Jump to content

drcho2112

Members
  • Posts

    13
  • Joined

  • Last visited

Everything posted by drcho2112

  1. Sorry for the long delay. I'm still experiencing problems but I'm going to reach out to our ISP. I can't get anywhere now.
  2. Whoops, here's the log. Thanks. DavidNetworkDetails2.txt Query Services version 2 ... [sC] GetServiceConfig SUCCESS SERVICE_NAME: dhcp TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TDI TAG : 0 DISPLAY_NAME : DHCP Client DEPENDENCIES : Tcpip : Afd : NetBT SERVICE_START_NAME : LocalSystem SERVICE_NAME: dhcp TYPE : 20 WIN32_SHARE_PROCESS STATE : 4 RUNNING (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : 0x0 PID : 1108 FLAGS : [sC] GetServiceConfig SUCCESS SERVICE_NAME: TCPIP TYPE : 1 KERNEL_DRIVER START_TYPE : 1 SYSTEM_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : system32\DRIVERS\tcpip.sys LOAD_ORDER_GROUP : PNP_TDI TAG : 3 DISPLAY_NAME : TCP/IP Protocol Driver DEPENDENCIES : IPSec SERVICE_START_NAME : SERVICE_NAME: TCPIP TYPE : 1 KERNEL_DRIVER STATE : 4 RUNNING (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : 0x0 PID : 0 FLAGS : [sC] GetServiceConfig SUCCESS SERVICE_NAME: Afd TYPE : 1 KERNEL_DRIVER START_TYPE : 1 SYSTEM_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : \SystemRoot\System32\drivers\afd.sys LOAD_ORDER_GROUP : TDI TAG : 0 DISPLAY_NAME : AFD DEPENDENCIES : SERVICE_START_NAME : SERVICE_NAME: Afd TYPE : 1 KERNEL_DRIVER STATE : 4 RUNNING (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : 0x0 PID : 0 FLAGS : [sC] GetServiceConfig SUCCESS SERVICE_NAME: NetBT TYPE : 1 KERNEL_DRIVER START_TYPE : 1 SYSTEM_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : system32\DRIVERS\netbt.sys LOAD_ORDER_GROUP : PNP_TDI TAG : 5 DISPLAY_NAME : NetBios over Tcpip DEPENDENCIES : Tcpip SERVICE_START_NAME : SERVICE_NAME: NetBT TYPE : 1 KERNEL_DRIVER STATE : 4 RUNNING (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : 0x0 PID : 0 FLAGS : [sC] GetServiceConfig SUCCESS SERVICE_NAME: NetBIOS TYPE : 2 FILE_SYSTEM_DRIVER START_TYPE : 1 SYSTEM_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : system32\DRIVERS\netbios.sys LOAD_ORDER_GROUP : NetBIOSGroup TAG : 1 DISPLAY_NAME : NetBIOS Interface DEPENDENCIES : SERVICE_START_NAME : SERVICE_NAME: NetBIOS TYPE : 2 FILE_SYSTEM_DRIVER STATE : 4 RUNNING (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : 0x0 PID : 0 FLAGS : [sC] GetServiceConfig SUCCESS SERVICE_NAME: Lmhosts TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\svchost.exe -k LocalService LOAD_ORDER_GROUP : TDI TAG : 0 DISPLAY_NAME : TCP/IP NetBIOS Helper DEPENDENCIES : NetBT : Afd SERVICE_START_NAME : NT AUTHORITY\LocalService SERVICE_NAME: Lmhosts TYPE : 20 WIN32_SHARE_PROCESS STATE : 4 RUNNING (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : 0x0 PID : 1308 FLAGS : [sC] GetServiceConfig SUCCESS SERVICE_NAME: Dnscache TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\svchost.exe -k NetworkService LOAD_ORDER_GROUP : TDI TAG : 0 DISPLAY_NAME : DNS Client DEPENDENCIES : Tcpip SERVICE_START_NAME : NT AUTHORITY\NetworkService SERVICE_NAME: Dnscache TYPE : 20 WIN32_SHARE_PROCESS STATE : 4 RUNNING (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : 0x0 PID : 1200 FLAGS : [sC] GetServiceConfig SUCCESS SERVICE_NAME: PolicyAgent TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\lsass.exe LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : IPSEC Services DEPENDENCIES : RPCSS : Tcpip : IPSec SERVICE_START_NAME : LocalSystem SERVICE_NAME: PolicyAgent TYPE : 20 WIN32_SHARE_PROCESS STATE : 4 RUNNING (STOPPABLE,NOT_PAUSABLE,ACCEPTS_SHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : 0x0 PID : 700 FLAGS : RUNS_IN_SYSTEM_PROCESS [sC] GetServiceConfig SUCCESS SERVICE_NAME: Nla TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 3 DEMAND_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Network Location Awareness (NLA) DEPENDENCIES : Tcpip : Afd SERVICE_START_NAME : LocalSystem SERVICE_NAME: Nla TYPE : 20 WIN32_SHARE_PROCESS STATE : 4 RUNNING (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : 0x0 PID : 1108 FLAGS : [sC] GetServiceConfig SUCCESS SERVICE_NAME: lanmanserver TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\svchost.exe -k netsvcs LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Server DEPENDENCIES : SERVICE_START_NAME : LocalSystem SERVICE_NAME: lanmanserver TYPE : 20 WIN32_SHARE_PROCESS STATE : 4 RUNNING (STOPPABLE,PAUSABLE,ACCEPTS_SHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : 0x0 PID : 1108 FLAGS : [sC] GetServiceConfig SUCCESS SERVICE_NAME: IPSEC TYPE : 1 KERNEL_DRIVER START_TYPE : 1 SYSTEM_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : system32\DRIVERS\ipsec.sys LOAD_ORDER_GROUP : PNP_TDI TAG : 4 DISPLAY_NAME : IPSEC driver DEPENDENCIES : SERVICE_START_NAME : SERVICE_NAME: IPSEC TYPE : 1 KERNEL_DRIVER STATE : 4 RUNNING (STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : 0x0 PID : 0 FLAGS : [sC] GetServiceConfig SUCCESS SERVICE_NAME: RPCSS TYPE : 20 WIN32_SHARE_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 1 NORMAL BINARY_PATH_NAME : C:\WINDOWS\system32\svchost.exe -k rpcss LOAD_ORDER_GROUP : COM Infrastructure TAG : 0 DISPLAY_NAME : Remote Procedure Call (RPC) DEPENDENCIES : SERVICE_START_NAME : NT Authority\NetworkService SERVICE_NAME: RPCSS TYPE : 20 WIN32_SHARE_PROCESS STATE : 4 RUNNING (NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN) WIN32_EXIT_CODE : 0 (0x0) SERVICE_EXIT_CODE : 0 (0x0) CHECKPOINT : 0x0 WAIT_HINT : 0x0 PID : 1008 FLAGS :
  3. Yes, I had alot of stuff going on. Will complete task shortly and reply
  4. To add PC is still not connecting to internet consistently
  5. I deleted that program and ran combofix again and it did get thru the entire process this time. Logs below ComboFix 12-03-06.01 - Mary Borchardt 03/08/2012 14:45:52.5.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.344 [GMT -8:00] Running from: c:\documents and settings\Mary Borchardt\Desktop\ComboFix.exe FW: Platinum 2007 Personal Firewall *Disabled* {4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\MARYBO~1\LOCALS~1\Temp\clclean.0001.dir.0000\~df394b.tmp c:\documents and settings\Mary Borchardt\Local Settings\temp\clclean.0001.dir.0000\~df394b.tmp c:\windows\isRS-000.tmp . . ((((((((((((((((((((((((( Files Created from 2012-02-08 to 2012-03-08 ))))))))))))))))))))))))))))))) . . 2012-03-08 14:51 . 2012-03-08 14:51 -------- d-----w- c:\documents and settings\Mary Borchardt\Local Settings\Application Data\PackageAware 2012-03-08 14:45 . 2012-03-08 14:45 9310 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXTBOX.JS 2012-03-08 14:45 . 2012-03-08 14:45 8646 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TILEBOX.JS 2012-03-08 14:45 . 2012-03-08 14:45 8613 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\SAVEDUSER.JS 2012-03-08 14:45 . 2012-03-08 14:45 6910 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\NEWUSERCOMM.JS 2012-03-08 14:45 . 2012-03-08 14:45 6429 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UICORE.JS 2012-03-08 14:45 . 2012-03-08 14:45 63115 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\USERTILE.JS 2012-03-08 14:45 . 2012-03-08 14:45 5927 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\TEXT.JS 2012-03-08 14:45 . 2012-03-08 14:45 4599 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\UIRESOURCE.JS 2012-03-08 14:45 . 2012-03-08 14:45 1651 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\QUERYSTRING.JS 2012-03-08 14:44 . 2012-03-08 14:44 8288 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\IMAGE.JS 2012-03-08 14:44 . 2012-03-08 14:44 6208 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LINK.JS 2012-03-08 14:44 . 2012-03-08 14:44 18541 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\LOCALIZATION.JS 2012-03-08 14:44 . 2012-03-08 14:44 8782 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\BUTTON.JS 2012-03-08 14:44 . 2012-03-08 14:44 7271 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\CHECKBOX.JS 2012-03-08 14:44 . 2012-03-08 14:44 51852 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\EXTERNALWRAPPER.JS 2012-03-08 14:44 . 2012-03-08 14:44 23327 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\COMBOBOX.JS 2012-03-08 14:44 . 2012-03-08 14:44 20719 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\IdentityCRL\production\temp\wlidui_WLIDSVC\DIVWRAPPER.JS 2012-02-27 17:14 . 2012-02-27 17:14 -------- d-----w- c:\documents and settings\David Cho\Application Data\Incredibar.com 2012-02-27 17:14 . 2012-02-27 17:14 -------- d-----w- c:\documents and settings\David Cho\Application Data\mediabarbs 2012-02-27 17:14 . 2012-02-27 17:14 -------- d-----w- c:\documents and settings\David Cho\Application Data\wincorebsband 2012-02-27 17:14 . 2012-02-27 17:14 -------- d-----w- c:\documents and settings\David Cho\AppData 2012-02-26 19:29 . 2012-02-26 19:29 -------- d-----w- c:\documents and settings\Mary Borchardt\Application Data\Incredibar.com 2012-02-26 18:09 . 2012-02-26 18:09 -------- d-----w- c:\documents and settings\David Cho\Application Data\MyHeritage 2012-02-11 23:07 . 2012-02-11 23:07 -------- d-----w- C:\codec-info 2012-02-11 23:07 . 2012-02-11 23:07 18944 ----a-r- c:\documents and settings\Mary Borchardt\Application Data\Microsoft\Installer\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}\IconBB6A16301.exe 2012-02-11 23:07 . 2012-02-11 23:07 -------- d-----w- c:\program files\AWS 2012-02-11 23:05 . 2012-02-11 23:05 449 ----a-w- C:\user.js 2012-02-11 23:04 . 2012-02-11 23:08 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallMate 2012-02-11 19:11 . 2012-02-11 19:11 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-10 23:24 . 2010-01-26 00:44 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-01-24 00:56 . 2011-04-01 04:01 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot_2012-02-28_18.27.22 ))))))))))))))))))))))))))))))))))))))))) . + 2012-03-08 14:44 . 2012-03-08 14:44 16384 c:\windows\Temp\Perflib_Perfdata_560.dat + 2012-03-08 14:44 . 2012-03-08 14:44 16384 c:\windows\Temp\Perflib_Perfdata_100.dat + 2006-03-28 02:09 . 2012-03-02 04:35 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - 2006-03-28 02:09 . 2012-01-11 00:21 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48}"= "c:\program files\Family Toolbar\tbhelper.dll" [2009-05-07 355840] . [HKEY_CLASSES_ROOT\clsid\{1c4ab6a5-595f-4e86-b15f-f93cce2bbd48}] [HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook.1] [HKEY_CLASSES_ROOT\TypeLib\{1EA6B471-CAD2-419a-9539-0586EEFE2D09}] [HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}] 2009-05-07 21:46 2642432 ----a-w- c:\program files\Family Toolbar\tbcore3.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432] . [HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}] [HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3] [HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] [HKEY_CLASSES_ROOT\MHToolbar.MHToolbar] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432] . [HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}] [HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3] [HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] [HKEY_CLASSES_ROOT\MHToolbar.MHToolbar] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SetDefaultMIDI"="MIDIDef.exe" [2004-12-22 24576] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-15 68856] "Aim"="c:\program files\AIM7\aim.exe" [2009-12-01 3951976] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 344064] "DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208] "CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-09-15 57344] "MBMon"="CTMBHA.DLL" [2005-05-19 1345520] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2002-12-10 188416] "IPHSend"="c:\program files\Common Files\AOL\IPHSend\IPHSend.exe" [2006-02-17 124520] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-04 198160] "Family Tree Builder Update"="c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe" [2009-11-02 222736] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-17 421736] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "removeBearSharetoolbar"="RD" [X] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ Extender Resource Monitor.lnk - c:\windows\ehome\RMSysTry.exe [2005-10-20 18432] McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "MaxRecentDocs"= 19 (0x13) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= . R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [11/24/2007 10:37 PM 33824] R2 ArcGIS License Manager;ArcGIS License Manager;c:\program files\ArcGIS\License10.0\bin\lmgrd.exe [11/5/2008 11:59 PM 1500424] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [1/25/2010 4:44 PM 652360] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1/25/2010 4:44 PM 20464] S0 wbyyiaih;wbyyiaih;c:\windows\system32\drivers\pncoinl.sys --> c:\windows\system32\drivers\pncoinl.sys [?] S2 gupdate1c9fe004505b918;Google Update Service (gupdate1c9fe004505b918);c:\program files\Google\Update\GoogleUpdate.exe [7/5/2009 10:09 PM 133104] S3 ELUSB;DUET Status Monitor Driver;c:\windows\system32\drivers\ELUSB.sys [7/31/2009 3:38 PM 35200] S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/5/2009 10:09 PM 133104] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [1/15/2010 4:49 AM 227232] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] QWAVE REG_MULTI_SZ QWAVE . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}] 2009-03-08 11:32 128512 ----a-w- c:\windows\system32\advpack.dll . Contents of the 'Scheduled Tasks' folder . 2012-03-03 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 01:57] . 2012-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-06 06:09] . 2012-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-06 06:09] . . ------- Supplementary Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uStart Page = hxxp://www.yahoo.com/ mStart Page = hxxp://search.myheritage.com mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 Trusted Zone: turbotax.com Trusted Zone: yahoo.com\www TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\documents and settings\Mary Borchardt\Application Data\Mozilla\Firefox\Profiles\xomo98zl.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=CYBTDF&PC=CYBD&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - www.yahoo.com FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=710&systemid=2&sr=0&q= FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OysBmRNMM&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - dcdd24b7000000000000001372b38ca4 FF - user.js: extensions.incredibar_i.hardId - dcdd24b7000000000000001372b38ca4 FF - user.js: extensions.incredibar_i.instlDay - 15381 FF - user.js: extensions.incredibar_i.vrsn - 1.5.3.27 FF - user.js: extensions.incredibar_i.vrsni - 1.5.3.27 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.3.2715:05 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6OysBmRNMM FF - user.js: extensions.incredibar_i.upn2n - 92260884094850476 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10606 FF - user.js: extensions.incredibar_i.ppd - 48 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-03-08 14:58 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-4179990619-145677384-1142958219-1006\Software\SecuROM\License information*] "datasecu"=hex:cb,20,ae,f2,87,43,38,64,75,66,0a,c7,f6,ea,cf,0b,fc,25,68,21,dc, 63,4a,93,3e,11,ef,54,bc,96,fb,ef,a6,85,74,d3,b6,ac,a3,54,4e,11,8a,47,17,f8,\ "rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44 . Completion time: 2012-03-08 15:02:23 ComboFix-quarantined-files.txt 2012-03-08 23:02 ComboFix2.txt 2012-03-07 00:51 ComboFix3.txt 2012-02-28 18:32 ComboFix4.txt 2010-07-10 00:48 ComboFix5.txt 2012-03-08 01:47 . Pre-Run: 108,386,873,344 bytes free Post-Run: 108,369,539,072 bytes free . - - End Of File - - 55B589336BF3722DD7487D8A57632FE7 Thanks again
  6. No, I don't recognize that program. I did as instructed but when I run combofix it just hangs at the bluescreen. it's been in the same state since last night. i did not click in the screen or touch my PC after it started running. Currently PC behavior is that normal PC stuff seems to be fine;opening docs, exploring, running other programs etc. It's only web traffic that is hosed and it seems intermittent, Strangely it seems to like going to Yahoo and Google but nowhere else.
  7. logs from combofix ComboFix 12-03-06.01 - Mary Borchardt 03/06/2012 16:34:19.4.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.447 [GMT -8:00] Running from: c:\documents and settings\Mary Borchardt\Desktop\ComboFix.exe FW: Platinum 2007 Personal Firewall *Disabled* {4570FB70-5C9E-47E9-B16C-A3A6A06C4BF0} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\MARYBO~1\LOCALS~1\Temp\clclean.0001.dir.0000\~df394b.tmp c:\documents and settings\Mary Borchardt\Local Settings\temp\clclean.0001.dir.0000\~df394b.tmp . . ((((((((((((((((((((((((( Files Created from 2012-02-07 to 2012-03-07 ))))))))))))))))))))))))))))))) . . 2012-03-02 00:24 . 2012-03-02 00:24 709968 ----a-w- c:\windows\is-VR0AL.exe 2012-02-27 17:14 . 2012-02-27 17:14 -------- d-----w- c:\documents and settings\David Cho\Application Data\Incredibar.com 2012-02-27 17:14 . 2012-02-27 17:14 -------- d-----w- c:\documents and settings\David Cho\Application Data\mediabarbs 2012-02-27 17:14 . 2012-02-27 17:14 -------- d-----w- c:\documents and settings\David Cho\Application Data\wincorebsband 2012-02-27 17:14 . 2012-02-27 17:14 -------- d-----w- c:\documents and settings\David Cho\AppData 2012-02-26 19:29 . 2012-02-26 19:29 -------- d-----w- c:\documents and settings\Mary Borchardt\Application Data\Incredibar.com 2012-02-26 18:09 . 2012-02-26 18:09 -------- d-----w- c:\documents and settings\David Cho\Application Data\MyHeritage 2012-02-11 23:08 . 2012-02-11 23:08 -------- d-----w- c:\documents and settings\Mary Borchardt\Local Settings\Application Data\Premiumplay Codec-C 2012-02-11 23:07 . 2012-02-11 23:08 -------- d-----w- c:\program files\Premiumplay Codec-C 2012-02-11 23:07 . 2012-02-27 20:41 -------- d-----w- c:\documents and settings\Mary Borchardt\Local Settings\Application Data\WeatherBug 2012-02-11 23:07 . 2012-02-11 23:07 -------- d-----w- C:\codec-info 2012-02-11 23:07 . 2012-02-11 23:07 -------- d-----w- c:\documents and settings\Mary Borchardt\Application Data\WeatherBug 2012-02-11 23:07 . 2012-02-11 23:07 18944 ----a-r- c:\documents and settings\Mary Borchardt\Application Data\Microsoft\Installer\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}\IconBB6A16301.exe 2012-02-11 23:07 . 2012-02-11 23:07 11264 ----a-r- c:\documents and settings\Mary Borchardt\Application Data\Microsoft\Installer\{297DCADA-86A1-4A42-8A13-66B7D7A09FD2}\IconBB6A1630.exe 2012-02-11 23:07 . 2012-02-11 23:07 -------- d-----w- c:\program files\AWS 2012-02-11 23:05 . 2012-02-11 23:05 449 ----a-w- C:\user.js 2012-02-11 23:04 . 2012-02-11 23:08 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallMate 2012-02-11 19:11 . 2012-02-11 19:11 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Apple 2012-02-06 04:57 . 2012-02-06 04:57 -------- d-----w- c:\program files\iPod 2012-02-06 04:57 . 2012-02-06 04:58 -------- d-----w- c:\program files\iTunes . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-10 23:24 . 2010-01-26 00:44 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-01-24 00:56 . 2011-04-01 04:01 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot_2012-02-28_18.27.22 ))))))))))))))))))))))))))))))))))))))))) . + 2012-03-02 00:22 . 2012-03-02 00:22 16384 c:\windows\Temp\Perflib_Perfdata_b0.dat + 2012-03-02 00:22 . 2012-03-02 00:22 16384 c:\windows\Temp\Perflib_Perfdata_398.dat + 2011-08-16 06:46 . 2012-03-02 04:35 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - 2011-08-16 06:46 . 2012-01-11 00:21 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2006-03-28 02:09 . 2012-03-02 04:35 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - 2006-03-28 02:09 . 2012-01-11 00:21 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat + 2012-03-02 04:41 . 2012-03-02 04:35 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat - 2011-08-16 06:46 . 2012-01-11 00:21 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48}"= "c:\program files\Family Toolbar\tbhelper.dll" [2009-05-07 355840] . [HKEY_CLASSES_ROOT\clsid\{1c4ab6a5-595f-4e86-b15f-f93cce2bbd48}] [HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook.1] [HKEY_CLASSES_ROOT\TypeLib\{1EA6B471-CAD2-419a-9539-0586EEFE2D09}] [HKEY_CLASSES_ROOT\URLSearchHook.MHURLSearchHook] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F}] 2009-05-07 21:46 2642432 ----a-w- c:\program files\Family Toolbar\tbcore3.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}] 2011-10-31 12:14 87480 ----a-w- c:\progra~1\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432] "{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}"= "c:\progra~1\BEARSH~1\MediaBar\Datamngr\ToolBar\wincorebsdtx.dll" [2011-10-31 87480] . [HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}] [HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3] [HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] [HKEY_CLASSES_ROOT\MHToolbar.MHToolbar] . [HKEY_CLASSES_ROOT\clsid\{c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}"= "c:\program files\Family Toolbar\tbcore3.dll" [2009-05-07 2642432] . [HKEY_CLASSES_ROOT\clsid\{fd2fd708-1f6f-4b68-b141-c5778f0c19bb}] [HKEY_CLASSES_ROOT\MHToolbar.MHToolbar.3] [HKEY_CLASSES_ROOT\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] [HKEY_CLASSES_ROOT\MHToolbar.MHToolbar] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SetDefaultMIDI"="MIDIDef.exe" [2004-12-22 24576] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-05-15 68856] "Aim"="c:\program files\AIM7\aim.exe" [2009-12-01 3951976] "Weather"="c:\program files\AWS\WeatherBug\Weather.exe" [2010-10-30 1652736] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] "SigmatelSysTrayApp"="stsystra.exe" [2005-03-23 339968] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-06 344064] "DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208] "CTSysVol"="c:\program files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe" [2005-09-15 57344] "MBMon"="CTMBHA.DLL" [2005-05-19 1345520] "UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-06-10 249856] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-06-10 81920] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2002-12-10 188416] "IPHSend"="c:\program files\Common Files\AOL\IPHSend\IPHSend.exe" [2006-02-17 124520] "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-10-04 198160] "Family Tree Builder Update"="c:\program files\MyHeritage\Bin\FTBCheckUpdates.exe" [2009-11-02 222736] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-25 460872] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-02 59240] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-01-17 421736] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2011-08-31 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-12-25 460872] "InnoSetupRegFile.0000000001"="c:\windows\is-VR0AL.exe" [2012-03-02 709968] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ Extender Resource Monitor.lnk - c:\windows\ehome\RMSysTry.exe [2005-10-20 18432] McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536] . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "MaxRecentDocs"= 19 (0x13) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= . R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [11/24/2007 10:37 PM 33824] R2 ArcGIS License Manager;ArcGIS License Manager;c:\program files\ArcGIS\License10.0\bin\lmgrd.exe [11/5/2008 11:59 PM 1500424] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [1/25/2010 4:44 PM 652872] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1/25/2010 4:44 PM 20464] S0 wbyyiaih;wbyyiaih;c:\windows\system32\drivers\pncoinl.sys --> c:\windows\system32\drivers\pncoinl.sys [?] S2 gupdate1c9fe004505b918;Google Update Service (gupdate1c9fe004505b918);c:\program files\Google\Update\GoogleUpdate.exe [7/5/2009 10:09 PM 133104] S3 ELUSB;DUET Status Monitor Driver;c:\windows\system32\drivers\ELUSB.sys [7/31/2009 3:38 PM 35200] S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/5/2009 10:09 PM 133104] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [1/15/2010 4:49 AM 227232] . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 22902473 *NewlyCreated* - 92897989 *Deregistered* - 22902473 *Deregistered* - 92897989 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] QWAVE REG_MULTI_SZ QWAVE . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}] 2009-03-08 11:32 128512 ----a-w- c:\windows\system32\advpack.dll . Contents of the 'Scheduled Tasks' folder . 2012-03-03 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 01:57] . 2012-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-06 06:09] . 2012-02-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-07-06 06:09] . . ------- Supplementary Scan ------- . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uStart Page = hxxp://www.yahoo.com/ mStart Page = hxxp://search.myheritage.com mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000 Trusted Zone: turbotax.com Trusted Zone: yahoo.com\www TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\documents and settings\Mary Borchardt\Application Data\Mozilla\Firefox\Profiles\xomo98zl.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=CYBTDF&PC=CYBD&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - www.yahoo.com FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=710&systemid=2&sr=0&q= FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OysBmRNMM&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - dcdd24b7000000000000001372b38ca4 FF - user.js: extensions.incredibar_i.hardId - dcdd24b7000000000000001372b38ca4 FF - user.js: extensions.incredibar_i.instlDay - 15381 FF - user.js: extensions.incredibar_i.vrsn - 1.5.3.27 FF - user.js: extensions.incredibar_i.vrsni - 1.5.3.27 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.3.2715:05 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6OysBmRNMM FF - user.js: extensions.incredibar_i.upn2n - 92260884094850476 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10606 FF - user.js: extensions.incredibar_i.ppd - 48 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-03-06 16:46 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-4179990619-145677384-1142958219-1006\Software\SecuROM\License information*] "datasecu"=hex:cb,20,ae,f2,87,43,38,64,75,66,0a,c7,f6,ea,cf,0b,fc,25,68,21,dc, 63,4a,93,3e,11,ef,54,bc,96,fb,ef,a6,85,74,d3,b6,ac,a3,54,4e,11,8a,47,17,f8,\ "rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44 . Completion time: 2012-03-06 16:51:18 ComboFix-quarantined-files.txt 2012-03-07 00:51 ComboFix2.txt 2012-02-28 18:32 ComboFix3.txt 2010-07-10 00:48 ComboFix4.txt 2010-07-09 23:04 . Pre-Run: 108,282,314,752 bytes free Post-Run: 108,263,530,496 bytes free . - - End Of File - - C01F88C03DFF34033B83B0DB886A26B6 Thanks
  8. Here is the correct log 10:54:00.0223 2748 TDSS rootkit removing tool 2.7.18.0 Mar 2 2012 09:40:07 10:54:00.0629 2748 ============================================================ 10:54:00.0629 2748 Current date / time: 2012/03/04 10:54:00.0629 10:54:00.0629 2748 SystemInfo: 10:54:00.0629 2748 10:54:00.0629 2748 OS Version: 5.1.2600 ServicePack: 3.0 10:54:00.0629 2748 Product type: Workstation 10:54:00.0629 2748 ComputerName: ELMACHINO 10:54:00.0629 2748 UserName: Mary Borchardt 10:54:00.0629 2748 Windows directory: C:\WINDOWS 10:54:00.0629 2748 System windows directory: C:\WINDOWS 10:54:00.0629 2748 Processor architecture: Intel x86 10:54:00.0629 2748 Number of processors: 2 10:54:00.0629 2748 Page size: 0x1000 10:54:00.0629 2748 Boot type: Normal boot 10:54:00.0629 2748 ============================================================ 10:54:01.0645 2748 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 10:54:01.0660 2748 Drive \Device\Harddisk1\DR4 - Size: 0x1E3000000 (7.55 Gb), SectorSize: 0x200, Cylinders: 0x3D9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 10:54:01.0660 2748 \Device\Harddisk0\DR0: 10:54:01.0660 2748 MBR used 10:54:01.0660 2748 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x120A4B98 10:54:01.0660 2748 \Device\Harddisk1\DR4: 10:54:01.0660 2748 MBR used 10:54:01.0660 2748 \Device\Harddisk1\DR4\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0xF17FE0 10:54:01.0770 2748 Initialize success 10:54:01.0770 2748 ============================================================ 10:54:39.0488 4348 ============================================================ 10:54:39.0488 4348 Scan started 10:54:39.0488 4348 Mode: Manual; SigCheck; TDLFS; 10:54:39.0488 4348 ============================================================ 10:54:39.0707 4348 Abiosdsk - ok 10:54:39.0754 4348 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 10:54:42.0035 4348 abp480n5 - ok 10:54:42.0176 4348 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 10:54:42.0457 4348 ACPI - ok 10:54:42.0520 4348 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys 10:54:42.0660 4348 ACPIEC - ok 10:54:42.0738 4348 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 10:54:42.0879 4348 adpu160m - ok 10:54:42.0957 4348 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 10:54:43.0098 4348 aec - ok 10:54:43.0145 4348 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 10:54:43.0207 4348 AFD - ok 10:54:43.0238 4348 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 10:54:43.0363 4348 agp440 - ok 10:54:43.0379 4348 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 10:54:43.0520 4348 agpCPQ - ok 10:54:43.0535 4348 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 10:54:43.0598 4348 Aha154x - ok 10:54:43.0613 4348 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 10:54:43.0770 4348 aic78u2 - ok 10:54:43.0785 4348 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 10:54:43.0910 4348 aic78xx - ok 10:54:43.0926 4348 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 10:54:44.0066 4348 AliIde - ok 10:54:44.0113 4348 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 10:54:44.0270 4348 alim1541 - ok 10:54:44.0285 4348 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 10:54:44.0410 4348 amdagp - ok 10:54:44.0441 4348 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 10:54:44.0520 4348 amsint - ok 10:54:44.0535 4348 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 10:54:44.0660 4348 asc - ok 10:54:44.0691 4348 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 10:54:44.0754 4348 asc3350p - ok 10:54:44.0754 4348 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 10:54:44.0910 4348 asc3550 - ok 10:54:44.0957 4348 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 10:54:45.0082 4348 AsyncMac - ok 10:54:45.0098 4348 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 10:54:45.0238 4348 atapi - ok 10:54:45.0254 4348 Atdisk - ok 10:54:45.0316 4348 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 10:54:45.0395 4348 ati2mtag - ok 10:54:45.0488 4348 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 10:54:45.0629 4348 Atmarpc - ok 10:54:45.0660 4348 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 10:54:45.0770 4348 audstub - ok 10:54:45.0785 4348 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 10:54:45.0941 4348 Beep - ok 10:54:45.0957 4348 BVRPMPR5 - ok 10:54:45.0957 4348 bvrp_pci - ok 10:54:45.0973 4348 catchme - ok 10:54:45.0973 4348 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 10:54:46.0113 4348 cbidf - ok 10:54:46.0129 4348 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 10:54:46.0254 4348 cbidf2k - ok 10:54:46.0270 4348 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 10:54:46.0379 4348 CCDECODE - ok 10:54:46.0410 4348 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 10:54:46.0488 4348 cd20xrnt - ok 10:54:46.0520 4348 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 10:54:46.0676 4348 Cdaudio - ok 10:54:46.0707 4348 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 10:54:46.0816 4348 Cdfs - ok 10:54:46.0832 4348 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 10:54:46.0973 4348 Cdrom - ok 10:54:46.0988 4348 Changer - ok 10:54:47.0020 4348 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys 10:54:47.0160 4348 CmdIde - ok 10:54:47.0176 4348 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 10:54:47.0301 4348 Cpqarray - ok 10:54:47.0348 4348 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys 10:54:47.0395 4348 ctsfm2k - ok 10:54:47.0426 4348 CTUSFSYN (4ee8822adb764edd28ce44e808097995) C:\WINDOWS\system32\drivers\ctusfsyn.sys 10:54:47.0473 4348 CTUSFSYN - ok 10:54:47.0504 4348 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 10:54:47.0645 4348 dac2w2k - ok 10:54:47.0660 4348 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 10:54:47.0801 4348 dac960nt - ok 10:54:47.0848 4348 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 10:54:47.0988 4348 Disk - ok 10:54:48.0020 4348 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS 10:54:48.0051 4348 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning 10:54:48.0051 4348 DLABOIOM - detected UnsignedFile.Multi.Generic (1) 10:54:48.0051 4348 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS 10:54:48.0066 4348 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning 10:54:48.0066 4348 DLACDBHM - detected UnsignedFile.Multi.Generic (1) 10:54:48.0082 4348 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS 10:54:48.0113 4348 DLADResN ( UnsignedFile.Multi.Generic ) - warning 10:54:48.0113 4348 DLADResN - detected UnsignedFile.Multi.Generic (1) 10:54:48.0145 4348 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS 10:54:48.0160 4348 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning 10:54:48.0160 4348 DLAIFS_M - detected UnsignedFile.Multi.Generic (1) 10:54:48.0176 4348 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS 10:54:48.0191 4348 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning 10:54:48.0191 4348 DLAOPIOM - detected UnsignedFile.Multi.Generic (1) 10:54:48.0207 4348 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS 10:54:48.0207 4348 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning 10:54:48.0207 4348 DLAPoolM - detected UnsignedFile.Multi.Generic (1) 10:54:48.0238 4348 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS 10:54:48.0238 4348 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning 10:54:48.0238 4348 DLARTL_N - detected UnsignedFile.Multi.Generic (1) 10:54:48.0270 4348 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS 10:54:48.0270 4348 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning 10:54:48.0270 4348 DLAUDFAM - detected UnsignedFile.Multi.Generic (1) 10:54:48.0285 4348 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS 10:54:48.0285 4348 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning 10:54:48.0285 4348 DLAUDF_M - detected UnsignedFile.Multi.Generic (1) 10:54:48.0348 4348 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 10:54:48.0504 4348 dmboot - ok 10:54:48.0535 4348 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 10:54:48.0676 4348 dmio - ok 10:54:48.0676 4348 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 10:54:48.0816 4348 dmload - ok 10:54:48.0832 4348 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 10:54:48.0957 4348 DMusic - ok 10:54:49.0004 4348 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 10:54:49.0129 4348 dpti2o - ok 10:54:49.0176 4348 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 10:54:49.0285 4348 drmkaud - ok 10:54:49.0332 4348 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS 10:54:49.0348 4348 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning 10:54:49.0348 4348 DRVMCDB - detected UnsignedFile.Multi.Generic (1) 10:54:49.0348 4348 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS 10:54:49.0379 4348 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning 10:54:49.0379 4348 DRVNDDM - detected UnsignedFile.Multi.Generic (1) 10:54:49.0410 4348 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys 10:54:49.0441 4348 E100B - ok 10:54:49.0457 4348 EagleNT - ok 10:54:49.0520 4348 ELUSB (a77fbb6c8f74242c484b96ec88925c4b) C:\WINDOWS\system32\Drivers\ELUSB.sys 10:54:49.0566 4348 ELUSB ( UnsignedFile.Multi.Generic ) - warning 10:54:49.0566 4348 ELUSB - detected UnsignedFile.Multi.Generic (1) 10:54:49.0613 4348 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 10:54:49.0754 4348 Fastfat - ok 10:54:49.0785 4348 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 10:54:49.0926 4348 Fdc - ok 10:54:49.0957 4348 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 10:54:50.0113 4348 Fips - ok 10:54:50.0145 4348 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 10:54:50.0285 4348 Flpydisk - ok 10:54:50.0332 4348 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 10:54:50.0473 4348 FltMgr - ok 10:54:50.0488 4348 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 10:54:50.0645 4348 Fs_Rec - ok 10:54:50.0660 4348 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 10:54:50.0801 4348 Ftdisk - ok 10:54:50.0848 4348 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 10:54:50.0863 4348 GEARAspiWDM - ok 10:54:50.0926 4348 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 10:54:51.0051 4348 Gpc - ok 10:54:51.0113 4348 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 10:54:51.0254 4348 HDAudBus - ok 10:54:51.0285 4348 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 10:54:51.0426 4348 HidUsb - ok 10:54:51.0488 4348 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 10:54:51.0629 4348 hpn - ok 10:54:51.0645 4348 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys 10:54:51.0707 4348 HSFHWBS2 - ok 10:54:51.0770 4348 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys 10:54:51.0832 4348 HSF_DP - ok 10:54:51.0879 4348 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys 10:54:52.0020 4348 HTTP - ok 10:54:52.0066 4348 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 10:54:52.0191 4348 i2omgmt - ok 10:54:52.0207 4348 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 10:54:52.0348 4348 i2omp - ok 10:54:52.0363 4348 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 10:54:52.0488 4348 i8042prt - ok 10:54:52.0535 4348 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 10:54:52.0660 4348 Imapi - ok 10:54:52.0707 4348 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 10:54:52.0848 4348 ini910u - ok 10:54:52.0863 4348 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys 10:54:52.0988 4348 IntelIde - ok 10:54:53.0035 4348 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 10:54:53.0160 4348 intelppm - ok 10:54:53.0160 4348 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 10:54:53.0301 4348 Ip6Fw - ok 10:54:53.0348 4348 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 10:54:53.0473 4348 IpFilterDriver - ok 10:54:53.0504 4348 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 10:54:53.0613 4348 IpInIp - ok 10:54:53.0645 4348 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 10:54:53.0785 4348 IpNat - ok 10:54:53.0832 4348 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 10:54:53.0973 4348 IPSec - ok 10:54:53.0973 4348 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 10:54:54.0098 4348 IRENUM - ok 10:54:54.0129 4348 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 10:54:54.0270 4348 isapnp - ok 10:54:54.0316 4348 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 10:54:54.0441 4348 Kbdclass - ok 10:54:54.0473 4348 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 10:54:54.0598 4348 kbdhid - ok 10:54:54.0613 4348 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 10:54:54.0754 4348 kmixer - ok 10:54:54.0801 4348 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys 10:54:54.0910 4348 KSecDD - ok 10:54:54.0926 4348 lbrtfdc - ok 10:54:54.0988 4348 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys 10:55:15.0363 4348 MBAMProtector - ok 10:55:15.0520 4348 MCSTRM (5bb01b9f582259d1fb7653c5c1da3653) C:\WINDOWS\system32\drivers\MCSTRM.sys 10:55:15.0535 4348 MCSTRM ( UnsignedFile.Multi.Generic ) - warning 10:55:15.0535 4348 MCSTRM - detected UnsignedFile.Multi.Generic (1) 10:55:15.0598 4348 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 10:55:15.0613 4348 mdmxsdk - ok 10:55:15.0645 4348 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys 10:55:15.0676 4348 MHNDRV ( UnsignedFile.Multi.Generic ) - warning 10:55:15.0676 4348 MHNDRV - detected UnsignedFile.Multi.Generic (1) 10:55:15.0691 4348 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 10:55:15.0816 4348 mnmdd - ok 10:55:15.0879 4348 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 10:55:16.0020 4348 Modem - ok 10:55:16.0051 4348 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys 10:55:16.0176 4348 MODEMCSA - ok 10:55:16.0207 4348 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 10:55:16.0332 4348 Mouclass - ok 10:55:16.0379 4348 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 10:55:16.0520 4348 mouhid - ok 10:55:16.0535 4348 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 10:55:16.0676 4348 MountMgr - ok 10:55:16.0707 4348 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 10:55:16.0848 4348 mraid35x - ok 10:55:16.0863 4348 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 10:55:16.0973 4348 MRxDAV - ok 10:55:17.0035 4348 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 10:55:17.0098 4348 MRxSmb - ok 10:55:17.0160 4348 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 10:55:17.0301 4348 Msfs - ok 10:55:17.0332 4348 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 10:55:17.0473 4348 MSKSSRV - ok 10:55:17.0473 4348 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 10:55:17.0598 4348 MSPCLOCK - ok 10:55:17.0613 4348 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 10:55:17.0723 4348 MSPQM - ok 10:55:17.0770 4348 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 10:55:17.0879 4348 mssmbios - ok 10:55:17.0926 4348 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 10:55:18.0066 4348 MSTEE - ok 10:55:18.0098 4348 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 10:55:18.0207 4348 Mup - ok 10:55:18.0238 4348 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 10:55:18.0379 4348 NABTSFEC - ok 10:55:18.0410 4348 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 10:55:18.0566 4348 NDIS - ok 10:55:18.0598 4348 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 10:55:18.0738 4348 NdisIP - ok 10:55:18.0754 4348 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 10:55:18.0895 4348 NdisTapi - ok 10:55:18.0926 4348 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 10:55:19.0051 4348 Ndisuio - ok 10:55:19.0066 4348 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 10:55:19.0191 4348 NdisWan - ok 10:55:19.0207 4348 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 10:55:19.0332 4348 NDProxy - ok 10:55:19.0363 4348 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 10:55:19.0504 4348 NetBIOS - ok 10:55:19.0535 4348 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 10:55:19.0676 4348 NetBT - ok 10:55:19.0707 4348 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 10:55:19.0832 4348 Npfs - ok 10:55:19.0863 4348 npkcusb - ok 10:55:19.0910 4348 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 10:55:20.0066 4348 Ntfs - ok 10:55:20.0098 4348 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 10:55:20.0238 4348 Null - ok 10:55:20.0301 4348 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 10:55:20.0473 4348 nv - ok 10:55:20.0473 4348 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 10:55:20.0598 4348 NwlnkFlt - ok 10:55:20.0613 4348 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 10:55:20.0738 4348 NwlnkFwd - ok 10:55:20.0785 4348 oreans32 (21dc5b289dce2d32a32baab7bcf29a6a) C:\WINDOWS\system32\drivers\oreans32.sys 10:55:20.0801 4348 oreans32 ( UnsignedFile.Multi.Generic ) - warning 10:55:20.0801 4348 oreans32 - detected UnsignedFile.Multi.Generic (1) 10:55:20.0863 4348 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys 10:55:20.0895 4348 ossrv - ok 10:55:20.0895 4348 ovt519 - ok 10:55:20.0910 4348 PalmUSBD - ok 10:55:20.0957 4348 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys 10:55:21.0082 4348 Parport - ok 10:55:21.0113 4348 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 10:55:21.0238 4348 PartMgr - ok 10:55:21.0254 4348 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 10:55:21.0363 4348 ParVdm - ok 10:55:21.0379 4348 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 10:55:21.0504 4348 PCI - ok 10:55:21.0520 4348 PCIDump - ok 10:55:21.0535 4348 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 10:55:21.0660 4348 PCIIde - ok 10:55:21.0676 4348 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys 10:55:21.0801 4348 Pcmcia - ok 10:55:21.0801 4348 PDCOMP - ok 10:55:21.0816 4348 PDFRAME - ok 10:55:21.0832 4348 PDRELI - ok 10:55:21.0832 4348 PDRFRAME - ok 10:55:21.0879 4348 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 10:55:22.0004 4348 perc2 - ok 10:55:22.0020 4348 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 10:55:22.0145 4348 perc2hib - ok 10:55:22.0191 4348 PfModNT (d9ed17ac15720096a9f92ff4ea587b09) C:\WINDOWS\system32\drivers\PfModNT.sys 10:55:22.0223 4348 PfModNT ( UnsignedFile.Multi.Generic ) - warning 10:55:22.0223 4348 PfModNT - detected UnsignedFile.Multi.Generic (1) 10:55:22.0301 4348 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 10:55:22.0410 4348 PptpMiniport - ok 10:55:22.0426 4348 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 10:55:22.0566 4348 PSched - ok 10:55:22.0582 4348 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 10:55:22.0691 4348 Ptilink - ok 10:55:22.0738 4348 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys 10:55:22.0770 4348 PxHelp20 - ok 10:55:22.0785 4348 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 10:55:22.0910 4348 ql1080 - ok 10:55:22.0926 4348 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 10:55:23.0051 4348 Ql10wnt - ok 10:55:23.0066 4348 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 10:55:23.0176 4348 ql12160 - ok 10:55:23.0207 4348 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 10:55:23.0348 4348 ql1240 - ok 10:55:23.0348 4348 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 10:55:23.0473 4348 ql1280 - ok 10:55:23.0504 4348 QWAVEDRV (2bb1d2baf3493362e5c1949c5f210d5f) C:\WINDOWS\system32\DRIVERS\qwavedrv.sys 10:55:23.0504 4348 QWAVEDRV ( UnsignedFile.Multi.Generic ) - warning 10:55:23.0504 4348 QWAVEDRV - detected UnsignedFile.Multi.Generic (1) 10:55:23.0535 4348 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 10:55:23.0660 4348 RasAcd - ok 10:55:23.0707 4348 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 10:55:23.0848 4348 Rasl2tp - ok 10:55:23.0895 4348 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 10:55:24.0004 4348 RasPppoe - ok 10:55:24.0020 4348 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 10:55:24.0145 4348 Raspti - ok 10:55:24.0176 4348 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 10:55:24.0316 4348 Rdbss - ok 10:55:24.0348 4348 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 10:55:24.0473 4348 RDPCDD - ok 10:55:24.0504 4348 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 10:55:24.0629 4348 rdpdr - ok 10:55:24.0660 4348 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 10:55:24.0785 4348 RDPWD - ok 10:55:24.0816 4348 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 10:55:24.0957 4348 redbook - ok 10:55:25.0051 4348 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 10:55:25.0191 4348 Secdrv - ok 10:55:25.0223 4348 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 10:55:25.0363 4348 serenum - ok 10:55:25.0395 4348 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys 10:55:25.0520 4348 Serial - ok 10:55:25.0551 4348 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 10:55:25.0691 4348 Sfloppy - ok 10:55:25.0770 4348 sigfilt (6bd3976b881888ac9a0ed3eb94e7fd38) C:\WINDOWS\system32\drivers\sigfilt.sys 10:55:25.0863 4348 sigfilt - ok 10:55:25.0863 4348 Simbad - ok 10:55:25.0910 4348 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys 10:55:26.0051 4348 sisagp - ok 10:55:26.0066 4348 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 10:55:26.0207 4348 SLIP - ok 10:55:26.0238 4348 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 10:55:26.0363 4348 SONYPVU1 - ok 10:55:26.0395 4348 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 10:55:26.0473 4348 Sparrow - ok 10:55:26.0504 4348 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 10:55:26.0629 4348 splitter - ok 10:55:26.0645 4348 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 10:55:26.0785 4348 sr - ok 10:55:26.0848 4348 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys 10:55:26.0910 4348 Srv - ok 10:55:26.0957 4348 STHDA (b95480c92c4c9c311be47b8a1ad73770) C:\WINDOWS\system32\drivers\sthda.sys 10:55:26.0988 4348 STHDA - ok 10:55:27.0035 4348 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 10:55:27.0176 4348 streamip - ok 10:55:27.0191 4348 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 10:55:27.0316 4348 swenum - ok 10:55:27.0363 4348 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 10:55:27.0488 4348 swmidi - ok 10:55:27.0535 4348 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 10:55:27.0660 4348 symc810 - ok 10:55:27.0676 4348 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 10:55:27.0785 4348 symc8xx - ok 10:55:27.0801 4348 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 10:55:27.0910 4348 sym_hi - ok 10:55:27.0941 4348 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 10:55:28.0066 4348 sym_u3 - ok 10:55:28.0113 4348 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 10:55:28.0254 4348 sysaudio - ok 10:55:28.0301 4348 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 10:55:28.0363 4348 Tcpip - ok 10:55:28.0395 4348 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 10:55:28.0520 4348 TDPIPE - ok 10:55:28.0551 4348 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 10:55:28.0676 4348 TDTCP - ok 10:55:28.0707 4348 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 10:55:28.0832 4348 TermDD - ok 10:55:28.0879 4348 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys 10:55:29.0004 4348 TosIde - ok 10:55:29.0035 4348 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 10:55:29.0176 4348 Udfs - ok 10:55:29.0176 4348 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 10:55:29.0238 4348 ultra - ok 10:55:29.0285 4348 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 10:55:29.0410 4348 Update - ok 10:55:29.0457 4348 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys 10:55:29.0520 4348 USBAAPL - ok 10:55:29.0551 4348 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 10:55:29.0691 4348 usbaudio - ok 10:55:29.0723 4348 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 10:55:29.0863 4348 usbccgp - ok 10:55:29.0895 4348 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 10:55:30.0035 4348 usbehci - ok 10:55:30.0066 4348 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 10:55:30.0207 4348 usbhub - ok 10:55:30.0238 4348 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 10:55:30.0379 4348 usbprint - ok 10:55:30.0410 4348 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 10:55:30.0535 4348 usbscan - ok 10:55:30.0566 4348 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 10:55:30.0691 4348 USBSTOR - ok 10:55:30.0707 4348 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 10:55:30.0816 4348 usbuhci - ok 10:55:30.0848 4348 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 10:55:30.0973 4348 VgaSave - ok 10:55:31.0020 4348 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys 10:55:31.0145 4348 viaagp - ok 10:55:31.0145 4348 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 10:55:31.0285 4348 ViaIde - ok 10:55:31.0316 4348 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 10:55:31.0457 4348 VolSnap - ok 10:55:31.0488 4348 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 10:55:31.0613 4348 Wanarp - ok 10:55:31.0629 4348 wanatw - ok 10:55:31.0629 4348 wbyyiaih - ok 10:55:31.0691 4348 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys 10:55:31.0738 4348 Wdf01000 - ok 10:55:31.0738 4348 WDICA - ok 10:55:31.0770 4348 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 10:55:31.0910 4348 wdmaud - ok 10:55:31.0957 4348 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 10:55:31.0988 4348 winachsf - ok 10:55:32.0051 4348 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys 10:55:32.0066 4348 WinUSB - ok 10:55:32.0129 4348 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 10:55:32.0254 4348 WS2IFSL - ok 10:55:32.0285 4348 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 10:55:32.0426 4348 WSTCODEC - ok 10:55:32.0488 4348 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 10:55:32.0551 4348 WudfPf - ok 10:55:32.0566 4348 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 10:55:32.0582 4348 WudfRd - ok 10:55:32.0629 4348 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0 10:55:32.0723 4348 \Device\Harddisk0\DR0 - ok 10:55:32.0723 4348 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR4 10:55:36.0270 4348 \Device\Harddisk1\DR4 - ok 10:55:36.0285 4348 Boot (0x1200) (0a66a4e618afc8288a4dbecab99de22f) \Device\Harddisk0\DR0\Partition0 10:55:36.0285 4348 \Device\Harddisk0\DR0\Partition0 - ok 10:55:36.0301 4348 Boot (0x1200) (8f6150e1df65a8bc73dd9a4f5ad4da44) \Device\Harddisk1\DR4\Partition0 10:55:36.0301 4348 \Device\Harddisk1\DR4\Partition0 - ok 10:55:36.0301 4348 ============================================================ 10:55:36.0301 4348 Scan finished 10:55:36.0301 4348 ============================================================ 10:55:36.0410 3292 Detected object count: 17 10:55:36.0410 3292 Actual detected object count: 17 10:56:20.0129 3292 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0129 3292 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0129 3292 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0129 3292 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0129 3292 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0129 3292 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0129 3292 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0129 3292 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0129 3292 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0129 3292 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0129 3292 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0129 3292 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0129 3292 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0129 3292 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0145 3292 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0145 3292 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0145 3292 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0145 3292 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0145 3292 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0145 3292 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0145 3292 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0145 3292 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0145 3292 ELUSB ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0145 3292 ELUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0145 3292 MCSTRM ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0145 3292 MCSTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0145 3292 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0145 3292 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0160 3292 oreans32 ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0160 3292 oreans32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0160 3292 PfModNT ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0160 3292 PfModNT ( UnsignedFile.Multi.Generic ) - User select action: Skip 10:56:20.0160 3292 QWAVEDRV ( UnsignedFile.Multi.Generic ) - skipped by user 10:56:20.0160 3292 QWAVEDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:02:43.0301 5592 ============================================================ 11:02:43.0301 5592 Scan started 11:02:43.0301 5592 Mode: Manual; SigCheck; TDLFS; 11:02:43.0301 5592 ============================================================ 11:02:43.0520 5592 Abiosdsk - ok 11:02:43.0566 5592 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 11:02:43.0723 5592 abp480n5 - ok 11:02:43.0785 5592 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 11:02:43.0941 5592 ACPI - ok 11:02:43.0988 5592 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys 11:02:44.0129 5592 ACPIEC - ok 11:02:44.0191 5592 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys 11:02:44.0316 5592 adpu160m - ok 11:02:44.0363 5592 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 11:02:44.0520 5592 aec - ok 11:02:44.0566 5592 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys 11:02:44.0598 5592 AFD - ok 11:02:44.0629 5592 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys 11:02:44.0738 5592 agp440 - ok 11:02:44.0754 5592 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 11:02:44.0879 5592 agpCPQ - ok 11:02:44.0910 5592 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys 11:02:44.0973 5592 Aha154x - ok 11:02:44.0988 5592 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys 11:02:45.0113 5592 aic78u2 - ok 11:02:45.0160 5592 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys 11:02:45.0270 5592 aic78xx - ok 11:02:45.0285 5592 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys 11:02:45.0410 5592 AliIde - ok 11:02:45.0457 5592 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys 11:02:45.0598 5592 alim1541 - ok 11:02:45.0613 5592 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys 11:02:45.0754 5592 amdagp - ok 11:02:45.0785 5592 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys 11:02:45.0863 5592 amsint - ok 11:02:45.0895 5592 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys 11:02:46.0035 5592 asc - ok 11:02:46.0051 5592 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys 11:02:46.0113 5592 asc3350p - ok 11:02:46.0129 5592 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys 11:02:46.0270 5592 asc3550 - ok 11:02:46.0316 5592 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 11:02:46.0441 5592 AsyncMac - ok 11:02:46.0473 5592 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 11:02:46.0613 5592 atapi - ok 11:02:46.0613 5592 Atdisk - ok 11:02:46.0691 5592 ati2mtag (03621f7f968ff63713943405deb777f9) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 11:02:46.0723 5592 ati2mtag - ok 11:02:46.0770 5592 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 11:02:46.0926 5592 Atmarpc - ok 11:02:46.0957 5592 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 11:02:47.0066 5592 audstub - ok 11:02:47.0082 5592 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 11:02:47.0207 5592 Beep - ok 11:02:47.0223 5592 BVRPMPR5 - ok 11:02:47.0238 5592 bvrp_pci - ok 11:02:47.0238 5592 catchme - ok 11:02:47.0254 5592 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 11:02:47.0379 5592 cbidf - ok 11:02:47.0379 5592 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 11:02:47.0504 5592 cbidf2k - ok 11:02:47.0520 5592 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 11:02:47.0645 5592 CCDECODE - ok 11:02:47.0645 5592 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 11:02:47.0723 5592 cd20xrnt - ok 11:02:47.0754 5592 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 11:02:47.0879 5592 Cdaudio - ok 11:02:47.0910 5592 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 11:02:48.0051 5592 Cdfs - ok 11:02:48.0082 5592 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 11:02:48.0207 5592 Cdrom - ok 11:02:48.0223 5592 Changer - ok 11:02:48.0254 5592 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys 11:02:48.0379 5592 CmdIde - ok 11:02:48.0410 5592 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys 11:02:48.0551 5592 Cpqarray - ok 11:02:48.0598 5592 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys 11:02:48.0613 5592 ctsfm2k - ok 11:02:48.0645 5592 CTUSFSYN (4ee8822adb764edd28ce44e808097995) C:\WINDOWS\system32\drivers\ctusfsyn.sys 11:02:48.0660 5592 CTUSFSYN - ok 11:02:48.0691 5592 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 11:02:48.0832 5592 dac2w2k - ok 11:02:48.0832 5592 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys 11:02:48.0957 5592 dac960nt - ok 11:02:49.0004 5592 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 11:02:49.0129 5592 Disk - ok 11:02:49.0176 5592 DLABOIOM (e2d0de31442390c35e3163c87cb6a9eb) C:\WINDOWS\system32\DLA\DLABOIOM.SYS 11:02:49.0207 5592 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning 11:02:49.0207 5592 DLABOIOM - detected UnsignedFile.Multi.Generic (1) 11:02:49.0207 5592 DLACDBHM (d979bebcf7edcc9c9ee1857d1a68c67b) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS 11:02:49.0223 5592 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning 11:02:49.0223 5592 DLACDBHM - detected UnsignedFile.Multi.Generic (1) 11:02:49.0254 5592 DLADResN (83545593e297f50a8e2524b4c071a153) C:\WINDOWS\system32\DLA\DLADResN.SYS 11:02:49.0270 5592 DLADResN ( UnsignedFile.Multi.Generic ) - warning 11:02:49.0270 5592 DLADResN - detected UnsignedFile.Multi.Generic (1) 11:02:49.0301 5592 DLAIFS_M (96e01d901cdc98c7817155cc057001bf) C:\WINDOWS\system32\DLA\DLAIFS_M.SYS 11:02:49.0332 5592 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning 11:02:49.0332 5592 DLAIFS_M - detected UnsignedFile.Multi.Generic (1) 11:02:49.0348 5592 DLAOPIOM (0a60a39cc5e767980a31ca5d7238dfa9) C:\WINDOWS\system32\DLA\DLAOPIOM.SYS 11:02:49.0348 5592 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning 11:02:49.0348 5592 DLAOPIOM - detected UnsignedFile.Multi.Generic (1) 11:02:49.0363 5592 DLAPoolM (9fe2b72558fc808357f427fd83314375) C:\WINDOWS\system32\DLA\DLAPoolM.SYS 11:02:49.0363 5592 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning 11:02:49.0363 5592 DLAPoolM - detected UnsignedFile.Multi.Generic (1) 11:02:49.0395 5592 DLARTL_N (7ee0852ae8907689df25049dcd2342e8) C:\WINDOWS\system32\Drivers\DLARTL_N.SYS 11:02:49.0395 5592 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning 11:02:49.0395 5592 DLARTL_N - detected UnsignedFile.Multi.Generic (1) 11:02:49.0426 5592 DLAUDFAM (f08e1dafac457893399e03430a6a1397) C:\WINDOWS\system32\DLA\DLAUDFAM.SYS 11:02:49.0426 5592 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning 11:02:49.0426 5592 DLAUDFAM - detected UnsignedFile.Multi.Generic (1) 11:02:49.0441 5592 DLAUDF_M (e7d105ed1e694449d444a9933df8e060) C:\WINDOWS\system32\DLA\DLAUDF_M.SYS 11:02:49.0441 5592 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning 11:02:49.0441 5592 DLAUDF_M - detected UnsignedFile.Multi.Generic (1) 11:02:49.0504 5592 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 11:02:49.0645 5592 dmboot - ok 11:02:49.0691 5592 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 11:02:49.0879 5592 dmio - ok 11:02:49.0879 5592 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 11:02:50.0004 5592 dmload - ok 11:02:50.0035 5592 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 11:02:50.0160 5592 DMusic - ok 11:02:50.0176 5592 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys 11:02:50.0316 5592 dpti2o - ok 11:02:50.0316 5592 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 11:02:50.0441 5592 drmkaud - ok 11:02:50.0488 5592 DRVMCDB (fd0f95981fef9073659d8ec58e40aa3c) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS 11:02:50.0488 5592 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning 11:02:50.0488 5592 DRVMCDB - detected UnsignedFile.Multi.Generic (1) 11:02:50.0504 5592 DRVNDDM (b4869d320428cdc5ec4d7f5e808e99b5) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS 11:02:50.0520 5592 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning 11:02:50.0520 5592 DRVNDDM - detected UnsignedFile.Multi.Generic (1) 11:02:50.0551 5592 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys 11:02:50.0582 5592 E100B - ok 11:02:50.0598 5592 EagleNT - ok 11:02:50.0645 5592 ELUSB (a77fbb6c8f74242c484b96ec88925c4b) C:\WINDOWS\system32\Drivers\ELUSB.sys 11:02:50.0676 5592 ELUSB ( UnsignedFile.Multi.Generic ) - warning 11:02:50.0676 5592 ELUSB - detected UnsignedFile.Multi.Generic (1) 11:02:50.0738 5592 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 11:02:50.0863 5592 Fastfat - ok 11:02:50.0879 5592 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys 11:02:51.0004 5592 Fdc - ok 11:02:51.0035 5592 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 11:02:51.0176 5592 Fips - ok 11:02:51.0207 5592 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys 11:02:51.0332 5592 Flpydisk - ok 11:02:51.0379 5592 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 11:02:51.0504 5592 FltMgr - ok 11:02:51.0535 5592 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 11:02:51.0676 5592 Fs_Rec - ok 11:02:51.0691 5592 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 11:02:51.0863 5592 Ftdisk - ok 11:02:51.0895 5592 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 11:02:51.0910 5592 GEARAspiWDM - ok 11:02:51.0957 5592 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 11:02:52.0082 5592 Gpc - ok 11:02:52.0129 5592 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 11:02:52.0270 5592 HDAudBus - ok 11:02:52.0301 5592 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 11:02:52.0441 5592 HidUsb - ok 11:02:52.0473 5592 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys 11:02:52.0613 5592 hpn - ok 11:02:52.0645 5592 HSFHWBS2 (77e4ff0b73bc0aeaaf39bf0c8104231f) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys 11:02:52.0660 5592 HSFHWBS2 - ok 11:02:52.0723 5592 HSF_DP (60e1604729a15ef4a3b05f298427b3b1) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys 11:02:52.0770 5592 HSF_DP - ok 11:02:52.0816 5592 HTTP (f6aacf5bce2893e0c1754afeb672e5c9) C:\WINDOWS\system32\Drivers\HTTP.sys 11:02:52.0957 5592 HTTP - ok 11:02:52.0988 5592 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys 11:02:53.0113 5592 i2omgmt - ok 11:02:53.0129 5592 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys 11:02:53.0254 5592 i2omp - ok 11:02:53.0254 5592 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 11:02:53.0395 5592 i8042prt - ok 11:02:53.0441 5592 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 11:02:53.0582 5592 Imapi - ok 11:02:53.0629 5592 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys 11:02:53.0754 5592 ini910u - ok 11:02:53.0785 5592 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys 11:02:53.0957 5592 IntelIde - ok 11:02:53.0988 5592 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 11:02:54.0113 5592 intelppm - ok 11:02:54.0129 5592 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 11:02:54.0285 5592 Ip6Fw - ok 11:02:54.0301 5592 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 11:02:54.0441 5592 IpFilterDriver - ok 11:02:54.0473 5592 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 11:02:54.0582 5592 IpInIp - ok 11:02:54.0613 5592 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 11:02:54.0754 5592 IpNat - ok 11:02:54.0785 5592 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 11:02:54.0926 5592 IPSec - ok 11:02:54.0941 5592 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 11:02:55.0066 5592 IRENUM - ok 11:02:55.0098 5592 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 11:02:55.0238 5592 isapnp - ok 11:02:55.0270 5592 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 11:02:55.0395 5592 Kbdclass - ok 11:02:55.0426 5592 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 11:02:55.0551 5592 kbdhid - ok 11:02:55.0566 5592 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 11:02:55.0707 5592 kmixer - ok 11:02:55.0738 5592 KSecDD (1705745d900dabf2d89f90ebaddc7517) C:\WINDOWS\system32\drivers\KSecDD.sys 11:02:55.0910 5592 KSecDD - ok 11:02:56.0020 5592 lbrtfdc - ok 11:02:56.0098 5592 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys 11:02:56.0113 5592 MBAMProtector - ok 11:02:56.0176 5592 MCSTRM (5bb01b9f582259d1fb7653c5c1da3653) C:\WINDOWS\system32\drivers\MCSTRM.sys 11:02:56.0191 5592 MCSTRM ( UnsignedFile.Multi.Generic ) - warning 11:02:56.0191 5592 MCSTRM - detected UnsignedFile.Multi.Generic (1) 11:02:56.0207 5592 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 11:02:56.0223 5592 mdmxsdk - ok 11:02:56.0254 5592 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys 11:02:56.0254 5592 MHNDRV ( UnsignedFile.Multi.Generic ) - warning 11:02:56.0254 5592 MHNDRV - detected UnsignedFile.Multi.Generic (1) 11:02:56.0270 5592 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 11:02:56.0426 5592 mnmdd - ok 11:02:56.0457 5592 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 11:02:56.0598 5592 Modem - ok 11:02:56.0629 5592 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys 11:02:56.0770 5592 MODEMCSA - ok 11:02:56.0801 5592 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 11:02:56.0910 5592 Mouclass - ok 11:02:56.0941 5592 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys 11:02:57.0082 5592 mouhid - ok 11:02:57.0113 5592 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 11:02:57.0254 5592 MountMgr - ok 11:02:57.0379 5592 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys 11:02:57.0520 5592 mraid35x - ok 11:02:57.0535 5592 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 11:02:57.0660 5592 MRxDAV - ok 11:02:57.0723 5592 MRxSmb (60ae98742484e7ab80c3c1450e708148) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 11:02:57.0754 5592 MRxSmb - ok 11:02:57.0785 5592 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 11:02:57.0926 5592 Msfs - ok 11:02:57.0957 5592 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 11:02:58.0098 5592 MSKSSRV - ok 11:02:58.0113 5592 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 11:02:58.0254 5592 MSPCLOCK - ok 11:02:58.0270 5592 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 11:02:58.0395 5592 MSPQM - ok 11:02:58.0426 5592 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 11:02:58.0551 5592 mssmbios - ok 11:02:58.0566 5592 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 11:02:58.0707 5592 MSTEE - ok 11:02:58.0738 5592 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys 11:02:58.0910 5592 Mup - ok 11:02:58.0941 5592 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 11:02:59.0066 5592 NABTSFEC - ok 11:02:59.0098 5592 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 11:02:59.0238 5592 NDIS - ok 11:02:59.0254 5592 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 11:02:59.0379 5592 NdisIP - ok 11:02:59.0910 5592 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 11:03:00.0066 5592 NdisTapi - ok 11:03:00.0941 5592 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 11:03:01.0098 5592 Ndisuio - ok 11:03:01.0520 5592 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 11:03:01.0660 5592 NdisWan - ok 11:03:01.0910 5592 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys 11:03:02.0051 5592 NDProxy - ok 11:03:02.0129 5592 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 11:03:02.0254 5592 NetBIOS - ok 11:03:02.0316 5592 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 11:03:02.0441 5592 NetBT - ok 11:03:02.0488 5592 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 11:03:02.0613 5592 Npfs - ok 11:03:02.0629 5592 npkcusb - ok 11:03:02.0676 5592 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 11:03:02.0879 5592 Ntfs - ok 11:03:02.0926 5592 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 11:03:03.0051 5592 Null - ok 11:03:03.0129 5592 nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 11:03:03.0254 5592 nv - ok 11:03:03.0285 5592 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 11:03:03.0410 5592 NwlnkFlt - ok 11:03:03.0441 5592 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 11:03:03.0582 5592 NwlnkFwd - ok 11:03:03.0629 5592 oreans32 (21dc5b289dce2d32a32baab7bcf29a6a) C:\WINDOWS\system32\drivers\oreans32.sys 11:03:03.0629 5592 oreans32 ( UnsignedFile.Multi.Generic ) - warning 11:03:03.0629 5592 oreans32 - detected UnsignedFile.Multi.Generic (1) 11:03:03.0676 5592 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys 11:03:03.0707 5592 ossrv - ok 11:03:03.0723 5592 ovt519 - ok 11:03:03.0738 5592 PalmUSBD - ok 11:03:03.0770 5592 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys 11:03:03.0910 5592 Parport - ok 11:03:03.0941 5592 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 11:03:04.0051 5592 PartMgr - ok 11:03:04.0082 5592 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 11:03:04.0207 5592 ParVdm - ok 11:03:04.0223 5592 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 11:03:04.0348 5592 PCI - ok 11:03:04.0348 5592 PCIDump - ok 11:03:04.0363 5592 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 11:03:04.0473 5592 PCIIde - ok 11:03:04.0520 5592 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys 11:03:04.0629 5592 Pcmcia - ok 11:03:04.0645 5592 PDCOMP - ok 11:03:04.0645 5592 PDFRAME - ok 11:03:04.0660 5592 PDRELI - ok 11:03:04.0676 5592 PDRFRAME - ok 11:03:04.0707 5592 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys 11:03:04.0832 5592 perc2 - ok 11:03:04.0848 5592 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys 11:03:04.0973 5592 perc2hib - ok 11:03:05.0020 5592 PfModNT (d9ed17ac15720096a9f92ff4ea587b09) C:\WINDOWS\system32\drivers\PfModNT.sys 11:03:05.0035 5592 PfModNT ( UnsignedFile.Multi.Generic ) - warning 11:03:05.0035 5592 PfModNT - detected UnsignedFile.Multi.Generic (1) 11:03:05.0098 5592 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 11:03:05.0207 5592 PptpMiniport - ok 11:03:05.0223 5592 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 11:03:05.0348 5592 PSched - ok 11:03:05.0348 5592 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 11:03:05.0473 5592 Ptilink - ok 11:03:05.0520 5592 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys 11:03:05.0520 5592 PxHelp20 - ok 11:03:05.0551 5592 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys 11:03:05.0676 5592 ql1080 - ok 11:03:05.0676 5592 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 11:03:05.0832 5592 Ql10wnt - ok 11:03:05.0848 5592 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys 11:03:05.0973 5592 ql12160 - ok 11:03:06.0004 5592 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys 11:03:06.0129 5592 ql1240 - ok 11:03:06.0145 5592 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys 11:03:06.0254 5592 ql1280 - ok 11:03:06.0285 5592 QWAVEDRV (2bb1d2baf3493362e5c1949c5f210d5f) C:\WINDOWS\system32\DRIVERS\qwavedrv.sys 11:03:06.0285 5592 QWAVEDRV ( UnsignedFile.Multi.Generic ) - warning 11:03:06.0285 5592 QWAVEDRV - detected UnsignedFile.Multi.Generic (1) 11:03:06.0316 5592 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 11:03:06.0441 5592 RasAcd - ok 11:03:06.0488 5592 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 11:03:06.0629 5592 Rasl2tp - ok 11:03:06.0660 5592 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 11:03:06.0785 5592 RasPppoe - ok 11:03:06.0785 5592 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 11:03:06.0910 5592 Raspti - ok 11:03:06.0957 5592 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 11:03:07.0066 5592 Rdbss - ok 11:03:07.0082 5592 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 11:03:07.0223 5592 RDPCDD - ok 11:03:07.0238 5592 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 11:03:07.0348 5592 rdpdr - ok 11:03:07.0379 5592 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys 11:03:07.0504 5592 RDPWD - ok 11:03:07.0551 5592 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 11:03:07.0691 5592 redbook - ok 11:03:07.0754 5592 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 11:03:07.0910 5592 Secdrv - ok 11:03:07.0957 5592 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 11:03:08.0082 5592 serenum - ok 11:03:08.0113 5592 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys 11:03:08.0238 5592 Serial - ok 11:03:08.0285 5592 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 11:03:08.0410 5592 Sfloppy - ok 11:03:08.0488 5592 sigfilt (6bd3976b881888ac9a0ed3eb94e7fd38) C:\WINDOWS\system32\drivers\sigfilt.sys 11:03:08.0551 5592 sigfilt - ok 11:03:08.0551 5592 Simbad - ok 11:03:08.0598 5592 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys 11:03:08.0738 5592 sisagp - ok 11:03:08.0738 5592 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 11:03:08.0863 5592 SLIP - ok 11:03:08.0895 5592 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 11:03:09.0020 5592 SONYPVU1 - ok 11:03:09.0051 5592 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys 11:03:09.0113 5592 Sparrow - ok 11:03:09.0145 5592 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 11:03:09.0270 5592 splitter - ok 11:03:09.0285 5592 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 11:03:09.0426 5592 sr - ok 11:03:09.0488 5592 Srv (3bb03f2ba89d2be417206c373d2af17c) C:\WINDOWS\system32\DRIVERS\srv.sys 11:03:09.0520 5592 Srv - ok 11:03:09.0582 5592 STHDA (b95480c92c4c9c311be47b8a1ad73770) C:\WINDOWS\system32\drivers\sthda.sys 11:03:09.0613 5592 STHDA - ok 11:03:09.0660 5592 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 11:03:09.0816 5592 streamip - ok 11:03:09.0848 5592 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 11:03:09.0957 5592 swenum - ok 11:03:10.0004 5592 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 11:03:10.0145 5592 swmidi - ok 11:03:10.0176 5592 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys 11:03:10.0285 5592 symc810 - ok 11:03:10.0301 5592 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys 11:03:10.0426 5592 symc8xx - ok 11:03:10.0426 5592 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys 11:03:10.0551 5592 sym_hi - ok 11:03:10.0551 5592 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys 11:03:10.0676 5592 sym_u3 - ok 11:03:10.0723 5592 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 11:03:10.0848 5592 sysaudio - ok 11:03:10.0895 5592 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 11:03:10.0926 5592 Tcpip - ok 11:03:10.0973 5592 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 11:03:11.0098 5592 TDPIPE - ok 11:03:11.0129 5592 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 11:03:11.0270 5592 TDTCP - ok 11:03:11.0316 5592 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 11:03:11.0441 5592 TermDD - ok 11:03:11.0488 5592 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys 11:03:11.0613 5592 TosIde - ok 11:03:11.0629 5592 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 11:03:11.0754 5592 Udfs - ok 11:03:11.0770 5592 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys 11:03:11.0879 5592 ultra - ok 11:03:11.0926 5592 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 11:03:12.0051 5592 Update - ok 11:03:12.0098 5592 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys 11:03:12.0129 5592 USBAAPL - ok 11:03:12.0160 5592 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys 11:03:12.0301 5592 usbaudio - ok 11:03:12.0332 5592 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 11:03:12.0457 5592 usbccgp - ok 11:03:12.0504 5592 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 11:03:12.0645 5592 usbehci - ok 11:03:12.0676 5592 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 11:03:12.0801 5592 usbhub - ok 11:03:12.0832 5592 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 11:03:12.0973 5592 usbprint - ok 11:03:13.0004 5592 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 11:03:13.0129 5592 usbscan - ok 11:03:13.0160 5592 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 11:03:13.0270 5592 USBSTOR - ok 11:03:13.0301 5592 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 11:03:13.0410 5592 usbuhci - ok 11:03:13.0426 5592 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 11:03:13.0566 5592 VgaSave - ok 11:03:13.0598 5592 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys 11:03:13.0738 5592 viaagp - ok 11:03:13.0754 5592 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys 11:03:13.0910 5592 ViaIde - ok 11:03:13.0926 5592 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 11:03:14.0051 5592 VolSnap - ok 11:03:14.0098 5592 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 11:03:14.0238 5592 Wanarp - ok 11:03:14.0238 5592 wanatw - ok 11:03:14.0254 5592 wbyyiaih - ok 11:03:14.0301 5592 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys 11:03:14.0332 5592 Wdf01000 - ok 11:03:14.0332 5592 WDICA - ok 11:03:14.0363 5592 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 11:03:14.0504 5592 wdmaud - ok 11:03:14.0551 5592 winachsf (f59ed5a43b988a18ef582bb07b2327a7) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 11:03:14.0566 5592 winachsf - ok 11:03:14.0629 5592 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys 11:03:14.0645 5592 WinUSB - ok 11:03:14.0691 5592 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 11:03:14.0816 5592 WS2IFSL - ok 11:03:14.0848 5592 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 11:03:14.0973 5592 WSTCODEC - ok 11:03:15.0020 5592 WudfPf (6ff66513d372d479ef1810223c8d20ce) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 11:03:15.0035 5592 WudfPf - ok 11:03:15.0035 5592 WudfRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 11:03:15.0082 5592 WudfRd - ok 11:03:15.0113 5592 MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0 11:03:15.0207 5592 \Device\Harddisk0\DR0 - ok 11:03:15.0207 5592 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR4 11:03:18.0691 5592 \Device\Harddisk1\DR4 - ok 11:03:18.0707 5592 Boot (0x1200) (0a66a4e618afc8288a4dbecab99de22f) \Device\Harddisk0\DR0\Partition0 11:03:18.0707 5592 \Device\Harddisk0\DR0\Partition0 - ok 11:03:18.0723 5592 Boot (0x1200) (8f6150e1df65a8bc73dd9a4f5ad4da44) \Device\Harddisk1\DR4\Partition0 11:03:18.0723 5592 \Device\Harddisk1\DR4\Partition0 - ok 11:03:18.0723 5592 ============================================================ 11:03:18.0723 5592 Scan finished 11:03:18.0723 5592 ============================================================ 11:03:18.0738 1940 Detected object count: 17 11:03:18.0738 1940 Actual detected object count: 17 11:03:47.0848 1940 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0863 1940 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0863 1940 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0863 1940 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0863 1940 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0863 1940 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0863 1940 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0863 1940 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0863 1940 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0863 1940 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0863 1940 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0863 1940 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0863 1940 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0863 1940 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0863 1940 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0863 1940 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0863 1940 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0863 1940 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0879 1940 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0879 1940 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0879 1940 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0879 1940 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0879 1940 ELUSB ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0879 1940 ELUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0879 1940 MCSTRM ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0879 1940 MCSTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0879 1940 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0879 1940 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0879 1940 oreans32 ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0879 1940 oreans32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0879 1940 PfModNT ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0879 1940 PfModNT ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:03:47.0895 1940 QWAVEDRV ( UnsignedFile.Multi.Generic ) - skipped by user 11:03:47.0895 1940 QWAVEDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:04:53.0910 3696 Deinitialize success
  9. When I ran program it acted according to instructions untilI gstep 5, it never gave me the 3 options it went back to the original screen. Logs below: Malwarebytes Anti-Malware (PRO) 1.60.1.1000 www.malwarebytes.org Database version: v2012.03.01.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Mary Borchardt :: ELMACHINO [administrator] Protection: Enabled 3/1/2012 4:30:11 PM mbam-log-2012-03-01 (16-30-11).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 380564 Time elapsed: 1 hour(s), 3 minute(s), 45 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Thank you, David
  10. I was able to successfully update my MBAM PRO. It took awhile for it to down load. It started and stopped itself 2 times finally completing on the third try. Ran full scan and it found nothing. Computer is semi ok? it's letting me get to the web whereas before it wouldn't let me connect but it does seem sluggish. Log below Ran full scan and it found nothing. Malwarebytes Anti-Malware (PRO) 1.60.1.1000 www.malwarebytes.org Database version: v2012.03.01.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Mary Borchardt :: ELMACHINO [administrator] Protection: Enabled 3/1/2012 4:30:11 PM mbam-log-2012-03-01 (16-30-11).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 380564 Time elapsed: 1 hour(s), 3 minute(s), 45 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) Thank you
  11. Hello Larry The file doesn't exist on my computer. ??? I took a screenshot Thanks for your help. David
  12. To Whom it May concern, My desktop has been infected by a version of Hijack. I've run Anti-Malwarebytes but part of my problem is that I wasn't updating signatures on a regular basis. Anyway I'm infected now and I can't of course get updates either. I've attached the.requested documents.dds.txtattach.txt Thanks for any help. David . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22 Run by Mary Borchardt at 16:40:21 on 2012-02-27 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.455 [GMT -8:00] . FW: Platinum 2007 Personal Firewall *Disabled* . ============== Running Processes =============== . C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\ArcGIS\License10.0\bin\lmgrd.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\ArcGIS\License10.0\bin\ARCGIS.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\PnkBstrB.exe C:\WINDOWS\ehome\RMSvc.exe svchost.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\WINDOWS\system32\svchost.exe -k netsvcs C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\stsystra.exe C:\Program Files\Dell\Media Experience\DMXLauncher.exe C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\DATAMN~1.EXE C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\QTTask.exe C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe C:\WINDOWS\system32\ctfmon.exe C:\DOCUME~1\MARYBO~1\LOCALS~1\Temp\clclean.0001 C:\Program Files\AIM7\aim.exe C:\Program Files\AWS\WeatherBug\Weather.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe C:\WINDOWS\ehome\RMSysTry.exe C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe C:\WINDOWS\system32\wuauclt.exe . ============== Pseudo HJT Report =============== . uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uStart Page = hxxp://www.yahoo.com/ uWindow Title = Windows Internet Explorer provided by Yahoo! uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8 uSearch Bar = mStart Page = hxxp://search.myheritage.com mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html uInternet Connection Wizard,ShellNext = iexplore uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com uURLSearchHooks: H - No File uURLSearchHooks: H - No File uURLSearchHooks: H - No File uURLSearchHooks: H - No File uURLSearchHooks: H - No File uURLSearchHooks: H - No File uURLSearchHooks: MHURLSearchHook Class: {1c4ab6a5-595f-4e86-b15f-f93cce2bbd48} - c:\program files\family toolbar\tbhelper.dll BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No File BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: MHTBPos00 Class: {0c37b053-fd68-456a-82e1-d788ee342e6f} - c:\program files\family toolbar\tbcore3.dll BHO: Premiumplay Codec-C: {11111111-1111-1111-1111-110011041135} - c:\program files\premiumplay codec-c\Premiumplay Codec-C.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL BHO: Incredibar.com Helper Object: {6e13dde1-2b6e-46ce-8b66-dc8bf36f6b99} - c:\program files\incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~4\office12\GRA8E1~1.DLL BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll BHO: DataMngr: {b939cf93-f2cb-443d-956c-dc523d85c9db} - c:\progra~1\bearsh~1\mediabar\datamngr\BROWSE~1.DLL BHO: Wincore Mediabar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\progra~1\bearsh~1\mediabar\datamngr\toolbar\wincorebsdtx.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Family Toolbar: {fd2fd708-1f6f-4b68-b141-c5778f0c19bb} - c:\program files\family toolbar\tbcore3.dll TB: Wincore Mediabar: {c2d64ff7-0ab8-4263-89c9-ea3b0f8f050c} - c:\progra~1\bearsh~1\mediabar\datamngr\toolbar\wincorebsdtx.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: Incredibar Toolbar: {f9639e4a-801b-4843-aee3-03d9da199e77} - c:\program files\incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll TB: {55FAF0F2-44D4-425F-B5F5-6B275B621EAB} - No File TB: {A26503FE-B3B8-4910-A9DC-9CBD25C6B8D6} - No File uRun: [setDefaultMIDI] MIDIDef.exe uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [CyberDefender Early Detection Center] "c:\program files\cyberdefender\antispyware\cdas8a.exe" /minimize uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [Aim] "c:\program files\aim7\aim.exe" /d locale=en-US uRun: [Weather] c:\program files\aws\weatherbug\Weather.exe 1 mRun: [ehTray] c:\windows\ehome\ehtray.exe mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [sigmatelSysTrayApp] stsystra.exe mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe" mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r mRun: [MBMon] Rundll32 CTMBHA.DLL,MBMon mRun: [updReg] c:\windows\UpdReg.EXE mRun: [iSUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb07.exe mRun: [iPHSend] c:\program files\common files\aol\iphsend\IPHSend.exe mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot mRun: [Family Tree Builder Update] c:\program files\myheritage\bin\FTBCheckUpdates.exe mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [DATAMNGR] c:\progra~1\bearsh~1\mediabar\datamngr\DATAMN~1.EXE mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\extend~1.lnk - c:\windows\ehome\RMSysTry.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe uPolicies-explorer: MaxRecentDocs = 19 (0x13) uPolicies-explorer: NoRecycleFiles = 0 (0x0) IE: &Search IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~4\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL Trusted Zone: turbotax.com Trusted Zone: yahoo.com\www DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - hxxp://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1143523865812 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} - hxxps://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} - hxxp://fdl.msn.com/zone/datafiles/heartbeat.cab DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~4\office12\GR99D3~1.DLL AppInit_DLLs: c:\progra~1\bearsh~1\mediabar\datamngr\datamngr.dll c:\progra~1\bearsh~1\mediabar\datamngr\IEBHO.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~4\office12\GRA8E1~1.DLL mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12 . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\mary borchardt\application data\mozilla\firefox\profiles\xomo98zl.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=CYBTDF&PC=CYBD&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - www.yahoo.com FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=710&systemid=2&sr=0&q= FF - component: c:\documents and settings\mary borchardt\application data\mozilla\firefox\profiles\xomo98zl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll FF - component: c:\documents and settings\mary borchardt\application data\mozilla\firefox\profiles\xomo98zl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\microsoft silverlight\4.0.50917.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\mozilla firefox\plugins\npff_gdm.dll FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll FF - plugin: c:\program files\nos\bin\np_gp.dll FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OysBmRNMM&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - dcdd24b7000000000000001372b38ca4 FF - user.js: extensions.incredibar_i.hardId - dcdd24b7000000000000001372b38ca4 FF - user.js: extensions.incredibar_i.instlDay - 15381 FF - user.js: extensions.incredibar_i.vrsn - 1.5.3.27 FF - user.js: extensions.incredibar_i.vrsni - 1.5.3.27 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.3.2715:05:16 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6OysBmRNMM FF - user.js: extensions.incredibar_i.upn2n - 92260884094850476 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10606 FF - user.js: extensions.incredibar_i.ppd - 48 . ============= SERVICES / DRIVERS =============== . R1 oreans32;oreans32;c:\windows\system32\drivers\oreans32.sys [2007-11-24 33824] R2 ArcGIS License Manager;ArcGIS License Manager;c:\program files\arcgis\license10.0\bin\lmgrd.exe [2008-11-5 1500424] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-1-25 652872] R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\McrdSvc.exe [2005-10-20 96256] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-1-25 20464] S0 wbyyiaih;wbyyiaih;c:\windows\system32\drivers\pncoinl.sys --> c:\windows\system32\drivers\pncoinl.sys [?] S2 gupdate1c9fe004505b918;Google Update Service (gupdate1c9fe004505b918);c:\program files\google\update\GoogleUpdate.exe [2009-7-5 133104] S3 ELUSB;DUET Status Monitor Driver;c:\windows\system32\drivers\ELUSB.sys [2009-7-31 35200] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-7-5 133104] S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232] . =============== Created Last 30 ================ . 2012-02-26 19:29:49 -------- d-----w- c:\documents and settings\mary borchardt\application data\Incredibar.com 2012-02-11 23:08:12 -------- d-----w- c:\documents and settings\all users\application data\100 2012-02-11 23:08:04 -------- d-----w- c:\documents and settings\mary borchardt\local settings\application data\Premiumplay Codec-C 2012-02-11 23:07:58 -------- d-----w- c:\program files\Premiumplay Codec-C 2012-02-11 23:07:22 -------- d-----w- c:\documents and settings\mary borchardt\local settings\application data\WeatherBug 2012-02-11 23:07:16 -------- d-----w- C:\codec-info 2012-02-11 23:07:14 -------- d-----w- c:\documents and settings\mary borchardt\application data\WeatherBug 2012-02-11 23:07:11 18944 ----a-r- c:\documents and settings\mary borchardt\application data\microsoft\installer\{297dcada-86a1-4a42-8a13-66b7d7a09fd2}\IconBB6A16301.exe 2012-02-11 23:07:11 11264 ----a-r- c:\documents and settings\mary borchardt\application data\microsoft\installer\{297dcada-86a1-4a42-8a13-66b7d7a09fd2}\IconBB6A1630.exe 2012-02-11 23:07:08 -------- d-----w- c:\program files\AWS 2012-02-11 23:05:17 -------- d-----w- c:\program files\Incredibar.com 2012-02-11 23:04:20 -------- d-----w- c:\documents and settings\all users\application data\InstallMate 2012-02-06 04:57:41 -------- d-----w- c:\program files\iPod 2012-02-06 04:57:37 -------- d-----w- c:\program files\iTunes . ==================== Find3M ==================== . 2012-02-03 02:07:45 6686 -csha-w- c:\windows\system32\KGyGaAvL.sys 2011-12-10 23:24:06 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-04 22:57:57 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . ============= FINISH: 16:41:46.37 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.