webdriver.dll
c:\windows\wt\webdriver\4.1.1\wthost.exe
c:\windows\wt\webdriver\4.1.1\wthostctl.dll
c:\windows\wt\webdriver\4.1.1\wtmulti.dll
c:\windows\wt\webdriver\4.1.1\wtmulti.jar
c:\windows\wt\webdriver\4.1.1\wtwmplug.ax
c:\windows\wt\webdriver\4.1.1\wtwmplug.ini
c:\windows\wt\webdriver\jdriver.dll
c:\windows\wt\webdriver\rdriver.dll
c:\windows\wt\webdriver\wildtangent.jar
c:\windows\wt\wt3d.dll
c:\windows\wt\wt3d.ini
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\controlpanel\index.html
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302.dll
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302Java.jar
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\jDRM0302.dll
c:\windows\wt\wtupdates\DRM\3.2.0.19\files\rDRM0302.dll
c:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302.cdanfo
c:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302_Uninstall.cdas
c:\windows\wt\wtupdates\webd\4.1.1\files\actorobject.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\controlpanel\index.html
c:\windows\wt\wtupdates\webd\4.1.1\files\dx5drv.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\dx7drv.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\jdriver.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\data.wts
c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\webdriver.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\wt3d.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\npWTHost.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\nsIWTHostPlugin.xpt
c:\windows\wt\wtupdates\webd\4.1.1\files\ObjectBundle.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\rdriver.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\Sound.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\update_info\data.wts
c:\windows\wt\wtupdates\webd\4.1.1\files\wdcaps.ded
c:\windows\wt\wtupdates\webd\4.1.1\files\wdengine.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331.cdanfo
c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_fileList.cdas
c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_Uninstall.cdas
c:\windows\wt\wtupdates\webd\4.1.1\files\webdriver.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\wildtangent.jar
c:\windows\wt\wtupdates\webd\4.1.1\files\wt3d.ini
c:\windows\wt\wtupdates\webd\4.1.1\files\WTHost.exe
c:\windows\wt\wtupdates\webd\4.1.1\files\WTHostCtl.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.jar
c:\windows\wt\wtupdates\webd\4.1.1\files\wtvh.dll
c:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.ax
c:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.ini
c:\windows\wt\wtupdates\webd\4.1.1\install\Webd4_1_1.cdanfo
c:\windows\wt\wtupdates\webd\4.1.1\install\Webd4_1_1_Uninstall.cdas
c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\controlpanel\index.html
c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl.cdanfo
c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl_Uninstall.cdas
c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\WireControl.dll
c:\windows\wt\wtupdates\wtupdater\appinfo.dat
c:\windows\wt\wtupdates\wtwebdriver\update_info\data.wts
c:\windows\wt\wtvh.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-06-16 to 2012-07-16 )))))))))))))))))))))))))))))))
.
.
2012-10-08 17:07 . 2005-04-06 01:22 143360 ----a-w- c:\windows\system32\igfxpph.dll
2012-10-08 17:07 . 2005-04-05 20:19 155648 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-10-08 17:07 . 2005-04-06 01:19 57344 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-10-08 17:07 . 2005-04-06 01:18 73728 ----a-w- c:\windows\system32\hccutils.dll
2012-10-08 17:07 . 2005-04-06 01:45 876666 ----a-w- c:\windows\system32\ialmdd5.dll
2012-10-08 17:07 . 2005-04-06 01:38 194298 ----a-w- c:\windows\system32\ialmdev5.dll
2012-10-08 17:07 . 2005-04-06 01:38 110203 ----a-w- c:\windows\system32\ialmdnt5.dll
2012-10-08 17:07 . 2005-04-06 01:38 38014 ----a-w- c:\windows\system32\ialmrnt5.dll
2012-10-08 17:07 . 2005-04-05 20:46 830684 ----a-w- c:\windows\system32\drivers\ialmnt5.sys
2012-09-26 20:14 . 2012-09-26 20:14 -------- d-----w- c:\documents and settings\Front Desk User\Application Data\FinalMediaPlayer
2012-08-14 14:34 . 2012-08-14 14:34 -------- d-----w- c:\program files\SystemRequirementsLab
2012-08-03 18:35 . 2012-08-11 22:36 -------- d-----w- c:\program files\Free Window Registry Repair
2012-07-30 17:18 . 2012-07-30 17:18 -------- d-----w- c:\documents and settings\Administrator
2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2012-07-21 23:30 . 2012-07-21 23:30 -------- d-----w- c:\program files\Windows Sidebar
2012-07-21 23:13 . 2012-07-21 23:13 -------- d-----w- c:\program files\HitmanPro
2012-07-21 23:12 . 2012-07-21 23:26 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro
2012-07-21 22:10 . 2012-07-21 22:10 -------- d-----w- c:\documents and settings\Front Desk User\Application Data\Malwarebytes
2012-07-21 22:09 . 2012-07-21 22:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-07-21 19:55 . 2012-07-11 22:11 -------- d-----w- c:\documents and settings\All Users\Application Data\6F63A59FF10D56B7157AAD037B07D329
2012-07-21 19:54 . 2012-07-21 23:25 -------- d-----w- c:\documents and settings\Front Desk User\Application Data\Fydu
2012-07-15 17:59 . 2012-01-31 12:44 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-07-13 17:43 . 2012-07-13 17:43 -------- d-----w- c:\documents and settings\Front Desk User\Local Settings\Application Data\Avg2013
2012-07-13 17:43 . 2012-07-13 17:43 -------- d-----w- c:\documents and settings\Front Desk User\Local Settings\Application Data\MFAData
2012-07-12 17:07 . 2012-09-07 23:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-12 17:07 . 2012-07-13 17:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-11 23:14 . 2012-07-11 23:14 -------- d-----w- c:\program files\Trend Micro
2012-07-11 22:57 . 2012-07-16 22:55 -------- d-----w- c:\windows\system32\CatRoot2
2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\wbem\snmp\smimsgif.dll
2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\wbem\snmp\smierrsy.dll
2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\dllcache\smimsgif.dll
2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\dllcache\smierrsy.dll
2012-07-11 22:10 . 2004-08-04 11:00 15872 ----a-w- c:\windows\system32\wbem\snmp\smierrsm.dll
2012-07-11 22:10 . 2004-08-04 11:00 15872 ----a-w- c:\windows\system32\dllcache\smierrsm.dll
2012-07-11 22:10 . 2004-08-04 11:00 10240 ----a-w- c:\windows\system32\wbem\snmpstup.dll
2012-07-11 22:10 . 2004-08-04 11:00 10240 ----a-w- c:\windows\system32\dllcache\snmpstup.dll
2012-07-11 22:00 . 2012-07-11 22:00 -------- d-----w- c:\program files\CheckPoint
2012-07-11 22:00 . 2012-07-11 22:00 -------- d-----w- c:\documents and settings\All Users\Application Data\CheckPoint
2012-07-11 21:53 . 2011-06-08 21:57 429928 ----a-r- c:\windows\system32\hpinkstsa011.dll
2012-07-11 21:53 . 2011-06-08 21:57 270696 ----a-r- c:\windows\system32\hpinkstsa011LM.dll
2012-07-11 21:53 . 2011-06-08 21:57 216424 ----a-r- c:\windows\system32\hpinkcoia011.dll
2012-07-11 21:45 . 2011-06-08 21:57 1929576 ----a-r- c:\windows\system32\HPScanTRDrv_DJ3050A_J611.dll
2012-07-11 21:45 . 2011-06-08 21:57 488296 ----a-r- c:\windows\system32\HPWia1_DJ3050A_J611.dll
2012-07-11 19:59 . 2005-04-05 20:18 135168 ----a-w- c:\windows\system32\igfxres.dll
2012-07-11 19:44 . 2012-07-11 19:44 -------- d-----w- c:\windows\system32\vmm32
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-16 20:32 . 2012-04-29 22:17 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-16 20:32 . 2011-05-20 19:05 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:19 . 2004-08-10 18:51 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-04 23:35 . 2004-08-10 19:02 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-04 23:35 . 2005-05-26 10:19 222448 ----a-w- c:\windows\system32\muweb.dll
2012-06-04 04:32 . 2004-08-10 18:51 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 21:19 . 2007-05-16 02:24 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 21:19 . 2007-05-16 02:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 21:19 . 2004-08-10 19:02 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 21:19 . 2004-08-10 19:02 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 21:19 . 2007-05-16 02:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 21:19 . 2005-05-26 09:16 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 21:19 . 2004-08-10 19:02 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 21:19 . 2004-08-10 19:02 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 21:19 . 2004-08-10 18:50 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 21:19 . 2007-05-16 02:24 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 21:19 . 2004-08-10 19:02 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 21:19 . 2004-08-10 19:02 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 21:18 . 2007-05-16 21:01 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 21:18 . 2007-05-04 17:59 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-01 15:55 . 2003-02-21 10:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-05-31 13:22 . 2004-08-10 18:50 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-15 15:39 . 2004-08-10 18:51 832512 ----a-w- c:\windows\system32\wininet.dll
2012-05-04 13:12 . 2004-08-10 18:51 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32 . 2004-08-04 04:59 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2004-08-10 19:01 139656 ------w- c:\windows\system32\drivers\rdpwd.sys
2012-04-23 14:46 . 2008-09-18 15:54 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-04-23 14:46 . 2004-08-10 18:51 1830912 ------w- c:\windows\system32\inetcpl.cpl
2012-04-23 14:46 . 2004-08-10 18:50 17408 ----a-w- c:\windows\system32\corpol.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"InstallIQUpdater"="c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe" [2011-08-09 1176064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ClamWin"="c:\program files\ClamWin\bin\ClamTray.exe" [2011-02-16 86016]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"Info Center"="c:\program files\PCPitstop\Info Center\InfoCenter.exe" [2011-09-26 24216]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-06-01 296056]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-9-28 110592]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2006-4-13 724992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"DisableLocalMachineRun"= 0 (0x0)
"DisableLocalMachineRunOnce"= 0 (0x0)
"DisableCurrentUserRun"= 0 (0x0)
"DisableCurrentUserRunOnce"= 0 (0x0)
"NoFile"= 0 (0x0)
"HideClock"= 0 (0x0)
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Dell Network Assistant.lnk]
backup=c:\windows\pss\Dell Network Assistant.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 17:09 460784 -c--a-w- c:\program files\DellSupport\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
2005-09-08 11:20 122940 -c----w- c:\windows\system32\DLA\DLACTRLW.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2005-10-05 09:12 94208 -c--a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-11 04:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-04-06 01:19 77824 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-04-06 01:23 114688 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2005-04-05 20:22 94208 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-06-10 16:44 249856 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-06-10 16:44 81920 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
2005-09-09 01:20 8192 -c--a-w- c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
2005-07-13 01:05 1117184 -c--a-w- c:\program files\McAfee\SpamKiller\MSKDetct.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 --sh--w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 16:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 21:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2012-06-01 15:55 499312 ----a-w- c:\program files\real\realplayer\realplay.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2004-10-15 01:42 1404928 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe [7/21/2012 5:13 PM 105832]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/19/2009 12:42 PM 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/29/2012 4:17 PM 250056]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [6/2/2011 11:08 AM 11336]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12/19/2009 12:42 PM 135664]
S3 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [1/4/2012 5:35 PM 91816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 20:32]
.
2012-07-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]
.
2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 18:42]
.
2012-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 18:42]
.
2012-07-16 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-4269576598-3801111797-561348648-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-05-01 00:21]
.
2012-07-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-4269576598-3801111797-561348648-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-05-01 00:21]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
TCP: DhcpNameServer = 69.145.248.4 69.146.17.2 69.144.49.29
.
.
------- File Associations -------
.
JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
AddRemove-HijackThis - c:\program files\Trend Micro\HijackThis\HijackThis.exe
AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-16 17:12
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(3464)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Dell Network Assistant\hnm_svc.exe
c:\windows\System32\snmp.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
.
**************************************************************************
.
Completion time: 2012-07-16 17:16:57 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-16 23:16
.
Pre-Run: 32,986,251,264 bytes free
Post-Run: 33,239,175,168 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 9AB12AC1FEF500EBE61EC971B6D91570
 
ComboFix Script

  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Open notepad and copy/paste the text in the codebox below into it:
    ClearJavaCache::
    Click to expand...
  • Save this as CFScript.txt, in the same location as ComboFix.exe
    CFScriptB-4.gif
  • Referring to the picture above, drag CFScript into ComboFix.exe
  • When finished, it shall produce a log for you at C:\ComboFix.txt
  • Please post the contents of the log in your next reply.

Please download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.
 
ComboFix 12-10-17.05 - Front Desk User 07/17/2012 10:47:55.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.676 [GMT -6:00]
Running from: c:\documents and settings\Front Desk User\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Front Desk User\Desktop\CFScript.txt
AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
.
.
((((((((((((((((((((((((( Files Created from 2012-06-17 to 2012-07-17 )))))))))))))))))))))))))))))))
.
.
2012-10-08 17:07 . 2005-04-06 01:22 143360 ----a-w- c:\windows\system32\igfxpph.dll
2012-10-08 17:07 . 2005-04-05 20:19 155648 ----a-w- c:\windows\system32\igfxsrvc.exe
2012-10-08 17:07 . 2005-04-06 01:19 57344 ----a-w- c:\windows\system32\igfxsrvc.dll
2012-10-08 17:07 . 2005-04-06 01:18 73728 ----a-w- c:\windows\system32\hccutils.dll
2012-10-08 17:07 . 2005-04-06 01:45 876666 ----a-w- c:\windows\system32\ialmdd5.dll
2012-10-08 17:07 . 2005-04-06 01:38 194298 ----a-w- c:\windows\system32\ialmdev5.dll
2012-10-08 17:07 . 2005-04-06 01:38 110203 ----a-w- c:\windows\system32\ialmdnt5.dll
2012-10-08 17:07 . 2005-04-06 01:38 38014 ----a-w- c:\windows\system32\ialmrnt5.dll
2012-10-08 17:07 . 2005-04-05 20:46 830684 ----a-w- c:\windows\system32\drivers\ialmnt5.sys
2012-09-26 20:14 . 2012-09-26 20:14 -------- d-----w- c:\documents and settings\Front Desk User\Application Data\FinalMediaPlayer
2012-08-14 14:34 . 2012-08-14 14:34 -------- d-----w- c:\program files\SystemRequirementsLab
2012-08-03 18:35 . 2012-08-11 22:36 -------- d-----w- c:\program files\Free Window Registry Repair
2012-07-30 17:18 . 2012-07-30 17:18 -------- d-----w- c:\documents and settings\Administrator
2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2012-07-21 23:30 . 2012-07-21 23:30 -------- d-----w- c:\program files\Windows Sidebar
2012-07-21 23:13 . 2012-07-21 23:13 -------- d-----w- c:\program files\HitmanPro
2012-07-21 23:12 . 2012-07-21 23:26 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro
2012-07-21 22:10 . 2012-07-21 22:10 -------- d-----w- c:\documents and settings\Front Desk User\Application Data\Malwarebytes
2012-07-21 22:09 . 2012-07-21 22:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-07-21 19:55 . 2012-07-11 22:11 -------- d-----w- c:\documents and settings\All Users\Application Data\6F63A59FF10D56B7157AAD037B07D329
2012-07-21 19:54 . 2012-07-21 23:25 -------- d-----w- c:\documents and settings\Front Desk User\Application Data\Fydu
2012-07-17 09:00 . 2008-04-14 00:11 21504 ----a-w- c:\windows\system32\drivers\hidserv.dll
2012-07-15 17:59 . 2012-01-31 12:44 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-07-13 17:43 . 2012-07-13 17:43 -------- d-----w- c:\documents and settings\Front Desk User\Local Settings\Application Data\Avg2013
2012-07-13 17:43 . 2012-07-13 17:43 -------- d-----w- c:\documents and settings\Front Desk User\Local Settings\Application Data\MFAData
2012-07-12 17:07 . 2012-09-07 23:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-12 17:07 . 2012-07-13 17:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-11 23:14 . 2012-07-11 23:14 -------- d-----w- c:\program files\Trend Micro
2012-07-11 22:57 . 2012-07-17 16:45 -------- d-----w- c:\windows\system32\CatRoot2
2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\wbem\snmp\smimsgif.dll
2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\wbem\snmp\smierrsy.dll
2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\dllcache\smimsgif.dll
2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\dllcache\smierrsy.dll
2012-07-11 22:10 . 2004-08-04 11:00 15872 ----a-w- c:\windows\system32\wbem\snmp\smierrsm.dll
2012-07-11 22:10 . 2004-08-04 11:00 15872 ----a-w- c:\windows\system32\dllcache\smierrsm.dll
2012-07-11 22:10 . 2004-08-04 11:00 10240 ----a-w- c:\windows\system32\wbem\snmpstup.dll
2012-07-11 22:10 . 2004-08-04 11:00 10240 ----a-w- c:\windows\system32\dllcache\snmpstup.dll
2012-07-11 22:00 . 2012-07-11 22:00 -------- d-----w- c:\program files\CheckPoint
2012-07-11 22:00 . 2012-07-11 22:00 -------- d-----w- c:\documents and settings\All Users\Application Data\CheckPoint
2012-07-11 21:53 . 2011-06-08 21:57 429928 ----a-r- c:\windows\system32\hpinkstsa011.dll
2012-07-11 21:53 . 2011-06-08 21:57 270696 ----a-r- c:\windows\system32\hpinkstsa011LM.dll
2012-07-11 21:53 . 2011-06-08 21:57 216424 ----a-r- c:\windows\system32\hpinkcoia011.dll
2012-07-11 21:45 . 2011-06-08 21:57 1929576 ----a-r- c:\windows\system32\HPScanTRDrv_DJ3050A_J611.dll
2012-07-11 21:45 . 2011-06-08 21:57 488296 ----a-r- c:\windows\system32\HPWia1_DJ3050A_J611.dll
2012-07-11 19:59 . 2005-04-05 20:18 135168 ----a-w- c:\windows\system32\igfxres.dll
2012-07-11 19:44 . 2012-07-11 19:44 -------- d-----w- c:\windows\system32\vmm32
2012-07-06 13:58 . 2012-07-06 13:58 78336 ------w- c:\windows\system32\dllcache\browser.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-27 19:12 . 2004-08-10 18:51 832512 ----a-w- c:\windows\system32\wininet.dll
2012-08-27 19:12 . 2004-08-10 18:51 1830912 ------w- c:\windows\system32\inetcpl.cpl
2012-08-27 19:12 . 2008-09-18 15:54 78336 ----a-w- c:\windows\system32\ieencode.dll
2012-08-27 19:12 . 2004-08-10 18:50 17408 ----a-w- c:\windows\system32\corpol.dll
2012-08-24 13:53 . 2004-08-10 18:51 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-21 13:29 . 2004-08-10 18:51 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 12:58 . 2004-08-04 04:59 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-16 20:32 . 2012-04-29 22:17 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-16 20:32 . 2011-05-20 19:05 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2004-08-10 18:50 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2004-08-10 19:01 139784 ------w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40 . 2004-08-10 18:51 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:50 . 2008-09-04 21:27 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2004-08-10 18:51 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 23:35 . 2004-08-10 19:02 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-04 23:35 . 2005-05-26 10:19 222448 ----a-w- c:\windows\system32\muweb.dll
2012-06-04 04:32 . 2004-08-10 18:51 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 21:19 . 2007-05-16 02:24 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 21:19 . 2007-05-16 02:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 21:19 . 2004-08-10 19:02 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 21:19 . 2004-08-10 19:02 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 21:19 . 2007-05-16 02:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 21:19 . 2005-05-26 09:16 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 21:19 . 2004-08-10 19:02 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 21:19 . 2004-08-10 19:02 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 21:19 . 2004-08-10 18:50 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 21:19 . 2007-05-16 02:24 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 21:19 . 2004-08-10 19:02 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 21:19 . 2004-08-10 19:02 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 21:18 . 2007-05-16 21:01 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 21:18 . 2007-05-04 17:59 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-01 16:50 . 2004-08-10 18:50 601088 ----a-w- c:\windows\system32\crypt32.dll
2012-06-01 15:55 . 2003-02-21 10:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
2012-05-14 09:22 . 2004-08-10 18:51 345600 ----a-w- c:\windows\system32\localspl.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"InstallIQUpdater"="c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe" [2011-08-09 1176064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ClamWin"="c:\program files\ClamWin\bin\ClamTray.exe" [2011-02-16 86016]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
"Info Center"="c:\program files\PCPitstop\Info Center\InfoCenter.exe" [2011-09-26 24216]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-06-01 296056]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-9-28 110592]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2006-4-13 724992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"DisableLocalMachineRun"= 0 (0x0)
"DisableLocalMachineRunOnce"= 0 (0x0)
"DisableCurrentUserRun"= 0 (0x0)
"DisableCurrentUserRunOnce"= 0 (0x0)
"NoFile"= 0 (0x0)
"HideClock"= 0 (0x0)
"NoDevMgrUpdate"= 0 (0x0)
"NoDFSTab"= 0 (0x0)
"NoEncryptOnMove"= 0 (0x0)
"NoResolveTrack"= 0 (0x0)
"NoStartMenuSubFolders"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Dell Network Assistant.lnk]
backup=c:\windows\pss\Dell Network Assistant.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 17:09 460784 -c--a-w- c:\program files\DellSupport\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
2005-09-08 11:20 122940 -c----w- c:\windows\system32\DLA\DLACTRLW.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2005-10-05 09:12 94208 -c--a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2006-12-11 04:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-04-06 01:19 77824 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-04-06 01:23 114688 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2005-04-05 20:22 94208 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-06-10 16:44 249856 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-06-10 16:44 81920 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
2005-09-09 01:20 8192 -c--a-w- c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
2005-07-13 01:05 1117184 -c--a-w- c:\program files\McAfee\SpamKiller\MSKDetct.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 --sh--w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 16:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 21:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2012-06-01 15:55 499312 ----a-w- c:\program files\real\realplayer\realplay.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2004-10-15 01:42 1404928 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe [7/21/2012 5:13 PM 105832]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/19/2009 12:42 PM 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/29/2012 4:17 PM 250056]
S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [6/2/2011 11:08 AM 11336]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12/19/2009 12:42 PM 135664]
S3 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [1/4/2012 5:35 PM 91816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 20:32]
.
2012-07-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]
.
2012-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 18:42]
.
2012-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 18:42]
.
2012-07-17 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-4269576598-3801111797-561348648-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-05-01 00:21]
.
2012-07-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-4269576598-3801111797-561348648-1006.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-05-01 00:21]
.
.
------- Supplementary Scan -------
.
TCP: DhcpNameServer = 69.145.248.4 69.146.17.2 69.144.49.29
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-17 10:57
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(4020)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2012-07-17 11:00:44
ComboFix-quarantined-files.txt 2012-07-17 17:00
ComboFix2.txt 2012-07-16 23:16
.
Pre-Run: 32,959,541,248 bytes free
Post-Run: 32,949,096,448 bytes free
.
- - End Of File - - 5AF5CBD8C2BF40B0DF2CE016FEF05194




# AdwCleaner v2.005 - Logfile created 07/17/2012 at 11:30:16
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Front Desk User - D8T63P91
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Front Desk User\Desktop\adwcleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\All Users\Application Data\WeCareReminder
Folder Deleted : C:\Documents and Settings\Front Desk User\Local Settings\Application Data\Conduit
Folder Deleted : C:\Program Files\Viewpoint
***** [Registry] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2856415
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
***** [Internet Browsers] *****
-\\ Internet Explorer v7.0.5730.13
[OK] Registry is clean.
*************************
AdwCleaner[R1].txt - [4079 octets] - [17/07/2012 11:28:31]
AdwCleaner[S1].txt - [3946 octets] - [17/07/2012 11:30:16]
########## EOF - C:\AdwCleaner[S1].txt - [4006 octets] ##########
 
Please download the latest version of Kaspersky GetSystemInfo (GSI) from Kaspersky and save it to your Desktop.

Note: please close all other applications running on your system.

Double click GetSystemInfo.exe to open it. It will display an agreement. Click on I Agree to continue.

Click the Settings button.
2hd457o.gif


settingsslider.png


Set the slider to Maximum.

driversports.png


IMPORTANT! Then, click Customize - choose Driver / Ports tab and uncheck Scan Ports.


generaltab.png


On the General tab, make sure all of the boxes are checked.


misce.png


On the Misc tab, make sure all the checkboxes are checked.

Then, click OK on the windows that you launched.


2ekm73m.gif

Click Create Report to run it.

beginscanning.png

It will begin scanning.

It will create a zip folder called GetSystemInfo_XXXXXXXXXXXXXX.zip on your Desktop.

It should automatically upload it to http://www.getsysteminfo.com. If it does not, then please submit it manually by going to the site and doing the upload process.

It will redirect to a page, where it will provide a sharing URL for specialists. Copy and paste the url of the GSI Parser report in your next reply.
 
Found the issue with the monitor going blank (unless I'm wrong)...

Refresh rate can be changed via Devices Settings, but if the refresh rate is changed to a setting that the display or graphics adapters cannot support, the display will either blank out (black screen) or the on-screen image may become distorted.
Click to expand...
Here is the page which says that, the guide for your graphics card: http://www.intel.com/support/graphics/intel865g/sb/CS-009181.htm

Press the Ctrl+Alt+F12 keys.

Change the Refresh Rate to 60 Hz:
resolution_older.jpg


_OR_

resolution_new.jpg



Let me know if this works out. :D
 
Unfortunately the problem isnt resolved, the screen is now white and I have to turn it on and off constantly just to see this screen.
 
It may be time to try a new monitor. If you can borrow one, just a trial, that would be good. It would confirm whether your current monitor needs replaced, or not.
 
I have 3 computers and all started going black or white at the exact same time. I borrowed a friends monitor and its the same problem so Im pretty sure its a malware or virus issue
 
Or video card.

Please download and run this video card stress test, let me know results: http://www.freestone-group.com/video-card-stability-test.htm

TDSSKiller Scan

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.
For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

tdss_1.jpg


-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

tdss_2.jpg


------------------------

Click the Start Scan button.

tdss_3.jpg


-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue


tdss_4.jpg


----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


tdss_5.jpg



--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
 
12:48:28.0267 1908 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
12:48:28.0611 1908 ============================================================
12:48:28.0611 1908 Current date / time: 2012/10/26 12:48:28.0611
12:48:28.0611 1908 SystemInfo:
12:48:28.0611 1908
12:48:28.0611 1908 OS Version: 5.1.2600 ServicePack: 3.0
12:48:28.0611 1908 Product type: Workstation
12:48:28.0611 1908 ComputerName: D8T63P91
12:48:28.0611 1908 UserName: Front Desk User
12:48:28.0611 1908 Windows directory: C:\WINDOWS
12:48:28.0611 1908 System windows directory: C:\WINDOWS
12:48:28.0611 1908 Processor architecture: Intel x86
12:48:28.0611 1908 Number of processors: 1
12:48:28.0611 1908 Page size: 0x1000
12:48:28.0611 1908 Boot type: Normal boot
12:48:28.0611 1908 ============================================================
12:48:31.0690 1908 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:48:31.0721 1908 ============================================================
12:48:31.0721 1908 \Device\Harddisk0\DR0:
12:48:31.0721 1908 MBR partitions:
12:48:31.0721 1908 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xFB04, BlocksNum 0x8EE9870
12:48:31.0721 1908 ============================================================
12:48:31.0909 1908 C: <-> \Device\Harddisk0\DR0\Partition1
12:48:31.0909 1908 ============================================================
12:48:31.0909 1908 Initialize success
12:48:31.0909 1908 ============================================================
12:49:08.0198 1748 ============================================================
12:49:08.0198 1748 Scan started
12:49:08.0198 1748 Mode: Manual; SigCheck; TDLFS;
12:49:08.0198 1748 ============================================================
12:49:08.0636 1748 ================ Scan system memory ========================
12:49:08.0651 1748 System memory - ok
12:49:08.0651 1748 ================ Scan services =============================
12:49:09.0183 1748 Abiosdsk - ok
12:49:09.0245 1748 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:49:17.0732 1748 abp480n5 - ok
12:49:17.0966 1748 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:49:18.0247 1748 ACPI - ok
12:49:18.0294 1748 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
12:49:18.0529 1748 ACPIEC - ok
12:49:18.0732 1748 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:49:18.0763 1748 AdobeFlashPlayerUpdateSvc - ok
12:49:18.0966 1748 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:49:19.0201 1748 adpu160m - ok
12:49:19.0279 1748 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
12:49:19.0513 1748 aec - ok
12:49:19.0623 1748 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
12:49:19.0701 1748 AFD - ok
12:49:19.0763 1748 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
12:49:20.0154 1748 agp440 - ok
12:49:20.0201 1748 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:49:20.0451 1748 agpCPQ - ok
12:49:20.0482 1748 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:49:20.0638 1748 Aha154x - ok
12:49:20.0701 1748 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:49:21.0029 1748 aic78u2 - ok
12:49:21.0092 1748 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:49:21.0326 1748 aic78xx - ok
12:49:21.0389 1748 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
12:49:21.0654 1748 Alerter - ok
12:49:21.0701 1748 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
12:49:21.0967 1748 ALG - ok
12:49:22.0014 1748 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
12:49:22.0233 1748 AliIde - ok
12:49:22.0279 1748 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:49:22.0561 1748 alim1541 - ok
12:49:22.0592 1748 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:49:22.0967 1748 amdagp - ok
12:49:22.0998 1748 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
12:49:23.0139 1748 amsint - ok
12:49:23.0155 1748 AppMgmt - ok
12:49:23.0202 1748 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
12:49:23.0436 1748 asc - ok
12:49:23.0467 1748 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:49:23.0608 1748 asc3350p - ok
12:49:23.0655 1748 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:49:23.0983 1748 asc3550 - ok
12:49:24.0139 1748 [ E1A1206A4FB19B675E947B29CCD25FBA ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
12:49:24.0171 1748 aspnet_state ( UnsignedFile.Multi.Generic ) - warning
12:49:24.0171 1748 aspnet_state - detected UnsignedFile.Multi.Generic (1)
12:49:24.0217 1748 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:49:24.0467 1748 AsyncMac - ok
12:49:24.0546 1748 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
12:49:24.0749 1748 atapi - ok
12:49:24.0764 1748 Atdisk - ok
12:49:24.0952 1748 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:49:25.0202 1748 Atmarpc - ok
12:49:25.0265 1748 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
12:49:25.0499 1748 AudioSrv - ok
12:49:25.0546 1748 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
12:49:25.0765 1748 audstub - ok
12:49:28.0375 1748 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
12:49:30.0609 1748 AVGIDSAgent - ok
12:49:30.0734 1748 [ 2F47851015D8837976E481F6DAA46A67 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
12:49:30.0953 1748 AVGIDSDriver - ok
12:49:31.0047 1748 [ 303BDE0DCDC04CE597C6C1CD06C6F186 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
12:49:31.0063 1748 AVGIDSHX - ok
12:49:31.0141 1748 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
12:49:31.0172 1748 AVGIDSShim - ok
12:49:31.0281 1748 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
12:49:31.0313 1748 Avgldx86 - ok
12:49:31.0438 1748 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
12:49:31.0469 1748 Avglogx - ok
12:49:31.0532 1748 [ 6DF7236D3A16C8417FF72F2EB2ADD244 ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
12:49:31.0563 1748 Avgmfx86 - ok
12:49:31.0594 1748 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
12:49:31.0610 1748 Avgrkx86 - ok
12:49:31.0735 1748 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
12:49:31.0766 1748 Avgtdix - ok
12:49:31.0954 1748 [ 54DA0F700393AF2F1E9CD54A82F0C5A4 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
12:49:31.0985 1748 avgtp - ok
12:49:32.0110 1748 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
12:49:32.0157 1748 avgwd - ok
12:49:32.0219 1748 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:49:32.0485 1748 Beep - ok
12:49:32.0688 1748 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
12:49:33.0126 1748 BITS - ok
12:49:33.0219 1748 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
12:49:33.0344 1748 Browser - ok
12:49:33.0407 1748 [ 2FE6D5BE0629F706197B30C0AA05DE30 ] BrPar C:\WINDOWS\System32\drivers\BrPar.sys
12:49:33.0438 1748 BrPar ( UnsignedFile.Multi.Generic ) - warning
12:49:33.0438 1748 BrPar - detected UnsignedFile.Multi.Generic (1)
12:49:33.0454 1748 bvrp_pci - ok
12:49:33.0688 1748 catchme - ok
12:49:33.0735 1748 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:49:34.0095 1748 cbidf - ok
12:49:34.0110 1748 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
12:49:34.0313 1748 cbidf2k - ok
12:49:34.0360 1748 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:49:34.0485 1748 cd20xrnt - ok
12:49:34.0532 1748 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
12:49:34.0751 1748 Cdaudio - ok
12:49:34.0798 1748 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
12:49:35.0142 1748 Cdfs - ok
12:49:35.0204 1748 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:49:35.0486 1748 Cdrom - ok
12:49:35.0501 1748 Changer - ok
12:49:35.0548 1748 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
12:49:35.0783 1748 CiSvc - ok
12:49:35.0970 1748 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
12:49:36.0204 1748 ClipSrv - ok
12:49:36.0251 1748 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:49:36.0501 1748 CmdIde - ok
12:49:36.0501 1748 COMSysApp - ok
12:49:36.0548 1748 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:49:36.0767 1748 Cpqarray - ok
12:49:36.0986 1748 [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
12:49:37.0017 1748 cpudrv - ok
12:49:37.0095 1748 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
12:49:37.0314 1748 CryptSvc - ok
12:49:37.0408 1748 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:49:37.0674 1748 dac2w2k - ok
12:49:37.0689 1748 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:49:38.0049 1748 dac960nt - ok
12:49:38.0252 1748 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:49:38.0502 1748 DcomLaunch - ok
12:49:38.0596 1748 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
12:49:38.0924 1748 Dhcp - ok
12:49:39.0002 1748 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
12:49:39.0205 1748 Disk - ok
12:49:39.0299 1748 [ E2D0DE31442390C35E3163C87CB6A9EB ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
12:49:39.0330 1748 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning
12:49:39.0330 1748 DLABOIOM - detected UnsignedFile.Multi.Generic (1)
12:49:39.0377 1748 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
12:49:39.0408 1748 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning
12:49:39.0408 1748 DLACDBHM - detected UnsignedFile.Multi.Generic (1)
12:49:39.0440 1748 [ 83545593E297F50A8E2524B4C071A153 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
12:49:39.0471 1748 DLADResN ( UnsignedFile.Multi.Generic ) - warning
12:49:39.0471 1748 DLADResN - detected UnsignedFile.Multi.Generic (1)
12:49:39.0533 1748 [ 96E01D901CDC98C7817155CC057001BF ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
12:49:39.0611 1748 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning
12:49:39.0611 1748 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)
12:49:39.0643 1748 [ 0A60A39CC5E767980A31CA5D7238DFA9 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
12:49:39.0674 1748 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning
12:49:39.0674 1748 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)
12:49:39.0705 1748 [ 9FE2B72558FC808357F427FD83314375 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
12:49:39.0737 1748 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning
12:49:39.0737 1748 DLAPoolM - detected UnsignedFile.Multi.Generic (1)
12:49:39.0768 1748 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
12:49:39.0799 1748 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning
12:49:39.0799 1748 DLARTL_N - detected UnsignedFile.Multi.Generic (1)
12:49:40.0018 1748 [ F08E1DAFAC457893399E03430A6A1397 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
12:49:40.0049 1748 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning
12:49:40.0049 1748 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)
12:49:40.0096 1748 [ E7D105ED1E694449D444A9933DF8E060 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
12:49:40.0127 1748 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning
12:49:40.0127 1748 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)
12:49:40.0127 1748 dmadmin - ok
12:49:40.0440 1748 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
12:49:41.0002 1748 dmboot - ok
12:49:41.0081 1748 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
12:49:41.0331 1748 dmio - ok
12:49:41.0393 1748 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
12:49:41.0659 1748 dmload - ok
12:49:41.0721 1748 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
12:49:42.0081 1748 dmserver - ok
12:49:42.0128 1748 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
12:49:42.0362 1748 DMusic - ok
12:49:42.0425 1748 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:49:42.0565 1748 Dnscache - ok
12:49:42.0659 1748 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
12:49:43.0003 1748 Dot3svc - ok
12:49:43.0050 1748 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:49:43.0300 1748 dpti2o - ok
12:49:43.0362 1748 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:49:43.0581 1748 drmkaud - ok
12:49:43.0644 1748 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
12:49:43.0675 1748 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning
12:49:43.0675 1748 DRVMCDB - detected UnsignedFile.Multi.Generic (1)
12:49:43.0706 1748 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
12:49:43.0737 1748 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning
12:49:43.0737 1748 DRVNDDM - detected UnsignedFile.Multi.Generic (1)
12:49:43.0987 1748 [ FE80901578E7E3DA70299A5AEB2B7FBD ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
12:49:44.0019 1748 DSBrokerService - ok
12:49:44.0081 1748 [ 413F2D5F9D802688242C23B38F767ECB ] DSproct C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
12:49:44.0128 1748 DSproct ( UnsignedFile.Multi.Generic ) - warning
12:49:44.0128 1748 DSproct - detected UnsignedFile.Multi.Generic (1)
12:49:44.0159 1748 [ DFEABB7CFFFADEA4A912AB95BDC3177A ] dsunidrv C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
12:49:44.0238 1748 dsunidrv - ok
12:49:44.0331 1748 [ 7D91DC6342248369F94D6EBA0CF42E99 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
12:49:44.0409 1748 E100B - ok
12:49:44.0488 1748 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
12:49:44.0738 1748 EapHost - ok
12:49:44.0800 1748 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
12:49:45.0144 1748 ERSvc - ok
12:49:45.0238 1748 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
12:49:45.0347 1748 Eventlog - ok
12:49:45.0519 1748 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
12:49:45.0597 1748 EventSystem - ok
12:49:45.0707 1748 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
12:49:46.0050 1748 Fastfat - ok
12:49:46.0144 1748 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:49:46.0254 1748 FastUserSwitchingCompatibility - ok
12:49:46.0300 1748 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
12:49:46.0551 1748 Fdc - ok
12:49:46.0597 1748 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
12:49:46.0957 1748 Fips - ok
12:49:46.0988 1748 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:49:47.0223 1748 Flpydisk - ok
12:49:47.0316 1748 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:49:47.0582 1748 FltMgr - ok
12:49:47.0613 1748 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:49:47.0957 1748 Fs_Rec - ok
12:49:48.0067 1748 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:49:48.0285 1748 Ftdisk - ok
12:49:48.0379 1748 [ 199062D35B8789238A11E9980479336B ] FVNETusb C:\WINDOWS\system32\DRIVERS\vnet58lx.sys
12:49:48.0473 1748 FVNETusb - ok
12:49:48.0551 1748 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:49:48.0770 1748 Gpc - ok
12:49:49.0035 1748 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:49:49.0067 1748 gupdate - ok
12:49:49.0129 1748 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:49:49.0160 1748 gupdatem - ok
12:49:49.0286 1748 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:49:49.0520 1748 helpsvc - ok
12:49:49.0567 1748 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
12:49:49.0786 1748 HidServ - ok
12:49:49.0958 1748 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:49:50.0192 1748 HidUsb - ok
12:49:50.0286 1748 [ 54D9E71DD3F6DF476B99543F88650EDF ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
12:49:50.0317 1748 HitmanProScheduler - ok
12:49:50.0395 1748 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
12:49:50.0645 1748 hkmsvc - ok
12:49:50.0786 1748 [ 4BDA4856BD308C90CD5A98B6BF294A73 ] hnmsvc C:\Program Files\Dell Network Assistant\hnm_svc.exe
12:49:50.0927 1748 hnmsvc - ok
12:49:50.0989 1748 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
12:49:51.0177 1748 hpn - ok
12:49:51.0364 1748 [ CC8A7D8A8DC9F357B57796583CF8B85F ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
12:49:51.0395 1748 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
12:49:51.0395 1748 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
12:49:51.0458 1748 [ 4C2CA71CAAFD2CF1A673FC8DBFD219C4 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
12:49:51.0520 1748 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
12:49:51.0520 1748 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
12:49:51.0583 1748 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
12:49:51.0974 1748 HPZid412 - ok
12:49:52.0036 1748 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
12:49:52.0099 1748 HPZipr12 - ok
12:49:52.0161 1748 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
12:49:52.0224 1748 HPZius12 - ok
12:49:52.0380 1748 [ 663B895C3F8464339EACD1D9CF69D661 ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
12:49:52.0505 1748 HSFHWBS2 - ok
12:49:53.0005 1748 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
12:49:53.0333 1748 HSF_DP - ok
12:49:53.0724 1748 [ 7340B4D13875C413A6229BBA8E4913CA ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
12:49:54.0162 1748 HSF_DPV - ok
12:49:54.0334 1748 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
12:49:54.0427 1748 HTTP - ok
12:49:54.0474 1748 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
12:49:54.0724 1748 HTTPFilter - ok
12:49:54.0771 1748 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
12:49:55.0115 1748 i2omgmt - ok
12:49:55.0146 1748 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:49:55.0365 1748 i2omp - ok
12:49:55.0428 1748 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:49:55.0693 1748 i8042prt - ok
12:49:56.0146 1748 [ 0294A30B302CA71A2C26E582DDA93486 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
12:49:56.0506 1748 ialm - ok
12:49:56.0568 1748 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
12:49:56.0772 1748 Imapi - ok
12:49:56.0990 1748 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
12:49:57.0240 1748 ImapiService - ok
12:49:57.0287 1748 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:49:57.0600 1748 ini910u - ok
12:49:57.0647 1748 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
12:49:57.0991 1748 IntelIde - ok
12:49:58.0053 1748 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:49:58.0241 1748 intelppm - ok
12:49:58.0303 1748 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
12:49:58.0569 1748 Ip6Fw - ok
12:49:58.0631 1748 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:49:58.0835 1748 IpFilterDriver - ok
12:49:58.0975 1748 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:49:59.0178 1748 IpInIp - ok
12:49:59.0257 1748 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:49:59.0507 1748 IpNat - ok
12:49:59.0600 1748 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:49:59.0819 1748 IPSec - ok
12:49:59.0850 1748 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
12:50:00.0116 1748 IRENUM - ok
12:50:00.0163 1748 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:50:00.0382 1748 isapnp - ok
12:50:00.0663 1748 [ 381B25DC8E958D905B33130D500BBF29 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
12:50:00.0694 1748 JavaQuickStarterService - ok
12:50:00.0741 1748 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:50:01.0085 1748 Kbdclass - ok
12:50:01.0132 1748 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:50:01.0335 1748 kbdhid - ok
12:50:01.0398 1748 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
12:50:01.0663 1748 kmixer - ok
12:50:01.0741 1748 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
12:50:02.0007 1748 KSecDD - ok
12:50:02.0070 1748 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
12:50:02.0163 1748 lanmanserver - ok
12:50:02.0257 1748 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:50:02.0335 1748 lanmanworkstation - ok
12:50:02.0351 1748 lbrtfdc - ok
12:50:02.0413 1748 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
12:50:02.0664 1748 LmHosts - ok
12:50:02.0742 1748 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
12:50:02.0773 1748 MBAMProtector - ok
12:50:03.0132 1748 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:50:03.0242 1748 MBAMScheduler - ok
12:50:03.0570 1748 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:50:03.0789 1748 MBAMService - ok
12:50:03.0851 1748 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:50:04.0023 1748 mdmxsdk - ok
12:50:04.0086 1748 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
12:50:04.0305 1748 Messenger - ok
12:50:04.0351 1748 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
12:50:04.0570 1748 mnmdd - ok
12:50:04.0664 1748 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
12:50:04.0992 1748 mnmsrvc - ok
12:50:05.0055 1748 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
12:50:05.0273 1748 Modem - ok
12:50:05.0320 1748 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
12:50:05.0524 1748 MODEMCSA - ok
12:50:05.0586 1748 [ FE80C18BA448DDD76B7BEAD9EB203D37 ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys
12:50:05.0695 1748 motmodem - ok
12:50:05.0727 1748 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:50:06.0055 1748 Mouclass - ok
12:50:06.0117 1748 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:50:06.0336 1748 mouhid - ok
12:50:06.0383 1748 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
12:50:06.0618 1748 MountMgr - ok
12:50:06.0649 1748 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:50:07.0258 1748 mraid35x - ok
12:50:07.0336 1748 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:50:07.0602 1748 MRxDAV - ok
12:50:07.0790 1748 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:50:08.0071 1748 MRxSmb - ok
12:50:08.0149 1748 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
12:50:08.0352 1748 MSDTC - ok
12:50:08.0384 1748 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:50:08.0602 1748 Msfs - ok
12:50:08.0602 1748 MSIServer - ok
12:50:08.0665 1748 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:50:09.0009 1748 MSKSSRV - ok
12:50:09.0040 1748 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:50:09.0274 1748 MSPCLOCK - ok
12:50:09.0306 1748 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:50:09.0524 1748 MSPQM - ok
12:50:09.0540 1748 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:50:09.0774 1748 mssmbios - ok
12:50:09.0868 1748 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
12:50:10.0040 1748 Mup - ok
12:50:10.0212 1748 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
12:50:10.0431 1748 napagent - ok
12:50:10.0556 1748 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
12:50:10.0775 1748 NDIS - ok
12:50:10.0837 1748 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:50:11.0040 1748 NdisTapi - ok
12:50:11.0087 1748 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:50:11.0322 1748 Ndisuio - ok
12:50:11.0369 1748 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:50:11.0619 1748 NdisWan - ok
12:50:11.0681 1748 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:50:11.0775 1748 NDProxy - ok
12:50:11.0853 1748 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
12:50:12.0009 1748 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:50:12.0009 1748 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:50:12.0072 1748 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:50:12.0306 1748 NetBIOS - ok
12:50:12.0384 1748 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:50:12.0650 1748 NetBT - ok
12:50:12.0728 1748 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
12:50:13.0088 1748 NetDDE - ok
12:50:13.0119 1748 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
12:50:13.0322 1748 NetDDEdsdm - ok
12:50:13.0385 1748 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:50:13.0588 1748 Netlogon - ok
12:50:13.0713 1748 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
12:50:14.0057 1748 Netman - ok
12:50:14.0197 1748 [ 02D0798F376FCBD0210EDA58476D0B1B ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
12:50:14.0229 1748 NetSvc ( UnsignedFile.Multi.Generic ) - warning
12:50:14.0229 1748 NetSvc - detected UnsignedFile.Multi.Generic (1)
12:50:14.0369 1748 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32
 
\mswsock.dll
12:50:14.0447 1748 Nla - ok
12:50:14.0510 1748 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:50:14.0760 1748 Npfs - ok
12:50:15.0119 1748 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:50:15.0432 1748 Ntfs - ok
12:50:15.0463 1748 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
12:50:15.0682 1748 NtLmSsp - ok
12:50:15.0916 1748 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
12:50:16.0276 1748 NtmsSvc - ok
12:50:16.0323 1748 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
12:50:16.0573 1748 Null - ok
12:50:17.0354 1748 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:50:18.0230 1748 nv - ok
12:50:18.0261 1748 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:50:18.0464 1748 NwlnkFlt - ok
12:50:18.0542 1748 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:50:18.0761 1748 NwlnkFwd - ok
12:50:18.0855 1748 [ 8F856DAE19383BD69DB444004D5D4F50 ] Packet C:\WINDOWS\system32\DRIVERS\packet.sys
12:50:18.0870 1748 Packet ( UnsignedFile.Multi.Generic ) - warning
12:50:18.0870 1748 Packet - detected UnsignedFile.Multi.Generic (1)
12:50:19.0073 1748 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
12:50:19.0292 1748 Parport - ok
12:50:19.0324 1748 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
12:50:19.0542 1748 PartMgr - ok
12:50:19.0589 1748 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
12:50:19.0792 1748 ParVdm - ok
12:50:19.0839 1748 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
12:50:20.0152 1748 PCI - ok
12:50:20.0167 1748 PCIDump - ok
12:50:20.0246 1748 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
12:50:20.0433 1748 PCIIde - ok
12:50:20.0527 1748 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
12:50:20.0730 1748 Pcmcia - ok
12:50:20.0855 1748 [ 12F29F4003C448C75B4460578B62E846 ] PCPitstop Scheduling C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
12:50:20.0996 1748 PCPitstop Scheduling - ok
12:50:21.0011 1748 PDCOMP - ok
12:50:21.0027 1748 PDFRAME - ok
12:50:21.0027 1748 PDRELI - ok
12:50:21.0043 1748 PDRFRAME - ok
12:50:21.0090 1748 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
12:50:21.0308 1748 perc2 - ok
12:50:21.0340 1748 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:50:21.0637 1748 perc2hib - ok
12:50:21.0730 1748 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
12:50:21.0840 1748 PlugPlay - ok
12:50:21.0871 1748 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
12:50:22.0027 1748 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
12:50:22.0027 1748 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
12:50:22.0058 1748 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
12:50:22.0246 1748 PolicyAgent - ok
12:50:22.0309 1748 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:50:22.0559 1748 PptpMiniport - ok
12:50:22.0574 1748 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:50:22.0762 1748 ProtectedStorage - ok
12:50:22.0793 1748 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
12:50:23.0137 1748 PSched - ok
12:50:23.0152 1748 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:50:23.0356 1748 Ptilink - ok
12:50:23.0434 1748 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:50:23.0449 1748 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
12:50:23.0449 1748 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
12:50:23.0512 1748 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:50:23.0746 1748 ql1080 - ok
12:50:23.0793 1748 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:50:24.0121 1748 Ql10wnt - ok
12:50:24.0168 1748 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:50:24.0372 1748 ql12160 - ok
12:50:24.0418 1748 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:50:24.0637 1748 ql1240 - ok
12:50:24.0684 1748 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:50:25.0012 1748 ql1280 - ok
12:50:25.0059 1748 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:50:25.0247 1748 RasAcd - ok
12:50:25.0309 1748 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:50:25.0559 1748 RasAuto - ok
12:50:25.0606 1748 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:50:25.0825 1748 Rasl2tp - ok
12:50:26.0059 1748 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:50:26.0278 1748 RasMan - ok
12:50:26.0309 1748 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:50:26.0544 1748 RasPppoe - ok
12:50:26.0606 1748 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
12:50:26.0794 1748 Raspti - ok
12:50:27.0028 1748 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:50:27.0232 1748 Rdbss - ok
12:50:27.0263 1748 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:50:27.0466 1748 RDPCDD - ok
12:50:27.0591 1748 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:50:27.0825 1748 rdpdr - ok
12:50:28.0029 1748 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:50:28.0122 1748 RDPWD - ok
12:50:28.0232 1748 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
12:50:28.0435 1748 RDSessMgr - ok
12:50:28.0497 1748 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
12:50:28.0732 1748 redbook - ok
12:50:28.0794 1748 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:50:29.0154 1748 RemoteAccess - ok
12:50:29.0201 1748 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
12:50:29.0420 1748 ROOTMODEM - ok
12:50:29.0482 1748 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
12:50:29.0685 1748 RpcLocator - ok
12:50:29.0857 1748 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
12:50:30.0185 1748 RpcSs - ok
12:50:30.0263 1748 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
12:50:30.0467 1748 RSVP - ok
12:50:30.0514 1748 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
12:50:30.0748 1748 SamSs - ok
12:50:30.0810 1748 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
12:50:31.0201 1748 SCardSvr - ok
12:50:31.0311 1748 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:50:31.0576 1748 Schedule - ok
12:50:31.0623 1748 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:50:31.0826 1748 Secdrv - ok
12:50:31.0889 1748 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
12:50:32.0217 1748 seclogon - ok
12:50:32.0530 1748 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
12:50:32.0858 1748 senfilt - ok
12:50:32.0920 1748 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
12:50:33.0280 1748 SENS - ok
12:50:33.0342 1748 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
12:50:33.0592 1748 serenum - ok
12:50:33.0655 1748 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
12:50:34.0233 1748 Serial - ok
12:50:34.0296 1748 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
12:50:34.0530 1748 Sfloppy - ok
12:50:34.0733 1748 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:50:35.0155 1748 SharedAccess - ok
12:50:35.0233 1748 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:50:35.0265 1748 ShellHWDetection - ok
12:50:35.0280 1748 Simbad - ok
12:50:35.0343 1748 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:50:35.0562 1748 sisagp - ok
12:50:35.0702 1748 [ 0066FF77AEB4AE70066F7E94D5A6D866 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
12:50:35.0858 1748 smwdm - ok
12:50:35.0921 1748 [ 60C377BE6B3CC83F6A8584934B181D2E ] SNMP C:\WINDOWS\System32\snmp.exe
12:50:36.0265 1748 SNMP - ok
12:50:36.0312 1748 [ 80A050795A107A76C2B1CD4CFBE010E6 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
12:50:36.0562 1748 SNMPTRAP - ok
12:50:36.0624 1748 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:50:36.0796 1748 Sparrow - ok
12:50:36.0827 1748 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
12:50:37.0203 1748 splitter - ok
12:50:37.0281 1748 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
12:50:37.0562 1748 Spooler - ok
12:50:37.0624 1748 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
12:50:38.0281 1748 sr - ok
12:50:38.0375 1748 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
12:50:38.0687 1748 srservice - ok
12:50:38.0859 1748 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:50:39.0219 1748 Srv - ok
12:50:39.0297 1748 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:50:39.0516 1748 SSDPSRV - ok
12:50:39.0719 1748 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
12:50:41.0282 1748 stisvc - ok
12:50:41.0344 1748 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
12:50:41.0625 1748 swenum - ok
12:50:41.0704 1748 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
12:50:42.0125 1748 swmidi - ok
12:50:42.0125 1748 SwPrv - ok
12:50:42.0188 1748 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
12:50:42.0563 1748 symc810 - ok
12:50:42.0626 1748 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:50:43.0032 1748 symc8xx - ok
12:50:43.0063 1748 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:50:43.0329 1748 sym_hi - ok
12:50:43.0376 1748 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:50:43.0688 1748 sym_u3 - ok
12:50:43.0766 1748 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
12:50:44.0173 1748 sysaudio - ok
12:50:44.0267 1748 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
12:50:44.0532 1748 SysmonLog - ok
12:50:44.0673 1748 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:50:45.0064 1748 TapiSrv - ok
12:50:45.0236 1748 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:50:45.0579 1748 Tcpip - ok
12:50:45.0673 1748 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
12:50:46.0111 1748 TDPIPE - ok
12:50:46.0142 1748 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
12:50:46.0439 1748 TDTCP - ok
12:50:46.0470 1748 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
12:50:46.0783 1748 TermDD - ok
12:50:46.0970 1748 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
12:50:47.0345 1748 TermService - ok
12:50:47.0424 1748 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
12:50:47.0455 1748 Themes - ok
12:50:47.0502 1748 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
12:50:47.0752 1748 TosIde - ok
12:50:47.0846 1748 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
12:50:48.0174 1748 TrkWks - ok
12:50:48.0236 1748 [ 228D8E60BC9C5238587B0BF1654EC580 ] U2SP C:\WINDOWS\system32\DRIVERS\u2s2kxp.sys
12:50:48.0330 1748 U2SP - ok
12:50:48.0408 1748 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
12:50:48.0658 1748 Udfs - ok
12:50:48.0689 1748 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
12:50:48.0861 1748 ultra - ok
12:50:49.0174 1748 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
12:50:49.0518 1748 Update - ok
12:50:49.0627 1748 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:50:49.0783 1748 upnphost - ok
12:50:49.0830 1748 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
12:50:50.0174 1748 UPS - ok
12:50:50.0237 1748 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:50:50.0440 1748 usbccgp - ok
12:50:50.0502 1748 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:50:50.0752 1748 usbehci - ok
12:50:50.0815 1748 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:50:51.0159 1748 usbhub - ok
12:50:51.0190 1748 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:50:51.0409 1748 usbprint - ok
12:50:51.0456 1748 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:50:51.0784 1748 usbscan - ok
12:50:51.0846 1748 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:50:52.0190 1748 USBSTOR - ok
12:50:52.0237 1748 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:50:52.0456 1748 usbuhci - ok
12:50:52.0565 1748 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12:50:52.0815 1748 VgaSave - ok
12:50:52.0847 1748 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:50:53.0159 1748 viaagp - ok
12:50:53.0190 1748 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
12:50:53.0425 1748 ViaIde - ok
12:50:53.0487 1748 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12:50:53.0737 1748 VolSnap - ok
12:50:53.0878 1748 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
12:50:54.0144 1748 VSS - ok
12:50:54.0472 1748 [ F117D00BBB401C61CE3E9F3B846D0821 ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
12:50:54.0722 1748 vToolbarUpdater13.2.0 - ok
12:50:54.0847 1748 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
12:50:55.0191 1748 w32time - ok
12:50:55.0253 1748 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:50:55.0582 1748 Wanarp - ok
12:50:55.0629 1748 wanatw - ok
12:50:55.0847 1748 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:50:56.0097 1748 Wdf01000 - ok
12:50:56.0113 1748 WDICA - ok
12:50:56.0191 1748 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
12:50:56.0410 1748 wdmaud - ok
12:50:56.0488 1748 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:50:56.0754 1748 WebClient - ok
12:50:57.0207 1748 [ 8ADCD6078AFFC4C81F3C3EBB1E9E3A2B ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
12:50:57.0457 1748 winachsf - ok
12:50:57.0629 1748 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:50:57.0879 1748 winmgmt - ok
12:50:57.0926 1748 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
12:50:58.0176 1748 WmdmPmSN - ok
12:50:58.0285 1748 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:50:58.0707 1748 WmiApSrv - ok
12:50:59.0270 1748 [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
12:50:59.0598 1748 WMPNetworkSvc - ok
12:50:59.0692 1748 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:50:59.0911 1748 WS2IFSL - ok
12:50:59.0989 1748 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
12:51:00.0333 1748 wscsvc - ok
12:51:00.0364 1748 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
12:51:00.0598 1748 wuauserv - ok
12:51:00.0645 1748 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:51:00.0739 1748 WudfPf - ok
12:51:00.0786 1748 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:51:00.0848 1748 WudfRd - ok
12:51:00.0911 1748 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
12:51:01.0083 1748 WudfSvc - ok
12:51:01.0317 1748 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
12:51:01.0661 1748 WZCSVC - ok
12:51:01.0755 1748 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
12:51:02.0271 1748 xmlprov - ok
12:51:02.0286 1748 ================ Scan global ===============================
12:51:02.0364 1748 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
12:51:02.0583 1748 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:51:02.0693 1748 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:51:02.0771 1748 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
12:51:02.0771 1748 [Global] - ok
12:51:02.0771 1748 ================ Scan MBR ==================================
12:51:02.0818 1748 [ 91722E6BC3A2B40FF00222DCA4A3DB3E ] \Device\Harddisk0\DR0
12:51:03.0771 1748 \Device\Harddisk0\DR0 - ok
12:51:03.0771 1748 ================ Scan VBR ==================================
12:51:03.0802 1748 [ 56779635831354D7D953310528857B49 ] \Device\Harddisk0\DR0\Partition1
12:51:03.0802 1748 \Device\Harddisk0\DR0\Partition1 - ok
12:51:03.0802 1748 ============================================================
12:51:03.0802 1748 Scan finished
12:51:03.0802 1748 ============================================================
12:51:04.0115 2664 Detected object count: 21
12:51:04.0115 2664 Actual detected object count: 21
12:52:32.0822 2664 aspnet_state ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0822 2664 aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0822 2664 BrPar ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0822 2664 BrPar ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0838 2664 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0838 2664 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0838 2664 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0838 2664 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0838 2664 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0838 2664 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0853 2664 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0853 2664 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0853 2664 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0853 2664 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0853 2664 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0853 2664 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0853 2664 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0853 2664 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0900 2664 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0900 2664 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0900 2664 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0900 2664 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0900 2664 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0900 2664 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0900 2664 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0900 2664 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0900 2664 DSproct ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0900 2664 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0900 2664 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0900 2664 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0900 2664 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0900 2664 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0916 2664 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0916 2664 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0916 2664 NetSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0916 2664 NetSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0916 2664 Packet ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0916 2664 Packet ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0916 2664 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0916 2664 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:32.0916 2664 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
12:52:32.0916 2664 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:52:37.0464 3676 Deinitialize success
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
785
uber_beetle
uber_beetle
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A

Latest posts

Back