Jump to content

camper65

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Sorry. Accidentally pressed qoute meant to write memtest
  2. It found nothing in the latest scan. I'm going to have her run a hard drive scan on it and as soon as the new memory is in remove current one to see if it has gone bad but in the meantime burn nearest to run on it. It still seems slow but being that it's only 512 MB it may be affecting how it is working. I will post back results of hard drive scan.
  3. okay the log after cleaning --> # AdwCleaner v2.007 - Logfile created 11/10/2012 at 15:19:03 # Updated 06/11/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : Owner - OWNER-4D0C6BC69 # Boot Mode : Normal # Running from : C:\Documents and Settings\Owner\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** File Deleted : C:\DOCUME~1\Owner\LOCALS~1\Temp\Uninstall.exe ***** [Registry] ***** Key Deleted : HKCU\Software\IGearSettings Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Registry is clean. -\\ Mozilla Firefox v [unable to get version] Profile name : default File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6yprxnyr.default\prefs.js [OK] File is clean. ************************* AdwCleaner[R2].txt - [1915 octets] - [10/11/2012 15:18:18] AdwCleaner[s1].txt - [1714 octets] - [10/11/2012 15:19:03] ########## EOF - C:\AdwCleaner[s1].txt - [1774 octets] ##########
  4. DMA is on one the two entries the other is running PIO (I'm assuming that's the cd drive in the system) the DMA is Multi-Word DMA mode 2.C Did the disk clean and it cleaned quite a bit of stuff off of her hard drive. here is the log from adwcleaner # AdwCleaner v2.007 - Logfile created 11/10/2012 at 14:51:56 # Updated 06/11/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : Owner - OWNER-4D0C6BC69 # Boot Mode : Normal # Running from : C:\Documents and Settings\Owner\Desktop\adwcleaner.exe # Option [search] ***** [services] ***** ***** [Files / Folders] ***** File Found : C:\DOCUME~1\Owner\LOCALS~1\Temp\Uninstall.exe ***** [Registry] ***** Key Found : HKCU\Software\IGearSettings Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search Key Found : HKU\S-1-5-21-1757981266-725345543-1417001333-1003\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Registry is clean. -\\ Mozilla Firefox v [unable to get version] Profile name : default File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\6yprxnyr.default\prefs.js [OK] File is clean. ************************* AdwCleaner[R1].txt - [1786 octets] - [10/11/2012 14:51:56] ########## EOF - C:\AdwCleaner[R1].txt - [1846 octets] ##########
  5. I will continue to work on it either tonight or over the weekend and report the reports from this last recommendation. Sorry, the computer is not here but still at her place.
  6. From the last scan with ComboFix. It does seem faster right now, Sue will see if it stays this fast, but I don't want to say we're clean until you have said we're done..... ComboFix 12-11-04.01 - Owner 11/04/2012 15:19:14.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.244 [GMT -5:00] Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83} FW: McAfee Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Owner\WINDOWS c:\windows\offitems.log c:\windows\system32\service c:\windows\system32\service\05092010_TIS17_SfFniAU.log c:\windows\system32\service\08042010_TIS17_SfFniAU.log c:\windows\system32\service\20032011_TIS17_SfFniAU.log c:\windows\system32\service\22022011_TIS17_SfFniAU.log . . ((((((((((((((((((((((((( Files Created from 2012-10-04 to 2012-11-04 ))))))))))))))))))))))))))))))) . . 2012-11-04 18:49 . 2012-11-04 18:49 -------- d-----w- c:\windows\LastGood 2012-11-01 19:01 . 2012-11-01 19:01 -------- d-----w- c:\program files\Trend Micro 2012-11-01 17:40 . 2012-11-01 18:12 -------- d-----w- C:\e4dac09a09da8dc777cd5f8a4f 2012-10-31 14:35 . 2012-10-31 14:36 -------- d-----w- c:\documents and settings\Administrator 2012-10-28 12:30 . 2012-10-28 12:30 -------- d-----w- c:\documents and settings\Owner\Application Data\Malwarebytes 2012-10-28 12:28 . 2012-10-28 12:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-10-28 12:28 . 2012-09-29 23:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-28 12:28 . 2012-10-28 12:33 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-10-27 22:55 . 2012-10-28 00:02 -------- d-----w- c:\program files\Spybot - Search & Destroy 2012-10-27 20:09 . 2012-10-27 20:09 -------- d-----w- C:\483f5c0d14c4ee7828 2012-10-27 19:45 . 2012-11-01 15:54 -------- d-----w- c:\windows\system32\XPSViewer 2012-10-27 19:44 . 2012-10-27 19:44 -------- d-----w- c:\program files\MSBuild 2012-10-27 19:42 . 2012-10-27 19:42 -------- d-----w- c:\program files\Reference Assemblies 2012-10-27 19:36 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll 2012-10-27 19:29 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2012-10-27 19:29 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2012-10-27 19:29 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2012-10-27 19:29 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2012-10-27 19:29 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2012-10-27 19:29 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2012-10-27 19:29 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2012-10-27 19:29 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2012-10-27 19:29 . 2012-10-27 19:37 -------- d-----w- C:\0a8481c6362fa3ca3c55a6 2012-10-27 18:15 . 2012-10-28 21:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2012-10-27 18:15 . 2012-10-27 18:15 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy) 2012-10-27 18:15 . 2012-10-27 18:15 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy) 2012-10-27 18:15 . 2012-10-27 18:15 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy) 2012-10-27 18:15 . 2012-10-27 18:15 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy) 2012-10-23 13:46 . 2012-10-23 13:47 -------- d-----w- c:\program files\GUM8.tmp 2012-10-23 13:46 . 2012-10-23 13:46 3993600 ----a-w- c:\program files\GUT9.tmp 2012-10-23 13:07 . 2012-10-23 13:07 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Real 2012-10-23 13:01 . 2012-10-23 13:01 -------- d-----w- c:\program files\Common Files\xing shared 2012-10-23 12:54 . 2012-10-23 13:02 -------- d-----w- c:\program files\Real 2012-10-23 12:36 . 2012-10-23 12:36 -------- d-----w- c:\program files\The Weather Channel FW 2012-10-23 12:33 . 2012-10-23 12:33 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\The Weather Channel 2012-10-22 19:54 . 2012-11-04 00:08 -------- d-----w- c:\program files\Google 2012-10-22 19:54 . 2012-11-04 00:07 -------- d-----w- c:\documents and settings\Owner\Local Settings\Application Data\Google 2012-10-22 19:53 . 2012-10-22 19:53 -------- d-----w- c:\program files\GUM42.tmp 2012-10-22 19:53 . 2012-10-22 19:53 4096000 ----a-w- c:\program files\GUT43.tmp . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-11-04 18:47 . 2012-07-24 13:03 13024 ----a-w- c:\windows\system32\drivers\SWDUMon.sys 2012-11-01 18:20 . 2012-07-24 13:03 13024 ----a-w- c:\windows\system32\drivers\SETE.tmp 2012-10-23 12:56 . 2010-03-31 00:36 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-10-23 12:55 . 2010-03-31 00:36 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-08-24 13:53 . 2008-04-14 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-08-21 13:29 . 2008-04-14 12:00 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-21 12:58 . 2008-04-14 00:01 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-08-18 21:41 . 2011-10-03 18:23 143872 ----a-w- c:\windows\system32\javacpl.cpl . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2012-07-24 12:29 2086496 -c--a-w- c:\program files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll" [2012-07-24 2086496] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK755] @="{f378ff85-8d0a-cbe6-4735-3a67760db6bb}" [HKEY_CLASSES_ROOT\CLSID\{f378ff85-8d0a-cbe6-4735-3a67760db6bb}] 2010-09-20 07:27 3480888 ----a-w- c:\program files\McAfee Online Backup\MOBK755shell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK7552] @="{8406002f-3c7e-565d-de02-414c2856a50b}" [HKEY_CLASSES_ROOT\CLSID\{8406002f-3c7e-565d-de02-414c2856a50b}] 2010-09-20 07:27 3480888 ----a-w- c:\program files\McAfee Online Backup\MOBK755shell.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK7553] @="{cb5494dd-88ee-383e-88d7-bbd79c7c52d4}" [HKEY_CLASSES_ROOT\CLSID\{cb5494dd-88ee-383e-88d7-bbd79c7c52d4}] 2010-09-20 07:27 3480888 ----a-w- c:\program files\McAfee Online Backup\MOBK755shell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] "FixCleaner"="c:\program files\FixCleaner\FixCleaner.exe" [2012-06-12 49887104] "DriverUpdate"="c:\program files\DriverUpdate\DriverUpdate.exe" [2012-07-02 28215168] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-09-01 176128] "DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 229437] "igfxtray"="c:\windows\system32\igfxtray.exe" [2007-06-19 101144] "igfxpers"="c:\windows\system32\igfxpers.exe" [2007-06-19 125720] "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2007-06-19 84760] "hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2005-12-13 507904] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-03-26 142120] "nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-04-07 642856] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-07-24 1147488] "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1318816] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ Billminder.lnk - c:\quickenw\BILLMIND.EXE [2011-9-25 36864] Image Transfer.lnk - c:\program files\Sony Corporation\Image Transfer\SonyTray.exe [2010-5-2 73728] Microsoft Find Fast.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1997-7-10 122880] Office Startup.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1997-7-10 61440] Quicken Startup.lnk - c:\quickenw\QWDLLS.EXE [2011-9-25 36864] . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoThumbnailCache"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\WINDOWS\\system32\\mshta.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Common Files\\Mcafee\\McSvcHost\\McSvHost.exe"= . R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [7/24/2012 7:30 AM 27496] R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [3/24/2012 7:07 PM 89792] R1 MOBK755Filter;MOBK755Filter;c:\windows\system32\drivers\MOBK755.sys [3/24/2012 7:11 PM 54776] R2 mrtRate;mrtRate;c:\windows\system32\drivers\MrtRate.sys [9/25/2011 1:05 PM 34916] R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [3/24/2012 7:07 PM 57600] R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [3/30/2010 7:00 PM 87936] R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [3/24/2012 7:07 PM 340920] R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [3/24/2012 7:07 PM 83856] S0 92433500;92433500;c:\windows\system32\drivers\80668581.sys --> c:\windows\system32\drivers\80668581.sys [?] S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;c:\windows\system32\drivers\ADM8511.SYS [3/30/2010 6:24 PM 20160] S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [3/24/2012 7:07 PM 83856] S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [3/24/2012 7:07 PM 87656] S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [7/24/2012 8:03 AM 13024] . --- Other Services/Drivers In Memory --- . *NewlyCreated* - 49100910 *Deregistered* - 49100910 *Deregistered* - mfeavfk01 . Contents of the 'Scheduled Tasks' folder . 2012-08-29 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:50] . 2012-11-04 c:\windows\Tasks\FixCleaner Scan.job - c:\program files\FixCleaner\FixCleaner.exe [2012-06-12 12:34] . 2012-11-04 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1757981266-725345543-1417001333-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 18:27] . 2012-11-01 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1757981266-725345543-1417001333-1003.job - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-07-27 18:27] . 2012-11-04 c:\windows\Tasks\User_Feed_Synchronization-{3E9D4B84-CE5F-4E7A-8600-321A47CE3745}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 09:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s%s TCP: DhcpNameServer = 75.75.75.75 75.75.76.76 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll . - - - - ORPHANS REMOVED - - - - . WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) SafeBoot-92433500.sys . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-11-04 15:43 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . Completion time: 2012-11-04 15:49:54 ComboFix-quarantined-files.txt 2012-11-04 20:49 . Pre-Run: 54,966,030,336 bytes free Post-Run: 55,151,816,704 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 95D3248E341F60ACB431819B885194BD
  7. Here are the two logs from TDSSKiller being run. Thanks for your help. First one: 13:33:21.0468 2620 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 13:33:23.0500 2620 ============================================================ 13:33:23.0500 2620 Current date / time: 2012/11/04 13:33:23.0500 13:33:23.0500 2620 SystemInfo: 13:33:23.0500 2620 13:33:23.0500 2620 OS Version: 5.1.2600 ServicePack: 3.0 13:33:23.0500 2620 Product type: Workstation 13:33:23.0500 2620 ComputerName: OWNER-4D0C6BC69 13:33:23.0500 2620 UserName: Owner 13:33:23.0500 2620 Windows directory: C:\WINDOWS 13:33:23.0500 2620 System windows directory: C:\WINDOWS 13:33:23.0500 2620 Processor architecture: Intel x86 13:33:23.0500 2620 Number of processors: 1 13:33:23.0500 2620 Page size: 0x1000 13:33:23.0500 2620 Boot type: Normal boot 13:33:23.0500 2620 ============================================================ 13:33:31.0734 2620 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2861, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054 13:33:31.0859 2620 ============================================================ 13:33:31.0859 2620 \Device\Harddisk0\DR0: 13:33:33.0000 2620 MBR partitions: 13:33:33.0000 2620 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1 13:33:33.0000 2620 ============================================================ 13:33:39.0187 2620 C: <-> \Device\Harddisk0\DR0\Partition1 13:33:39.0187 2620 ============================================================ 13:33:39.0187 2620 Initialize success 13:33:39.0187 2620 ============================================================ 13:33:53.0625 1632 Deinitialize success second one: 13:41:26.0968 1992 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 13:41:28.0968 1992 ============================================================ 13:41:28.0968 1992 Current date / time: 2012/11/04 13:41:28.0968 13:41:28.0968 1992 SystemInfo: 13:41:28.0968 1992 13:41:28.0968 1992 OS Version: 5.1.2600 ServicePack: 3.0 13:41:28.0968 1992 Product type: Workstation 13:41:28.0968 1992 ComputerName: OWNER-4D0C6BC69 13:41:28.0968 1992 UserName: Owner 13:41:28.0968 1992 Windows directory: C:\WINDOWS 13:41:28.0968 1992 System windows directory: C:\WINDOWS 13:41:28.0968 1992 Processor architecture: Intel x86 13:41:28.0968 1992 Number of processors: 1 13:41:28.0968 1992 Page size: 0x1000 13:41:28.0968 1992 Boot type: Normal boot 13:41:28.0968 1992 ============================================================ 13:41:48.0781 1992 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2861, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054 13:41:49.0015 1992 ============================================================ 13:41:49.0015 1992 \Device\Harddisk0\DR0: 13:41:49.0156 1992 MBR partitions: 13:41:49.0156 1992 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1 13:41:49.0156 1992 ============================================================ 13:41:50.0593 1992 C: <-> \Device\Harddisk0\DR0\Partition1 13:41:50.0656 1992 ============================================================ 13:41:50.0656 1992 Initialize success 13:41:50.0656 1992 ============================================================ 13:47:11.0859 2064 ============================================================ 13:47:11.0859 2064 Scan started 13:47:11.0859 2064 Mode: Manual; SigCheck; TDLFS; 13:47:11.0859 2064 ============================================================ 13:47:16.0468 2064 ================ Scan system memory ======================== 13:47:16.0468 2064 System memory - ok 13:47:16.0468 2064 ================ Scan services ============================= 13:47:22.0296 2064 92433500 - ok 13:47:22.0406 2064 Abiosdsk - ok 13:47:22.0578 2064 abp480n5 - ok 13:47:23.0015 2064 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 13:48:39.0687 2064 ACPI - ok 13:48:54.0875 2064 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 13:48:55.0828 2064 ACPIEC - ok 13:48:58.0031 2064 [ B05F2367F62552A2DE7E3C352B7B9885 ] ADM8511 C:\WINDOWS\system32\DRIVERS\ADM8511.SYS 13:49:08.0406 2064 ADM8511 - ok 13:49:08.0421 2064 adpu160m - ok 13:49:10.0937 2064 [ AD707942E4CCB28D77CEE5ED989C9E55 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys 13:49:11.0453 2064 aeaudio - ok 13:49:12.0640 2064 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 13:49:13.0812 2064 aec - ok 13:49:16.0031 2064 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 13:49:19.0296 2064 AFD - ok 13:49:22.0312 2064 [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys 13:49:23.0343 2064 AFS2K - ok 13:49:34.0875 2064 [ 029E01CB2938BEC5AF31BF47B6AF0159 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys 13:49:42.0484 2064 AgereSoftModem - ok 13:49:42.0734 2064 Aha154x - ok 13:49:43.0281 2064 aic78u2 - ok 13:49:43.0296 2064 aic78xx - ok 13:49:45.0421 2064 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 13:49:46.0343 2064 Alerter - ok 13:49:46.0500 2064 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe 13:49:47.0562 2064 ALG - ok 13:49:47.0562 2064 AliIde - ok 13:49:47.0640 2064 amsint - ok 13:49:48.0640 2064 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 13:49:49.0671 2064 AppMgmt - ok 13:49:53.0500 2064 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 13:49:55.0343 2064 Arp1394 - ok 13:49:55.0375 2064 asc - ok 13:49:55.0406 2064 asc3350p - ok 13:49:55.0484 2064 asc3550 - ok 13:50:56.0281 2064 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 13:51:11.0609 2064 aspnet_state - ok 13:51:15.0906 2064 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 13:52:41.0140 2064 AsyncMac - ok 13:52:43.0625 2064 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 13:52:44.0968 2064 atapi - ok 13:52:44.0984 2064 Atdisk - ok 13:52:45.0375 2064 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 13:52:46.0640 2064 Atmarpc - ok 13:52:48.0453 2064 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 13:52:49.0375 2064 AudioSrv - ok 13:52:51.0109 2064 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 13:52:52.0000 2064 audstub - ok 13:53:01.0062 2064 [ 684DE9D6E62BFB177AABED3C62FDEAB3 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys 13:53:06.0765 2064 avgtp - ok 13:53:17.0046 2064 [ 2DC524A5D9C4879E7A7CB7100A2D36B4 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys 13:53:17.0906 2064 b57w2k - ok 13:53:20.0437 2064 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 13:53:21.0312 2064 Beep - ok 13:53:24.0546 2064 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll 13:53:31.0484 2064 BITS - ok 13:53:39.0578 2064 [ A065F048E9E23E6C026A7BB548D126A7 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 13:53:41.0687 2064 Bonjour Service - ok 13:53:42.0468 2064 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll 13:53:43.0625 2064 Browser - ok 13:53:44.0359 2064 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 13:53:44.0984 2064 cbidf2k - ok 13:53:45.0140 2064 cd20xrnt - ok 13:53:45.0765 2064 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 13:53:46.0609 2064 Cdaudio - ok 13:53:48.0093 2064 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 13:53:48.0718 2064 Cdfs - ok 13:53:49.0687 2064 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 13:53:50.0109 2064 Cdrom - ok 13:53:50.0890 2064 [ 1C7B1E36F3CED9E4B0B13385E627FE8B ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys 13:53:50.0984 2064 cfwids - ok 13:53:51.0015 2064 Changer - ok 13:53:52.0312 2064 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe 13:53:53.0656 2064 CiSvc - ok 13:53:54.0140 2064 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 13:53:55.0046 2064 ClipSrv - ok 13:53:56.0718 2064 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 13:54:06.0796 2064 clr_optimization_v2.0.50727_32 - ok 13:54:07.0203 2064 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys 13:54:08.0953 2064 CmBatt - ok 13:54:08.0953 2064 CmdIde - ok 13:54:09.0296 2064 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys 13:54:10.0812 2064 Compbatt - ok 13:54:10.0875 2064 COMSysApp - ok 13:54:11.0906 2064 Cpqarray - ok 13:54:16.0812 2064 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 13:54:18.0000 2064 CryptSvc - ok 13:54:18.0015 2064 dac2w2k - ok 13:54:18.0187 2064 dac960nt - ok 13:54:20.0093 2064 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 13:54:23.0156 2064 DcomLaunch - ok 13:54:24.0703 2064 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 13:54:26.0171 2064 Dhcp - ok 13:54:26.0515 2064 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 13:54:27.0453 2064 Disk - ok 13:54:27.0453 2064 dmadmin - ok 13:54:34.0093 2064 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 13:54:37.0359 2064 dmboot - ok 13:54:43.0515 2064 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys 13:54:44.0703 2064 dmio - ok 13:54:46.0171 2064 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 13:54:47.0250 2064 dmload - ok 13:54:49.0406 2064 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll 13:54:54.0796 2064 dmserver - ok 13:55:24.0765 2064 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 13:55:25.0703 2064 DMusic - ok 13:55:26.0906 2064 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 13:55:30.0203 2064 Dnscache - ok 13:55:33.0781 2064 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 13:55:36.0140 2064 Dot3svc - ok 13:55:36.0140 2064 dpti2o - ok 13:55:36.0343 2064 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 13:55:37.0593 2064 drmkaud - ok 13:55:38.0031 2064 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll 13:55:39.0453 2064 EapHost - ok 13:55:39.0718 2064 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll 13:55:40.0796 2064 ERSvc - ok 13:55:41.0031 2064 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe 13:55:42.0328 2064 Eventlog - ok 13:55:43.0750 2064 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll 13:55:45.0718 2064 EventSystem - ok 13:55:46.0375 2064 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 13:55:46.0765 2064 Fastfat - ok 13:55:47.0718 2064 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 13:55:48.0796 2064 FastUserSwitchingCompatibility - ok 13:55:49.0250 2064 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 13:55:49.0937 2064 Fdc - ok 13:55:50.0218 2064 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 13:55:50.0781 2064 Fips - ok 13:55:51.0671 2064 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 13:55:52.0281 2064 Flpydisk - ok 13:55:53.0078 2064 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys 13:55:53.0937 2064 FltMgr - ok 13:55:56.0937 2064 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 13:55:58.0203 2064 FontCache3.0.0.0 - ok 13:55:58.0875 2064 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 13:55:59.0609 2064 Fs_Rec - ok 13:56:04.0734 2064 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 13:56:05.0343 2064 Ftdisk - ok 13:56:05.0609 2064 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 13:56:05.0906 2064 GEARAspiWDM - ok 13:56:06.0234 2064 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 13:56:07.0437 2064 Gpc - ok 13:56:18.0000 2064 [ B6B1F53F585B41091EB3586F8297A379 ] GTIPCI21 C:\WINDOWS\system32\DRIVERS\gtipci21.sys 13:56:19.0109 2064 GTIPCI21 - ok 13:56:31.0062 2064 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 13:56:32.0265 2064 helpsvc - ok 13:56:32.0421 2064 HidServ - ok 13:56:43.0656 2064 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 13:56:45.0296 2064 hkmsvc - ok 13:56:45.0328 2064 hpn - ok 13:56:50.0296 2064 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 13:56:56.0484 2064 HTTP - ok 13:56:58.0718 2064 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 13:56:59.0968 2064 HTTPFilter - ok 13:56:59.0968 2064 i2omgmt - ok 13:56:59.0984 2064 i2omp - ok 13:57:07.0093 2064 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 13:57:07.0484 2064 i8042prt - ok 13:57:11.0953 2064 [ 9E52A1C2E2D7660612C52BC282259852 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 13:57:16.0718 2064 ialm - ok 13:57:19.0031 2064 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 13:57:24.0546 2064 idsvc - ok 13:57:24.0875 2064 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 13:57:25.0500 2064 Imapi - ok 13:57:25.0953 2064 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe 13:57:27.0093 2064 ImapiService - ok 13:57:27.0171 2064 ini910u - ok 13:57:27.0390 2064 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 13:57:28.0406 2064 IntelIde - ok 13:57:28.0578 2064 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 13:57:29.0625 2064 intelppm - ok 13:57:30.0609 2064 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 13:57:31.0859 2064 Ip6Fw - ok 13:57:32.0203 2064 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 13:57:33.0000 2064 IpFilterDriver - ok 13:57:33.0031 2064 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 13:57:35.0156 2064 IpInIp - ok 13:57:36.0156 2064 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 13:57:38.0171 2064 IpNat - ok 13:57:41.0578 2064 [ D8389F60EC63FB8197772349E82B5BB7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 13:57:47.0031 2064 iPod Service - ok 13:57:47.0671 2064 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 13:57:49.0859 2064 IPSec - ok 13:57:50.0843 2064 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys 13:57:55.0890 2064 irda - ok 13:57:56.0656 2064 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 13:57:59.0281 2064 IRENUM - ok 13:57:59.0531 2064 [ 49CC4533CE897CB2E93C1E84A818FDE5 ] Irmon C:\WINDOWS\System32\irmon.dll 13:58:00.0968 2064 Irmon - ok 13:58:01.0765 2064 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 13:58:03.0078 2064 isapnp - ok 13:58:04.0000 2064 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe 13:58:04.0281 2064 JavaQuickStarterService - ok 13:58:05.0031 2064 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 13:58:05.0453 2064 Kbdclass - ok 13:58:07.0968 2064 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 13:58:08.0703 2064 kmixer - ok 13:58:10.0265 2064 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 13:58:11.0250 2064 KSecDD - ok 13:58:12.0531 2064 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll 13:58:13.0312 2064 LanmanServer - ok 13:58:14.0718 2064 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 13:58:15.0359 2064 lanmanworkstation - ok 13:58:15.0406 2064 lbrtfdc - ok 13:58:17.0343 2064 [ 6E5DAC168D1FF9843E84A59D51D31107 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe 13:58:18.0437 2064 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 13:58:19.0062 2064 LightScribeService - detected UnsignedFile.Multi.Generic (1) 13:58:32.0765 2064 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 13:58:33.0343 2064 LmHosts - ok 13:58:41.0156 2064 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe 13:58:42.0187 2064 McAfee SiteAdvisor Service - ok 13:58:43.0578 2064 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McMPFSvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe 13:58:43.0609 2064 McMPFSvc - ok 13:58:44.0937 2064 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] mcmscsvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe 13:58:45.0125 2064 mcmscsvc - ok 13:58:45.0609 2064 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNaiAnn C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe 13:58:50.0187 2064 McNaiAnn - ok 13:58:52.0500 2064 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNASvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe 13:58:53.0468 2064 McNASvc - ok 13:58:57.0843 2064 [ B3CD9ADE1C2665124CA34125B331B0B4 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe 13:59:00.0203 2064 McODS - ok 13:59:10.0031 2064 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McProxy C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe 13:59:10.0203 2064 McProxy - ok 13:59:13.0531 2064 [ 593FA4C378818ECE76BA64A11AD56CF2 ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe 13:59:14.0453 2064 McShield - ok 13:59:17.0703 2064 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll 13:59:52.0578 2064 Messenger - ok 13:59:56.0046 2064 [ 43C31BDF404A6D7A7AC1BFD5EAD2A566 ] mfeapfk C:\WINDOWS\system32\drivers\mfeapfk.sys 13:59:56.0687 2064 mfeapfk - ok 13:59:57.0812 2064 [ C1DC5F42D3367F33B6451BE78B38BD46 ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys 13:59:58.0609 2064 mfeavfk - ok 13:59:58.0687 2064 mfeavfk01 - ok 13:59:59.0546 2064 [ 0435C43F4C2BE01B84868AD2A906397B ] mfebopk C:\WINDOWS\system32\drivers\mfebopk.sys 13:59:59.0734 2064 mfebopk - ok 14:00:01.0968 2064 [ 7E1F8B1BDC8240F08BD358B3A466C005 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe 14:00:06.0765 2064 mfefire - ok 14:00:08.0921 2064 [ 4EA6FF90015424517843E931448E00F1 ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys 14:00:10.0921 2064 mfefirek - ok 14:00:18.0000 2064 [ D1E998748BA24A731106611D535C6BBF ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys 14:00:20.0265 2064 mfehidk - ok 14:00:21.0875 2064 [ 26C76D10ED650E6492800D6F081ECFBA ] mfendisk C:\WINDOWS\system32\DRIVERS\mfendisk.sys 14:00:26.0015 2064 mfendisk - ok 14:00:26.0625 2064 [ 26C76D10ED650E6492800D6F081ECFBA ] mfendiskmp C:\WINDOWS\system32\DRIVERS\mfendisk.sys 14:00:26.0687 2064 mfendiskmp - ok 14:00:27.0703 2064 [ F454A13377F0A006D20A8C14A753C432 ] mferkdet C:\WINDOWS\system32\drivers\mferkdet.sys 14:00:28.0734 2064 mferkdet - ok 14:00:29.0265 2064 [ 070D3FAF2EAC417C59D8674A8752F7A6 ] mfetdi2k C:\WINDOWS\system32\drivers\mfetdi2k.sys 14:00:29.0750 2064 mfetdi2k - ok 14:00:31.0015 2064 [ B10C4EFD40810C08F4B44DF2EFCB54F7 ] mfevtp C:\WINDOWS\system32\mfevtps.exe 14:00:34.0906 2064 mfevtp - ok 14:00:35.0125 2064 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 14:00:36.0828 2064 mnmdd - ok 14:00:37.0296 2064 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 14:00:39.0156 2064 mnmsrvc - ok 14:00:43.0218 2064 [ D691B1E7B797778DBB831FFC5CFC39F1 ] MOBK755backup C:\Program Files\McAfee Online Backup\MOBK755backup.exe 14:00:44.0250 2064 MOBK755backup - ok 14:00:44.0859 2064 [ 720F2E1759526EC6D6D95CB284CF62D9 ] MOBK755Filter C:\WINDOWS\system32\DRIVERS\MOBK755.sys 14:00:45.0843 2064 MOBK755Filter - ok 14:00:47.0828 2064 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 14:00:48.0687 2064 Modem - ok 14:00:49.0093 2064 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 14:00:55.0281 2064 Mouclass - ok 14:00:57.0937 2064 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 14:00:59.0359 2064 MountMgr - ok 14:00:59.0453 2064 mraid35x - ok 14:01:00.0250 2064 [ 6075DE2AD531F6E30C9995DFDA22001F ] mrtRate C:\WINDOWS\system32\drivers\mrtRate.sys 14:01:00.0687 2064 mrtRate ( UnsignedFile.Multi.Generic ) - warning 14:01:00.0687 2064 mrtRate - detected UnsignedFile.Multi.Generic (1) 14:01:02.0000 2064 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 14:01:03.0000 2064 MRxDAV - ok 14:01:04.0859 2064 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 14:01:08.0546 2064 MRxSmb - ok 14:01:09.0093 2064 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 14:01:17.0453 2064 MSDTC - ok 14:01:18.0109 2064 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 14:01:20.0015 2064 Msfs - ok 14:01:20.0125 2064 MSIServer - ok 14:01:20.0546 2064 [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] MSK80Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe 14:01:22.0890 2064 MSK80Service - ok 14:01:24.0140 2064 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 14:01:25.0718 2064 MSKSSRV - ok 14:01:26.0437 2064 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 14:01:27.0234 2064 MSPCLOCK - ok 14:01:27.0546 2064 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 14:01:33.0453 2064 MSPQM - ok 14:01:33.0656 2064 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 14:01:34.0437 2064 mssmbios - ok 14:01:35.0250 2064 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 14:01:35.0921 2064 Mup - ok 14:01:37.0078 2064 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll 14:01:38.0515 2064 napagent - ok 14:01:40.0875 2064 [ 0D01287D85B3715FA8270E8EC919B7F7 ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe 14:01:46.0484 2064 NBService ( UnsignedFile.Multi.Generic ) - warning 14:01:46.0484 2064 NBService - detected UnsignedFile.Multi.Generic (1) 14:01:48.0234 2064 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 14:01:51.0062 2064 NDIS - ok 14:01:56.0546 2064 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 14:01:57.0500 2064 NdisTapi - ok 14:01:57.0828 2064 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 14:01:58.0546 2064 Ndisuio - ok 14:01:58.0968 2064 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 14:02:00.0140 2064 NdisWan - ok 14:02:00.0765 2064 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 14:02:01.0359 2064 NDProxy - ok 14:02:02.0156 2064 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 14:02:02.0937 2064 NetBIOS - ok 14:02:03.0343 2064 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 14:02:04.0187 2064 NetBT - ok 14:02:04.0718 2064 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe 14:02:05.0156 2064 NetDDE - ok 14:02:05.0437 2064 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 14:02:06.0062 2064 NetDDEdsdm - ok 14:02:06.0203 2064 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe 14:02:06.0656 2064 Netlogon - ok 14:02:07.0218 2064 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll 14:02:07.0843 2064 Netman - ok 14:02:10.0296 2064 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:02:10.0984 2064 NetTcpPortSharing - ok 14:02:11.0187 2064 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 14:02:11.0531 2064 NIC1394 - ok 14:02:11.0859 2064 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll 14:02:12.0328 2064 Nla - ok 14:02:13.0265 2064 [ C4EBBBD7165BE535F0BFD06B80601D91 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe 14:02:13.0671 2064 NMIndexingService ( UnsignedFile.Multi.Generic ) - warning 14:02:13.0671 2064 NMIndexingService - detected UnsignedFile.Multi.Generic (1) 14:02:14.0828 2064 [ CD2FE9C33CFD0FE0AF124E05907E5C3D ] nmservice C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe 14:02:16.0343 2064 nmservice - ok 14:02:16.0421 2064 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 14:02:17.0015 2064 Npfs - ok 14:02:17.0921 2064 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 14:02:19.0468 2064 Ntfs - ok 14:02:19.0515 2064 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 14:02:19.0953 2064 NtLmSsp - ok 14:02:20.0531 2064 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 14:02:21.0515 2064 NtmsSvc - ok 14:02:21.0546 2064 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 14:02:22.0031 2064 Null - ok 14:02:22.0187 2064 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 14:02:22.0390 2064 NwlnkFlt - ok 14:02:22.0406 2064 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 14:02:22.0593 2064 NwlnkFwd - ok 14:02:22.0656 2064 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 14:02:23.0281 2064 ohci1394 - ok 14:02:23.0375 2064 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 14:02:24.0765 2064 Parport - ok 14:02:24.0796 2064 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 14:02:25.0250 2064 PartMgr - ok 14:02:25.0468 2064 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 14:02:25.0828 2064 ParVdm - ok 14:02:26.0406 2064 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 14:02:26.0781 2064 PCI - ok 14:02:26.0781 2064 PCIDump - ok 14:02:27.0000 2064 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\drivers\PCIIde.sys 14:02:27.0593 2064 PCIIde - ok 14:02:27.0781 2064 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys 14:02:28.0109 2064 Pcmcia - ok 14:02:28.0125 2064 PDCOMP - ok 14:02:28.0171 2064 PDFRAME - ok 14:02:28.0171 2064 PDRELI - ok 14:02:28.0250 2064 PDRFRAME - ok 14:02:28.0250 2064 perc2 - ok 14:02:28.0265 2064 perc2hib - ok 14:02:28.0453 2064 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe 14:02:28.0625 2064 PlugPlay - ok 14:02:28.0781 2064 [ CE27FC8BDC54B3AC63D53E2D5F6CC929 ] pnarp C:\WINDOWS\system32\DRIVERS\pnarp.sys 14:02:28.0875 2064 pnarp - ok 14:02:28.0906 2064 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 14:02:29.0187 2064 PolicyAgent - ok 14:02:29.0312 2064 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 14:02:30.0500 2064 PptpMiniport - ok 14:02:30.0671 2064 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 14:02:31.0078 2064 ProtectedStorage - ok 14:02:31.0203 2064 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 14:02:31.0656 2064 PSched - ok 14:02:31.0796 2064 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 14:02:32.0984 2064 Ptilink - ok 14:02:33.0250 2064 [ F4FD591E86ECB6B5D000C7D6C987416B ] purendis C:\WINDOWS\system32\DRIVERS\purendis.sys 14:02:33.0671 2064 purendis - ok 14:02:33.0750 2064 ql1080 - ok 14:02:33.0890 2064 Ql10wnt - ok 14:02:33.0968 2064 ql12160 - ok 14:02:33.0984 2064 ql1240 - ok 14:02:34.0046 2064 ql1280 - ok 14:02:34.0359 2064 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 14:02:34.0703 2064 RasAcd - ok 14:02:34.0984 2064 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll 14:02:35.0500 2064 RasAuto - ok 14:02:35.0656 2064 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys 14:02:36.0062 2064 Rasirda - ok 14:02:36.0109 2064 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 14:02:36.0375 2064 Rasl2tp - ok 14:02:36.0812 2064 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll 14:02:37.0640 2064 RasMan - ok 14:02:37.0687 2064 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 14:02:37.0984 2064 RasPppoe - ok 14:02:38.0031 2064 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 14:02:38.0500 2064 Raspti - ok 14:02:38.0984 2064 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 14:02:39.0578 2064 Rdbss - ok 14:02:39.0734 2064 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 14:02:40.0031 2064 RDPCDD - ok 14:02:40.0671 2064 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 14:02:41.0281 2064 rdpdr - ok 14:02:41.0406 2064 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 14:02:42.0593 2064 RDPWD - ok 14:02:43.0093 2064 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 14:02:43.0593 2064 RDSessMgr - ok 14:02:43.0781 2064 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 14:02:44.0343 2064 redbook - ok 14:02:44.0468 2064 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 14:02:44.0968 2064 RemoteAccess - ok 14:02:45.0078 2064 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 14:02:45.0296 2064 RemoteRegistry - ok 14:02:45.0656 2064 [ BD517C7FB119997EFFBE39D5E4B37B05 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe 14:02:46.0031 2064 RichVideo ( UnsignedFile.Multi.Generic ) - warning 14:02:46.0031 2064 RichVideo - detected UnsignedFile.Multi.Generic (1) 14:02:46.0187 2064 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe 14:02:46.0656 2064 RpcLocator - ok 14:02:46.0984 2064 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll 14:02:47.0562 2064 RpcSs - ok 14:02:47.0656 2064 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe 14:02:48.0109 2064 RSVP - ok 14:02:48.0218 2064 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe 14:02:48.0359 2064 SamSs - ok 14:02:48.0453 2064 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 14:02:49.0062 2064 SCardSvr - ok 14:02:49.0296 2064 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll 14:02:50.0468 2064 Schedule - ok 14:02:50.0531 2064 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys 14:02:50.0718 2064 sdbus - ok 14:02:50.0843 2064 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 14:02:51.0187 2064 Secdrv - ok 14:02:51.0843 2064 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll 14:02:52.0171 2064 seclogon - ok 14:02:52.0468 2064 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll 14:02:53.0046 2064 SENS - ok 14:02:53.0406 2064 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 14:02:53.0718 2064 serenum - ok 14:02:53.0781 2064 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 14:02:54.0312 2064 Serial - ok 14:02:54.0515 2064 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 14:02:55.0328 2064 Sfloppy - ok 14:02:55.0750 2064 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 14:02:56.0750 2064 SharedAccess - ok 14:02:56.0859 2064 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 14:02:57.0234 2064 ShellHWDetection - ok 14:02:57.0250 2064 Simbad - ok 14:02:57.0343 2064 [ 707647A1AA0EDB6CBEF61B0C75C28ED3 ] SMCIRDA C:\WINDOWS\system32\DRIVERS\smcirda.sys 14:02:57.0625 2064 SMCIRDA - ok 14:02:57.0968 2064 [ 858934C454BDC6664C752BF0CD3EAEAE ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys 14:02:58.0578 2064 smwdm - ok 14:02:58.0781 2064 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS 14:02:59.0484 2064 SONYPVU1 - ok 14:02:59.0890 2064 [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe 14:03:00.0218 2064 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - warning 14:03:00.0218 2064 SoundMAX Agent Service (default) - detected UnsignedFile.Multi.Generic (1) 14:03:00.0312 2064 Sparrow - ok 14:03:00.0484 2064 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 14:03:00.0890 2064 splitter - ok 14:03:01.0187 2064 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 14:03:01.0500 2064 Spooler - ok 14:03:01.0625 2064 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 14:03:01.0734 2064 sr - ok 14:03:01.0890 2064 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll 14:03:02.0203 2064 srservice - ok 14:03:02.0406 2064 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 14:03:03.0156 2064 Srv - ok 14:03:03.0250 2064 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 14:03:03.0421 2064 SSDPSRV - ok 14:03:03.0578 2064 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll 14:03:04.0093 2064 stisvc - ok 14:03:04.0140 2064 SWDUMon - ok 14:03:04.0250 2064 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 14:03:04.0625 2064 swenum - ok 14:03:04.0765 2064 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 14:03:04.0953 2064 swmidi - ok 14:03:04.0968 2064 SwPrv - ok 14:03:04.0984 2064 symc810 - ok 14:03:05.0000 2064 symc8xx - ok 14:03:05.0015 2064 sym_hi - ok 14:03:05.0031 2064 sym_u3 - ok 14:03:05.0078 2064 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 14:03:05.0281 2064 sysaudio - ok 14:03:05.0406 2064 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 14:03:05.0609 2064 SysmonLog - ok 14:03:05.0781 2064 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 14:03:06.0140 2064 TapiSrv - ok 14:03:06.0359 2064 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 14:03:07.0234 2064 Tcpip - ok 14:03:07.0375 2064 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 14:03:07.0968 2064 TDPIPE - ok 14:03:08.0046 2064 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 14:03:08.0437 2064 TDTCP - ok 14:03:08.0562 2064 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 14:03:09.0000 2064 TermDD - ok 14:03:09.0296 2064 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll 14:03:09.0968 2064 TermService - ok 14:03:10.0109 2064 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll 14:03:10.0218 2064 Themes - ok 14:03:10.0531 2064 [ 0EDC3CF7B38F4260EB006C38E4A44DE4 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys 14:03:10.0984 2064 tifm21 - ok 14:03:11.0250 2064 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 14:03:11.0640 2064 TlntSvr - ok 14:03:11.0640 2064 TosIde - ok 14:03:11.0812 2064 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll 14:03:12.0093 2064 TrkWks - ok 14:03:12.0171 2064 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 14:03:12.0562 2064 Udfs - ok 14:03:12.0578 2064 ultra - ok 14:03:12.0859 2064 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 14:03:13.0640 2064 Update - ok 14:03:13.0828 2064 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll 14:03:14.0046 2064 upnphost - ok 14:03:14.0078 2064 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe 14:03:14.0421 2064 UPS - ok 14:03:14.0421 2064 USBAAPL - ok 14:03:14.0484 2064 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 14:03:14.0671 2064 usbehci - ok 14:03:14.0718 2064 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 14:03:15.0078 2064 usbhub - ok 14:03:15.0125 2064 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys 14:03:15.0312 2064 usbprint - ok 14:03:15.0390 2064 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 14:03:15.0843 2064 USBSTOR - ok 14:03:15.0937 2064 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 14:03:16.0125 2064 usbuhci - ok 14:03:16.0156 2064 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 14:03:16.0718 2064 VgaSave - ok 14:03:16.0828 2064 ViaIde - ok 14:03:17.0109 2064 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 14:03:17.0890 2064 VolSnap - ok 14:03:18.0359 2064 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe 14:03:18.0921 2064 VSS - ok 14:03:20.0312 2064 [ 3DA649C6EC481D8F36B54F33FC01DD1E ] vToolbarUpdater12.1.5 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe 14:03:26.0765 2064 vToolbarUpdater12.1.5 - ok 14:03:31.0359 2064 [ A22ABD73E0D6BA666CBA4E86EEB001B3 ] w29n51 C:\WINDOWS\system32\DRIVERS\w29n51.sys 14:03:37.0609 2064 w29n51 - ok 14:03:38.0671 2064 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll 14:03:39.0781 2064 W32Time - ok 14:03:39.0875 2064 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 14:03:40.0625 2064 Wanarp - ok 14:03:40.0640 2064 WDICA - ok 14:03:40.0843 2064 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 14:03:41.0578 2064 wdmaud - ok 14:03:41.0656 2064 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll 14:03:42.0546 2064 WebClient - ok 14:03:43.0859 2064 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 14:03:45.0671 2064 winmgmt - ok 14:03:45.0890 2064 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 14:03:46.0640 2064 WmdmPmSN - ok 14:03:47.0625 2064 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll 14:03:49.0796 2064 Wmi - ok 14:03:49.0890 2064 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 14:03:50.0328 2064 WmiAcpi - ok 14:03:50.0687 2064 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 14:03:51.0140 2064 WmiApSrv - ok 14:03:52.0515 2064 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 14:03:55.0562 2064 WMPNetworkSvc - ok 14:03:55.0796 2064 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll 14:03:56.0046 2064 wscsvc - ok 14:03:56.0187 2064 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 14:03:56.0765 2064 wuauserv - ok 14:03:56.0921 2064 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 14:03:57.0515 2064 WudfPf - ok 14:03:57.0656 2064 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 14:03:57.0906 2064 WudfRd - ok 14:03:58.0046 2064 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 14:03:58.0312 2064 WudfSvc - ok 14:03:58.0921 2064 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 14:04:00.0281 2064 WZCSVC - ok 14:04:00.0500 2064 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 14:04:00.0968 2064 xmlprov - ok 14:04:01.0031 2064 ================ Scan global =============================== 14:04:01.0328 2064 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll 14:04:01.0796 2064 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 14:04:02.0343 2064 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 14:04:02.0437 2064 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe 14:04:02.0484 2064 [Global] - ok 14:04:02.0484 2064 ================ Scan MBR ================================== 14:04:02.0593 2064 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 14:04:30.0156 2064 \Device\Harddisk0\DR0 - ok 14:04:30.0171 2064 ================ Scan VBR ================================== 14:04:30.0171 2064 [ 1D4FE6D09E064C76594E6966429F6B87 ] \Device\Harddisk0\DR0\Partition1 14:04:30.0171 2064 \Device\Harddisk0\DR0\Partition1 - ok 14:04:30.0187 2064 ================ Scan active images ======================== 14:04:30.0218 2064 ============================================================ 14:04:30.0218 2064 Scan finished 14:04:30.0218 2064 ============================================================ 14:04:30.0781 3608 Detected object count: 6 14:04:30.0781 3608 Actual detected object count: 6 14:06:51.0078 3608 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 14:06:51.0234 3608 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:06:51.0234 3608 mrtRate ( UnsignedFile.Multi.Generic ) - skipped by user 14:06:51.0234 3608 mrtRate ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:06:51.0234 3608 NBService ( UnsignedFile.Multi.Generic ) - skipped by user 14:06:51.0234 3608 NBService ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:06:51.0234 3608 NMIndexingService ( UnsignedFile.Multi.Generic ) - skipped by user 14:06:51.0234 3608 NMIndexingService ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:06:51.0234 3608 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user 14:06:51.0234 3608 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:06:51.0234 3608 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - skipped by user 14:06:51.0234 3608 SoundMAX Agent Service (default) ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:07:52.0765 2028 Deinitialize success
  8. As per your instructions I ran the programs and have attached the one file and posted the other two reports. Please let me know if you see anything that is affecting her machine. If not, the next step for me would be to do major testing of the memory in the machine (the present chip) and test when we get the new chip (trying to upgrade her amount of memory). Thanks again. This is the first of the DDS files, the other one is attached as a zip file DDS (Ver_2012-10-19.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1 Run by Owner at 12:19:47 on 2012-11-04 . ============== Running Processes ================ . C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\SCardSvr.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe C:\WINDOWS\system32\mfevtps.exe C:\Program Files\McAfee Online Backup\MOBK755backup.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\FixCleaner\FixCleaner.exe C:\Program Files\DriverUpdate\DriverUpdate.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe C:\Program Files\Microsoft Office\Office\FINDFAST.EXE C:\Program Files\Microsoft Office\Office\OSA.EXE C:\QUICKENW\QWDLLS.EXE C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE C:\WINDOWS\System32\alg.exe C:\WINDOWS\explorer.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s%s uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120820092718.dll BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\12.1.0.21\AVG Secure Search_toolbar.dll BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file> TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\12.1.0.21\AVG Secure Search_toolbar.dll uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background uRun: [FixCleaner] c:\program files\fixcleaner\FixCleaner.exe -boot uRun: [DriverUpdate] "c:\program files\driverupdate\DriverUpdate.exe" -boot mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe mRun: [DeviceDiscovery] c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe mRun: [igfxtray] c:\windows\system32\igfxtray.exe mRun: [igfxpers] c:\windows\system32\igfxpers.exe mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe mRun: [hpWirelessAssistant] c:\program files\hpq\hp wireless assistant\HP Wireless Assistant.exe mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [nmctxth] "c:\program files\common files\pure networks shared\platform\nmctxth.exe" mRun: [vProt] "c:\program files\avg secure search\vprot.exe" mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-Explorer: NoThumbnailCache = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:28 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1351901225171 DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: NameServer = 75.75.75.75 75.75.76.76 TCP: Interfaces\{D1C23877-3C03-4FE1-B9F6-1DAEC9B9F137} : DHCPNameServer = 75.75.75.75 75.75.76.76 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - c:\program files\common files\pure networks shared\platform\puresp4.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\12.1.5\ViProtocol.dll Notify: igfxcui - igfxdev.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll . ============= SERVICES / DRIVERS =============== . R? ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter R? mfendisk;McAfee Core NDIS Intermediate Filter R? mferkdet;McAfee Inc. mferkdet R? SWDUMon;SWDUMon S? avgtp;avgtp S? cfwids;McAfee Inc. cfwids S? GTIPCI21;GTIPCI21 S? McAfee SiteAdvisor Service;McAfee SiteAdvisor Service S? McMPFSvc;McAfee Personal Firewall Service S? McNaiAnn;McAfee VirusScan Announcer S? McProxy;McAfee Proxy Service S? McShield;McAfee McShield S? mfeavfk;McAfee Inc. mfeavfk S? mfebopk;McAfee Inc. mfebopk S? mfefire;McAfee Firewall Core Service S? mfefirek;McAfee Inc. mfefirek S? mfehidk;McAfee Inc. mfehidk S? mfendiskmp;mfendiskmp S? mfetdi2k;McAfee Inc. mfetdi2k S? mfevtp;McAfee Validation Trust Protection Service S? MOBK755backup;McAfee Online Backup Service S? MOBK755Filter;MOBK755Filter S? mrtRate;mrtRate S? vToolbarUpdater12.1.5;vToolbarUpdater12.1.5 . =============== Created Last 30 ================ . 2012-11-01 19:01:33 -------- d-----w- c:\program files\Trend Micro 2012-11-01 17:40:12 -------- d-----w- C:\e4dac09a09da8dc777cd5f8a4f 2012-10-31 12:21:33 -------- d-----w- c:\windows\pss 2012-10-28 12:30:02 -------- d-----w- c:\documents and settings\owner\application data\Malwarebytes 2012-10-28 12:28:17 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-10-28 12:28:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-10-28 12:28:01 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-10-27 22:55:08 -------- d-----w- c:\program files\Spybot - Search & Destroy 2012-10-27 20:09:02 -------- d-----w- C:\483f5c0d14c4ee7828 2012-10-27 19:45:44 -------- d-----w- c:\windows\system32\XPSViewer 2012-10-27 19:36:47 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll 2012-10-27 19:29:51 117760 ------w- c:\windows\system32\prntvpt.dll 2012-10-27 19:29:50 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2012-10-27 19:29:49 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2012-10-27 19:29:49 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2012-10-27 19:29:46 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2012-10-27 19:29:46 575488 ------w- c:\windows\system32\xpsshhdr.dll 2012-10-27 19:29:38 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2012-10-27 19:29:38 1676288 ------w- c:\windows\system32\xpssvcs.dll 2012-10-27 19:29:21 -------- d-----w- C:\0a8481c6362fa3ca3c55a6 2012-10-27 18:15:35 -------- d-----w- c:\program files\TeaTimer (Spybot - Search & Destroy) 2012-10-27 18:15:35 -------- d-----w- c:\program files\SDHelper (Spybot - Search & Destroy) 2012-10-27 18:15:35 -------- d-----w- c:\program files\Misc. Support Library (Spybot - Search & Destroy) 2012-10-27 18:15:35 -------- d-----w- c:\program files\File Scanner Library (Spybot - Search & Destroy) 2012-10-27 18:15:35 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy 2012-10-23 13:46:00 3993600 ----a-w- c:\program files\GUT9.tmp 2012-10-23 13:46:00 -------- d-----w- c:\program files\GUM8.tmp 2012-10-23 13:07:42 -------- d-----w- c:\documents and settings\owner\local settings\application data\Real 2012-10-23 13:01:54 -------- d-----w- c:\program files\common files\xing shared 2012-10-23 12:36:04 -------- d-----w- c:\program files\The Weather Channel FW 2012-10-23 12:33:58 -------- d-----w- c:\documents and settings\owner\local settings\application data\The Weather Channel 2012-10-22 19:54:07 -------- d-----w- c:\documents and settings\owner\local settings\application data\Google 2012-10-22 19:53:29 4096000 ----a-w- c:\program files\GUT43.tmp 2012-10-22 19:53:29 -------- d-----w- c:\program files\GUM42.tmp 2012-10-12 23:26:00 96224 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe 2012-10-12 23:26:00 157272 ----a-w- c:\program files\mozilla firefox\webapp-uninstaller.exe 2012-10-12 23:25:29 29312 ----a-w- c:\program files\mozilla firefox\ScriptFF.dll . ==================== Find3M ==================== . 2012-11-04 17:02:00 13024 ----a-w- c:\windows\system32\drivers\SWDUMon.sys 2012-11-01 18:20:14 13024 ----a-w- c:\windows\system32\drivers\SETE.tmp 2012-10-23 12:56:01 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-10-23 12:55:58 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-08-21 13:29:19 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-21 12:58:06 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-08-18 21:41:38 143872 ----a-w- c:\windows\system32\javacpl.cpl . ============= FINISH: 12:26:16.54 =============== This one is the roguekiller report: RogueKiller V8.2.2 [11/03/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo...13-roguekiller/ Website: http://tigzy.geeksto...roguekiller.php Blog: http://tigzyrk.blogspot.com Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Owner [Admin rights] Mode : Scan -- Date : 11/04/2012 12:49:35 ¤¤¤ Bad processes : 1 ¤¤¤ [sUSP PATH] for susan's machine - RogueKiller.exe -- C:\Documents and Settings\Owner\Desktop\run on Susan's machine\for susan's machine - RogueKiller.exe -> KILLED [TermThr] ¤¤¤ Registry Entries : 1 ¤¤¤ [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: TOSHIBA MK8025GAS +++++ --- User --- [MBR] 7b1c534463396aa2733efab8aabee4ff [bSP] 7166e01b0afeb0f73e9ab91b34015cd2 : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_11042012_02d1249.txt >> RKreport[1]_S_11042012_02d1249.txt attach.zip
  9. I working on a friend's notebook who a few weeks ago found that it was very slow. She's not sure what she was doing but it just became unusable. I've run Spybot Search and Destroy which found just a batch of cookies (expected that) and MBAM didn't find anything with two scans done. I ran Hijackthis to see if someone can find what could be causing extreme slowness. Is this machine infected? She is running Windows XP, SP3, it's updated except for the lastest IE8 security update which it cannot seem to update. She has 512 MB of memory (with a request that she add some more) but that doesn't explain the change in speed of the machine. She did download, pay for and install fixcleaner (which I never had heard of) to see if she could fix it herself. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:07:48 PM, on 11/1/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe C:\WINDOWS\system32\mfevtps.exe C:\Program Files\McAfee Online Backup\MOBK755backup.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\AVG Secure Search\vprot.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\FixCleaner\FixCleaner.exe C:\Program Files\DriverUpdate\DriverUpdate.exe C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe C:\Program Files\Microsoft Office\Office\FINDFAST.EXE C:\Program Files\Microsoft Office\Office\OSA.EXE C:\QUICKENW\QWDLLS.EXE C:\PROGRA~1\hpq\Shared\HPQTOA~1.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe C:\PROGRA~1\McAfee\MSC\McSync.exe c:\PROGRA~1\mcafee\SITEAD~1\saUpd.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s%s R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120820092718.dll O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.1.0.21\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [FixCleaner] C:\Program Files\FixCleaner\FixCleaner.exe -boot O4 - HKCU\..\Run: [DriverUpdate] "C:\Program Files\DriverUpdate\DriverUpdate.exe" -boot O4 - Global Startup: Billminder.lnk = C:\QUICKENW\BILLMIND.EXE O4 - Global Startup: Image Transfer.lnk = ? O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE O4 - Global Startup: Quicken Startup.lnk = C:\QUICKENW\QWDLLS.EXE O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.1.5\ViProtocol.dll O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe O23 - Service: McAfee Online Backup Service (MOBK755backup) - McAfee, Inc. - C:\Program Files\McAfee Online Backup\MOBK755backup.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: vToolbarUpdater12.1.5 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.1.5\ToolbarUpdater.exe Attached are also the MBAM and Spybot logs from the last scans I did. mbam-log-2012-11-01 (15-39-10).txt SpybotSD.Report.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.