Jump to content

Shanna

Members
  • Posts

    6
  • Joined

  • Last visited

Everything posted by Shanna

  1. Can I re-enable the programs that were un-enabled now? My system is working properly; just wondering if anything showed up that I should remove?
  2. Hey! Google works in Chrome;l I haven't checked it in my other browsers. Security Essentials is on, updated and found a little trojan. SO far eveything is running awesomely. Here's the log. ComboFix 11-07-26.03 - Shanna 07/26/2011 17:47:12.1.2 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2038.1303 [GMT -7:00] Running from: c:\users\Shanna\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Outdated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Outdated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\Downloaded Installers c:\program files\Downloaded Installers\{E6BEC86E-DCA9-4510-975F-E2DC68D3E5D7}\setup.msi c:\users\Shanna\AppData\Roaming\Local c:\users\Shanna\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi c:\users\Shanna\AppData\Roaming\Local\Temp\DDM\Settings\4ndx0p7oht9rs.avi.ddr c:\users\Shanna\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi c:\users\Shanna\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\4ndx0p7oht9rs.avi.ddp c:\users\Shanna\Documents\~WRL0005.tmp c:\users\Shanna\Documents\~WRL3705.tmp . c:\windows\System32\autochk.exe . . . is infected!! . . ((((((((((((((((((((((((( Files Created from 2011-06-27 to 2011-07-27 ))))))))))))))))))))))))))))))) . . 2011-07-27 01:00 . 2011-07-27 01:00 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-07-23 21:54 . 2011-07-27 00:39 17408 ----a-w- c:\windows\system32\rpcnetp.dll 2011-07-23 21:54 . 2011-07-27 00:39 17408 ----a-w- c:\windows\system32\rpcnetp.exe 2011-07-23 02:20 . 2011-07-23 02:20 -------- d-----w- c:\program files\ESET 2011-07-22 22:21 . 2011-07-22 22:21 -------- d-----w- c:\program files\Microsoft Security Client 2011-07-22 20:05 . 2011-07-22 20:05 -------- d-----w- c:\users\Shanna\AppData\Roaming\Malwarebytes 2011-07-22 20:05 . 2011-07-06 23:52 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-22 20:05 . 2011-07-22 20:05 -------- d-----w- c:\programdata\Malwarebytes 2011-07-22 20:05 . 2011-07-22 20:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-07-22 20:05 . 2011-07-06 23:52 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-22 05:44 . 2011-07-22 05:44 -------- d-----w- C:\found.000 2011-07-22 01:00 . 2011-07-22 01:00 -------- d-----w- c:\windows\system32\SPReview 2011-07-22 00:59 . 2011-07-22 00:59 -------- d-----w- c:\windows\system32\EventProviders 2011-07-22 00:54 . 2011-07-22 22:25 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-07-22 00:54 . 2011-07-22 22:23 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-07-20 06:58 . 2011-03-25 02:58 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys 2011-07-20 06:58 . 2011-03-25 02:58 284672 ----a-w- c:\windows\system32\drivers\usbport.sys 2011-07-20 06:58 . 2011-03-25 02:58 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2011-07-20 06:58 . 2011-03-25 02:57 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys 2011-07-20 06:58 . 2011-03-25 02:57 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys 2011-07-20 06:58 . 2011-03-25 02:57 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2011-07-20 06:58 . 2011-03-25 02:57 5888 ----a-w- c:\windows\system32\drivers\usbd.sys 2011-07-19 04:10 . 2011-07-19 04:10 -------- d-----w- c:\programdata\VanDyke 2011-07-19 03:55 . 2011-07-19 03:55 -------- d-----w- c:\users\Shanna\AppData\Roaming\VanDyke 2011-07-19 03:52 . 2011-07-19 03:52 -------- d-----w- c:\program files\VanDyke Software 2011-07-19 03:51 . 2011-07-19 03:51 -------- d-----w- c:\users\Shanna\AppData\Local\Downloaded Installations 2011-07-19 03:46 . 2010-11-20 12:21 750592 ----a-w- c:\windows\system32\schedsvc.dll 2011-07-19 03:45 . 2010-11-20 12:16 1466368 ----a-w- c:\windows\system32\inetcpl.cpl 2011-07-19 03:44 . 2010-11-20 10:49 386048 ----a-w- c:\windows\system32\html.iec 2011-07-19 03:42 . 2010-11-20 12:18 323072 ----a-w- c:\windows\system32\drvstore.dll 2011-07-19 03:42 . 2010-11-20 12:18 257024 ----a-w- c:\windows\system32\dpx.dll 2011-07-19 03:39 . 2011-07-19 03:40 -------- d-----w- c:\program files\Cisco 2011-07-19 03:39 . 2011-07-19 03:39 -------- d-----w- c:\users\Shanna\AppData\Local\Cisco 2011-07-19 03:38 . 2011-07-19 03:39 -------- d-----w- c:\programdata\Cisco 2011-07-19 03:16 . 2011-06-11 02:29 2334208 ----a-w- c:\windows\system32\win32k.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-23 02:47 . 2010-12-10 04:20 44544 ----a-w- c:\windows\system32\agremove.exe 2011-07-22 01:10 . 2009-07-14 02:05 152576 ----a-w- c:\windows\system32\msclmd.dll 2011-05-28 02:53 . 2011-06-23 21:19 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-05-23 18:55 . 2011-05-23 18:55 10704 ----a-w- c:\windows\system32\vpncategories.dll 2011-05-23 18:55 . 2011-05-23 18:55 32720 ----a-w- c:\windows\system32\vpnevents.dll 2011-05-23 18:45 . 2011-05-23 18:45 23464 ----a-w- c:\windows\system32\drivers\vpnva.sys 2011-05-23 18:45 . 2011-05-23 18:45 77968 ----a-r- c:\windows\system32\drivers\acsock.sys 2011-05-03 04:30 . 2011-06-23 21:20 741376 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 02:46 . 2011-06-23 21:21 311808 ----a-w- c:\windows\system32\drivers\srv.sys 2011-04-29 02:46 . 2011-06-23 21:21 310272 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-04-29 02:46 . 2011-06-23 21:21 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2010-11-11 159472] "cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent.exe" [2009-07-20 484920] "ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2009-07-22 83336] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552] "Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2011-05-23 522192] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk backup=c:\windows\pss\Adobe Acrobat Speed Launcher.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk backup=c:\windows\pss\Adobe Gamma.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scrybe.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Scrybe.lnk backup=c:\windows\pss\Scrybe.lnk.CommonStartup backupExtension=.CommonStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0] 2004-12-14 07:12 483328 ----a-w- c:\program files\Adobe\Adobe Acrobat 7.0\Distillr\acrotray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater] 2007-04-04 19:41 970752 ----a-w- c:\program files\Common Files\Adobe\Updater\AdobeUpdater.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner] 2011-02-23 21:23 2251064 ----a-w- c:\program files\CCleaner\CCleaner.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-11-10 07:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-10-29 19:49 249064 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh] 2007-11-29 22:58 1029416 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe . R1 MpKsl0bbc50c9;MpKsl0bbc50c9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9D9B33F8-010E-4C05-9748-A1AF0A47FE87}\MpKsl0bbc50c9.sys [x] R1 MpKsl1596a0b6;MpKsl1596a0b6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{E0272AA9-EAB6-48E1-BA5B-7A71275A0B8B}\MpKsl1596a0b6.sys [x] R1 MpKsl2e0cdf02;MpKsl2e0cdf02;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C446BCEB-DBDA-47FB-A2C1-7794A8A26C92}\MpKsl2e0cdf02.sys [x] R1 MpKsl3c8005ef;MpKsl3c8005ef;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{EE384E6B-AE1E-4B4B-86CB-29A9030277A1}\MpKsl3c8005ef.sys [x] R1 MpKsl4042ed1a;MpKsl4042ed1a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{56F0CDBF-3D0C-4026-AC51-3EA9D6327C66}\MpKsl4042ed1a.sys [x] R1 MpKsl476813f2;MpKsl476813f2;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9A68CD18-4577-4C4C-9B9A-3667D94BC425}\MpKsl476813f2.sys [x] R1 MpKsl6a915a60;MpKsl6a915a60;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B0417D42-1E21-4321-AF32-6D1FC4478538}\MpKsl6a915a60.sys [x] R1 MpKsl6d304f21;MpKsl6d304f21;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F5721440-0A78-40A5-9394-C6A88C04889D}\MpKsl6d304f21.sys [x] R1 MpKsl756d8049;MpKsl756d8049;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8F1B6F18-CBC2-4821-BF1E-D88DA43F608B}\MpKsl756d8049.sys [x] R1 MpKsl7affca23;MpKsl7affca23;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{14135D5E-DA5C-43D9-9236-C35510A9A08F}\MpKsl7affca23.sys [x] R1 MpKsl806fbe82;MpKsl806fbe82;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9D9B33F8-010E-4C05-9748-A1AF0A47FE87}\MpKsl806fbe82.sys [x] R1 MpKsl8f7c3b2c;MpKsl8f7c3b2c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3D684919-A8F8-4CE4-AC6D-A6DEB290A189}\MpKsl8f7c3b2c.sys [x] R1 MpKsl99f88b21;MpKsl99f88b21;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{130152DA-3AB4-46F9-96B0-6C82AF76B50F}\MpKsl99f88b21.sys [x] R1 MpKsl9ba5e268;MpKsl9ba5e268;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{31436482-651D-4E8B-8661-9B506D1145B8}\MpKsl9ba5e268.sys [x] R1 MpKsl9fa333bd;MpKsl9fa333bd;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{98F13F98-D232-4331-B6C7-D1836A384678}\MpKsl9fa333bd.sys [x] R1 MpKslbd9e0da5;MpKslbd9e0da5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1482642D-A798-4906-9CC6-F36EE9D9EE97}\MpKslbd9e0da5.sys [x] R1 MpKslcb52f180;MpKslcb52f180;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{30779361-1C58-425A-801A-DF1775044A5B}\MpKslcb52f180.sys [x] R1 MpKslcdd7ca3a;MpKslcdd7ca3a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{91619B27-290E-4B6B-ADDB-F88C08E35882}\MpKslcdd7ca3a.sys [x] R1 MpKsldf7daaa1;MpKsldf7daaa1;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{69EACC76-699D-40FB-B0C6-9410D9513876}\MpKsldf7daaa1.sys [x] R1 MpKsle3a77954;MpKsle3a77954;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{769DC899-AC43-4AC5-8D8D-AF6991624CBA}\MpKsle3a77954.sys [x] R1 MpKslefe89273;MpKslefe89273;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{8F1B6F18-CBC2-4821-BF1E-D88DA43F608B}\MpKslefe89273.sys [x] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock.sys [2011-05-23 77968] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2010-12-28 31124344] R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 43392] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 65024] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 208944] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872] R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2011-02-22 11232] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\DRIVERS\wacmoumonitor.sys [2010-11-02 10752] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-10 1343400] R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2010-11-11 268528] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128] R4 ScrybeUpdater;Scrybe Updater;c:\program files\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-01-14 1294848] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128] S2 TabletServiceWacom;TabletServiceWacom;c:\program files\Tablet\Wacom\Wacom_Tablet.exe [2010-11-15 4807536] S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2011-05-23 465872] S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2media.sys [2008-03-04 48600] S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360] S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992] S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504] S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-05-20 314368] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Contents of the 'Scheduled Tasks' folder . 2011-07-27 c:\windows\Tasks\DriverUpdate Startup.job - c:\program files\DriverUpdate\DriverUpdate.exe [2011-02-01 21:37] . 2011-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2524994211-1086117135-4107810037-1000Core.job - c:\users\Shanna\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-22 00:45] . 2011-07-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2524994211-1086117135-4107810037-1000UA.job - c:\users\Shanna\AppData\Local\Google\Update\GoogleUpdate.exe [2011-07-22 00:45] . . ------- Supplementary Scan ------- . uInternet Settings,ProxyOverride = <local> IE: Convert link target to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert to existing PDF - c:\program files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 TCP: DhcpNameServer = 68.87.69.150 68.87.85.102 FF - ProfilePath - c:\users\Shanna\AppData\Roaming\Mozilla\Firefox\Profiles\sia8rj4z.default\ FF - prefs.js: network.proxy.type - 4 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\DivX\DivX Plus Web Player\firefox\html5video FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\DivX\DivX Plus Web Player\firefox\wpa FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung . - - - - ORPHANS REMOVED - - - - . SafeBoot-mcmscsvc SafeBoot-MCODS MSConfigStartUp-JP595IR86O - c:\users\Shanna\AppData\Local\Temp\Hlx.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2011-07-26 18:04:44 ComboFix-quarantined-files.txt 2011-07-27 01:04 . Pre-Run: 127,503,532,032 bytes free Post-Run: 127,110,881,280 bytes free . - - End Of File - - 074A1C9B8F08871CD5CB7C82893F3681
  3. Thank You for responding. My computer is still re-directing in all browsers (I tested it out in chrome, IE 9, Firefox and Opera.) I also am unable to start Security essentials in normal mode. In safe mode, the computer starts Security Essentials but cannot turn on immediate protection, nor can it run a scan. Unfortunately, TDS didn't find anything: 2011/07/26 01:46:24.0124 2544 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56 2011/07/26 01:46:24.0358 2544 ================================================================================ 2011/07/26 01:46:24.0358 2544 SystemInfo: 2011/07/26 01:46:24.0358 2544 2011/07/26 01:46:24.0358 2544 OS Version: 6.1.7601 ServicePack: 1.0 2011/07/26 01:46:24.0358 2544 Product type: Workstation 2011/07/26 01:46:24.0358 2544 ComputerName: SHANNA-PC 2011/07/26 01:46:24.0358 2544 UserName: Shanna 2011/07/26 01:46:24.0358 2544 Windows directory: C:\Windows 2011/07/26 01:46:24.0358 2544 System windows directory: C:\Windows 2011/07/26 01:46:24.0358 2544 Processor architecture: Intel x86 2011/07/26 01:46:24.0358 2544 Number of processors: 2 2011/07/26 01:46:24.0358 2544 Page size: 0x1000 2011/07/26 01:46:24.0358 2544 Boot type: Normal boot 2011/07/26 01:46:24.0358 2544 ================================================================================ 2011/07/26 01:46:25.0715 2544 Initialize success 2011/07/26 01:46:28.0227 1956 ================================================================================ 2011/07/26 01:46:28.0227 1956 Scan started 2011/07/26 01:46:28.0227 1956 Mode: Manual; 2011/07/26 01:46:28.0227 1956 ================================================================================ 2011/07/26 01:46:30.0270 1956 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys 2011/07/26 01:46:30.0333 1956 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys 2011/07/26 01:46:30.0473 1956 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys 2011/07/26 01:46:30.0535 1956 acsock (ae954c42547605408cddf03bb13845b8) C:\Windows\system32\DRIVERS\acsock.sys 2011/07/26 01:46:30.0707 1956 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 2011/07/26 01:46:30.0738 1956 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 2011/07/26 01:46:30.0863 1956 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 2011/07/26 01:46:30.0957 1956 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys 2011/07/26 01:46:31.0081 1956 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys 2011/07/26 01:46:31.0144 1956 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 2011/07/26 01:46:31.0269 1956 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys 2011/07/26 01:46:31.0331 1956 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys 2011/07/26 01:46:31.0362 1956 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys 2011/07/26 01:46:31.0471 1956 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 2011/07/26 01:46:31.0503 1956 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 2011/07/26 01:46:31.0565 1956 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys 2011/07/26 01:46:31.0674 1956 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 2011/07/26 01:46:31.0721 1956 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys 2011/07/26 01:46:31.0783 1956 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys 2011/07/26 01:46:31.0924 1956 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 2011/07/26 01:46:31.0971 1956 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 2011/07/26 01:46:32.0095 1956 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 2011/07/26 01:46:32.0173 1956 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys 2011/07/26 01:46:32.0329 1956 athr (ac4adac154563ab41cc79b0257bc685a) C:\Windows\system32\DRIVERS\athr.sys 2011/07/26 01:46:32.0485 1956 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 2011/07/26 01:46:32.0532 1956 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 2011/07/26 01:46:32.0688 1956 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 2011/07/26 01:46:32.0829 1956 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 2011/07/26 01:46:32.0907 1956 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys 2011/07/26 01:46:33.0031 1956 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 2011/07/26 01:46:33.0063 1956 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 2011/07/26 01:46:33.0109 1956 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 2011/07/26 01:46:33.0219 1956 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 2011/07/26 01:46:33.0250 1956 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 2011/07/26 01:46:33.0281 1956 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 2011/07/26 01:46:33.0312 1956 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 2011/07/26 01:46:33.0453 1956 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 2011/07/26 01:46:33.0515 1956 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys 2011/07/26 01:46:33.0640 1956 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 2011/07/26 01:46:33.0702 1956 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 2011/07/26 01:46:33.0827 1956 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 2011/07/26 01:46:33.0889 1956 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys 2011/07/26 01:46:34.0045 1956 CNG (1b675691ed940766149c93e8f4488d68) C:\Windows\system32\Drivers\cng.sys 2011/07/26 01:46:34.0186 1956 CnxtHdAudService (2fbea8aaad105b93f1ef93f206664245) C:\Windows\system32\drivers\CHDRT32.sys 2011/07/26 01:46:34.0217 1956 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 2011/07/26 01:46:34.0373 1956 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys 2011/07/26 01:46:34.0420 1956 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 2011/07/26 01:46:34.0591 1956 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys 2011/07/26 01:46:34.0779 1956 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys 2011/07/26 01:46:34.0935 1956 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 2011/07/26 01:46:34.0950 1956 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 2011/07/26 01:46:35.0106 1956 Dot4 (b5e479eb83707dd698f66953e922042c) C:\Windows\system32\DRIVERS\Dot4.sys 2011/07/26 01:46:35.0309 1956 Dot4Print (caefd09b6a6249c53a67d55a9a9fcabf) C:\Windows\system32\drivers\Dot4Prt.sys 2011/07/26 01:46:35.0449 1956 dot4usb (cf491ff38d62143203c065260567e2f7) C:\Windows\system32\DRIVERS\dot4usb.sys 2011/07/26 01:46:35.0496 1956 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 2011/07/26 01:46:35.0637 1956 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys 2011/07/26 01:46:35.0855 1956 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 2011/07/26 01:46:36.0042 1956 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 2011/07/26 01:46:36.0105 1956 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys 2011/07/26 01:46:36.0245 1956 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 2011/07/26 01:46:36.0385 1956 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 2011/07/26 01:46:36.0432 1956 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 2011/07/26 01:46:36.0573 1956 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 2011/07/26 01:46:36.0604 1956 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 2011/07/26 01:46:36.0619 1956 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 2011/07/26 01:46:36.0744 1956 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 2011/07/26 01:46:36.0791 1956 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 2011/07/26 01:46:36.0916 1956 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 2011/07/26 01:46:36.0994 1956 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys 2011/07/26 01:46:37.0119 1956 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 2011/07/26 01:46:37.0165 1956 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 2011/07/26 01:46:37.0337 1956 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys 2011/07/26 01:46:37.0399 1956 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys 2011/07/26 01:46:37.0493 1956 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 2011/07/26 01:46:37.0524 1956 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 2011/07/26 01:46:37.0555 1956 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 2011/07/26 01:46:37.0867 1956 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\drivers\hidusb.sys 2011/07/26 01:46:38.0133 1956 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys 2011/07/26 01:46:38.0226 1956 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys 2011/07/26 01:46:38.0367 1956 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys 2011/07/26 01:46:38.0460 1956 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys 2011/07/26 01:46:38.0585 1956 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys 2011/07/26 01:46:38.0913 1956 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys 2011/07/26 01:46:39.0147 1956 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 2011/07/26 01:46:39.0240 1956 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys 2011/07/26 01:46:39.0349 1956 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 2011/07/26 01:46:39.0412 1956 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 2011/07/26 01:46:39.0552 1956 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys 2011/07/26 01:46:39.0599 1956 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 2011/07/26 01:46:39.0693 1956 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 2011/07/26 01:46:39.0771 1956 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys 2011/07/26 01:46:39.0833 1956 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys 2011/07/26 01:46:39.0973 1956 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys 2011/07/26 01:46:40.0020 1956 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys 2011/07/26 01:46:40.0098 1956 KSecDD (412cea1aa78cc02a447f5c9e62b32ff1) C:\Windows\system32\Drivers\ksecdd.sys 2011/07/26 01:46:40.0223 1956 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\Windows\system32\Drivers\ksecpkg.sys 2011/07/26 01:46:40.0285 1956 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 2011/07/26 01:46:40.0348 1956 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 2011/07/26 01:46:40.0441 1956 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 2011/07/26 01:46:40.0473 1956 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 2011/07/26 01:46:40.0519 1956 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 2011/07/26 01:46:40.0629 1956 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 2011/07/26 01:46:40.0675 1956 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 2011/07/26 01:46:40.0707 1956 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 2011/07/26 01:46:40.0863 1956 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 2011/07/26 01:46:40.0987 1956 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 2011/07/26 01:46:41.0065 1956 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 2011/07/26 01:46:41.0190 1956 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 2011/07/26 01:46:41.0253 1956 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys 2011/07/26 01:46:41.0393 1956 MpFilter (fee0baded54222e9f1dae9541212aab1) C:\Windows\system32\DRIVERS\MpFilter.sys 2011/07/26 01:46:41.0455 1956 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys 2011/07/26 01:46:42.0625 1956 MpNWMon (2c3489660d4a8d514c123c3f0d67df46) C:\Windows\system32\DRIVERS\MpNWMon.sys 2011/07/26 01:46:42.0688 1956 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 2011/07/26 01:46:42.0750 1956 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys 2011/07/26 01:46:42.0859 1956 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys 2011/07/26 01:46:42.0937 1956 mrxsmb10 (a70c828a93cce4c11617f6249f4d87fc) C:\Windows\system32\DRIVERS\mrxsmb10.sys 2011/07/26 01:46:43.0171 1956 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys 2011/07/26 01:46:43.0421 1956 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys 2011/07/26 01:46:43.0483 1956 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys 2011/07/26 01:46:43.0624 1956 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 2011/07/26 01:46:43.0639 1956 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 2011/07/26 01:46:43.0702 1956 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys 2011/07/26 01:46:43.0749 1956 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 2011/07/26 01:46:43.0889 1956 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 2011/07/26 01:46:43.0920 1956 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 2011/07/26 01:46:43.0951 1956 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 2011/07/26 01:46:44.0107 1956 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys 2011/07/26 01:46:44.0170 1956 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 2011/07/26 01:46:44.0263 1956 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 2011/07/26 01:46:44.0295 1956 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 2011/07/26 01:46:44.0435 1956 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 2011/07/26 01:46:44.0607 1956 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys 2011/07/26 01:46:44.0731 1956 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 2011/07/26 01:46:44.0763 1956 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 2011/07/26 01:46:44.0919 1956 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys 2011/07/26 01:46:45.0012 1956 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys 2011/07/26 01:46:45.0153 1956 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys 2011/07/26 01:46:45.0215 1956 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 2011/07/26 01:46:45.0355 1956 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys 2011/07/26 01:46:45.0449 1956 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 2011/07/26 01:46:45.0574 1956 NisDrv (7b01c6172cfd0b10116175e09200d4b4) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 2011/07/26 01:46:45.0636 1956 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 2011/07/26 01:46:45.0745 1956 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 2011/07/26 01:46:45.0839 1956 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys 2011/07/26 01:46:45.0995 1956 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 2011/07/26 01:46:46.0073 1956 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys 2011/07/26 01:46:46.0182 1956 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys 2011/07/26 01:46:46.0260 1956 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys 2011/07/26 01:46:46.0401 1956 O2MDRDR (3141d533be9f3386c8295e8375ecdb98) C:\Windows\system32\DRIVERS\o2media.sys 2011/07/26 01:46:46.0479 1956 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys 2011/07/26 01:46:46.0635 1956 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 2011/07/26 01:46:46.0697 1956 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys 2011/07/26 01:46:46.0822 1956 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 2011/07/26 01:46:46.0900 1956 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys 2011/07/26 01:46:47.0025 1956 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys 2011/07/26 01:46:47.0071 1956 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 2011/07/26 01:46:47.0165 1956 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 2011/07/26 01:46:47.0227 1956 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 2011/07/26 01:46:47.0461 1956 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 2011/07/26 01:46:47.0477 1956 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 2011/07/26 01:46:47.0617 1956 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 2011/07/26 01:46:47.0695 1956 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 2011/07/26 01:46:47.0820 1956 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 2011/07/26 01:46:47.0867 1956 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 2011/07/26 01:46:47.0898 1956 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 2011/07/26 01:46:48.0007 1956 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 2011/07/26 01:46:48.0054 1956 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 2011/07/26 01:46:48.0179 1956 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 2011/07/26 01:46:48.0210 1956 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 2011/07/26 01:46:48.0382 1956 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys 2011/07/26 01:46:48.0491 1956 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 2011/07/26 01:46:48.0585 1956 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys 2011/07/26 01:46:48.0709 1956 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys 2011/07/26 01:46:48.0772 1956 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 2011/07/26 01:46:48.0881 1956 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 2011/07/26 01:46:49.0006 1956 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys 2011/07/26 01:46:49.0131 1956 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys 2011/07/26 01:46:49.0240 1956 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys 2011/07/26 01:46:49.0427 1956 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 2011/07/26 01:46:49.0489 1956 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys 2011/07/26 01:46:49.0552 1956 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys 2011/07/26 01:46:49.0723 1956 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys 2011/07/26 01:46:49.0848 1956 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys 2011/07/26 01:46:49.0942 1956 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 2011/07/26 01:46:49.0989 1956 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 2011/07/26 01:46:50.0035 1956 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 2011/07/26 01:46:50.0145 1956 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 2011/07/26 01:46:50.0238 1956 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys 2011/07/26 01:46:50.0269 1956 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys 2011/07/26 01:46:50.0316 1956 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys 2011/07/26 01:46:50.0425 1956 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 2011/07/26 01:46:50.0535 1956 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys 2011/07/26 01:46:50.0628 1956 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 2011/07/26 01:46:50.0675 1956 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 2011/07/26 01:46:50.0706 1956 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 2011/07/26 01:46:50.0847 1956 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 2011/07/26 01:46:51.0034 1956 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys 2011/07/26 01:46:51.0081 1956 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys 2011/07/26 01:46:51.0205 1956 SrvHsfHDA (e00fdfaff025e94f9821153750c35a6d) C:\Windows\system32\DRIVERS\VSTAZL3.SYS 2011/07/26 01:46:51.0268 1956 SrvHsfV92 (ceb4e3b6890e1e42dca6694d9e59e1a0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS 2011/07/26 01:46:51.0408 1956 SrvHsfWinac (bc0c7ea89194c299f051c24119000e17) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS 2011/07/26 01:46:51.0517 1956 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys 2011/07/26 01:46:51.0580 1956 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 2011/07/26 01:46:51.0720 1956 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys 2011/07/26 01:46:51.0751 1956 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys 2011/07/26 01:46:51.0829 1956 SWDUMon (7168ea26833301750562bfd0a16a66d3) C:\Windows\system32\DRIVERS\SWDUMon.sys 2011/07/26 01:46:51.0985 1956 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys 2011/07/26 01:46:52.0188 1956 SynTP (91ac243740ca09a907e7cbd2da274c96) C:\Windows\system32\DRIVERS\SynTP.sys 2011/07/26 01:46:52.0391 1956 Tcpip (24326784df8f3d5f5bbb9f878ce33c14) C:\Windows\system32\drivers\tcpip.sys 2011/07/26 01:46:52.0563 1956 TCPIP6 (24326784df8f3d5f5bbb9f878ce33c14) C:\Windows\system32\DRIVERS\tcpip.sys 2011/07/26 01:46:52.0719 1956 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys 2011/07/26 01:46:52.0797 1956 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys 2011/07/26 01:46:52.0828 1956 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys 2011/07/26 01:46:52.0984 1956 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys 2011/07/26 01:46:53.0124 1956 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys 2011/07/26 01:46:53.0296 1956 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys 2011/07/26 01:46:53.0467 1956 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys 2011/07/26 01:46:53.0639 1956 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys 2011/07/26 01:46:53.0701 1956 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS 2011/07/26 01:46:53.0795 1956 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 2011/07/26 01:46:53.0873 1956 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys 2011/07/26 01:46:54.0029 1956 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys 2011/07/26 01:46:54.0091 1956 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys 2011/07/26 01:46:54.0216 1956 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 2011/07/26 01:46:54.0310 1956 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys 2011/07/26 01:46:54.0450 1956 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys 2011/07/26 01:46:54.0622 1956 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys 2011/07/26 01:46:54.0653 1956 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys 2011/07/26 01:46:54.0700 1956 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys 2011/07/26 01:46:54.0825 1956 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 2011/07/26 01:46:54.0887 1956 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\Windows\system32\DRIVERS\usbscan.sys 2011/07/26 01:46:55.0043 1956 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\drivers\USBSTOR.SYS 2011/07/26 01:46:55.0074 1956 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys 2011/07/26 01:46:55.0230 1956 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys 2011/07/26 01:46:55.0277 1956 UVCFTR (237c444fbd1c697a2e3fa60f02c61f22) C:\Windows\system32\Drivers\UVCFTR_S.SYS 2011/07/26 01:46:55.0433 1956 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys 2011/07/26 01:46:55.0495 1956 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 2011/07/26 01:46:55.0589 1956 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 2011/07/26 01:46:55.0698 1956 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys 2011/07/26 01:46:55.0807 1956 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys 2011/07/26 01:46:55.0870 1956 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 2011/07/26 01:46:55.0995 1956 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys 2011/07/26 01:46:56.0057 1956 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys 2011/07/26 01:46:56.0119 1956 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys 2011/07/26 01:46:56.0260 1956 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys 2011/07/26 01:46:56.0322 1956 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 2011/07/26 01:46:56.0463 1956 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys 2011/07/26 01:46:56.0650 1956 vpnva (0d8df4058901616a4e716ab67d472581) C:\Windows\system32\DRIVERS\vpnva.sys 2011/07/26 01:46:56.0712 1956 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 2011/07/26 01:46:56.0837 1956 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys 2011/07/26 01:46:56.0884 1956 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys 2011/07/26 01:46:57.0009 1956 wacmoumonitor (c3b03ed7b06657a3355f620bc02acfb6) C:\Windows\system32\DRIVERS\wacmoumonitor.sys 2011/07/26 01:46:57.0055 1956 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\Windows\system32\DRIVERS\wacommousefilter.sys 2011/07/26 01:46:57.0165 1956 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 2011/07/26 01:46:57.0289 1956 wacomvhid (846b58ea44bf8c92e4b59f4e2252c4c0) C:\Windows\system32\DRIVERS\wacomvhid.sys 2011/07/26 01:46:57.0352 1956 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 2011/07/26 01:46:57.0367 1956 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys 2011/07/26 01:46:57.0555 1956 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 2011/07/26 01:46:57.0617 1956 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 2011/07/26 01:46:57.0789 1956 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 2011/07/26 01:46:57.0820 1956 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 2011/07/26 01:46:58.0023 1956 WinUSB (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUSB.sys 2011/07/26 01:46:58.0179 1956 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys 2011/07/26 01:46:58.0288 1956 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 2011/07/26 01:46:58.0475 1956 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys 2011/07/26 01:46:58.0647 1956 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys 2011/07/26 01:46:58.0818 1956 yukonw7 (95c1a8e708efa7fcae03cae688465b0a) C:\Windows\system32\DRIVERS\yk62x86.sys 2011/07/26 01:46:58.0896 1956 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 2011/07/26 01:46:58.0927 1956 Boot (0x1200) (6989957f145c754a112bee3830ba1f16) \Device\Harddisk0\DR0\Partition0 2011/07/26 01:46:58.0959 1956 Boot (0x1200) (6b89186c1ec7ef173e7fedab4a3c61e7) \Device\Harddisk0\DR0\Partition1 2011/07/26 01:46:58.0959 1956 ================================================================================ 2011/07/26 01:46:58.0959 1956 Scan finished 2011/07/26 01:46:58.0959 1956 ================================================================================ 2011/07/26 01:46:58.0990 0988 Detected object count: 0 2011/07/26 01:46:58.0990 0988 Actual detected object count: 0
  4. Whoops, forgot the mbam log: Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Database version: 7232 Windows 6.1.7601 Service Pack 1 Internet Explorer 8.0.7601.17514 7/22/2011 10:38:38 PM mbam-log-2011-07-22 (22-38-38).txt Scan type: Quick scan Objects scanned: 162046 Time elapsed: 5 minute(s), 37 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  5. Hi there. I'm running Win7 32 on a toshiba laptop and having issues in Chrome and FF, as well with Security essentials. I've already run spybot and mbam several times, and this past time, nothing showed up but I'm still having the issue. Here's dds and attached are the ark file and the attach file. . DDS (Ver_11-05-19.01) - NTFSx86 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_24 Run by Shanna at 22:49:09 on 2011-07-22 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2038.1240 [GMT -4:00] . AV: Microsoft Security Essentials *Disabled/Outdated* {108DAC43-C256-20B7-BB05-914135DA5160} SP: Microsoft Security Essentials *Disabled/Outdated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\taskeng.exe C:\Windows\system32\rundll32.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\taskhost.exe C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\system32\taskeng.exe C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent.exe C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe C:\Windows\System32\igfxtray.exe C:\Program Files\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Users\Shanna\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Shanna\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Users\Shanna\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Users\Shanna\Desktop\dds.scr C:\Windows\system32\WSCRIPT.exe . ============== Pseudo HJT Report =============== . uInternet Settings,ProxyOverride = <local> BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\adobe acrobat 7.0\activex\AcroIEHelper.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\npdivx32.dll BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - c:\program files\divx\divx plus web player\npdivx32.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll EB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [Google Update] "c:\users\shanna\appdata\local\google\update\GoogleUpdate.exe" /c mRun: [<NO NAME>] mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe" mRun: [cAudioFilterAgent] c:\program files\conexant\caudiofilteragent\cAudioFilterAgent.exe mRun: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START mRun: [igfxTray] c:\windows\system32\igfxtray.exe mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe mRun: [Persistence] c:\windows\system32\igfxpers.exe mRun: [Cisco AnyConnect Secure Mobility Agent for Windows] "c:\program files\cisco\cisco anyconnect secure mobility client\vpnui.exe" -minimized mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Convert link target to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert to existing PDF - c:\program files\adobe\adobe acrobat 7.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Notify: igfxcui - igfxdev.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\users\shanna\appdata\roaming\mozilla\firefox\profiles\sia8rj4z.default\ FF - prefs.js: network.proxy.type - 4 FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSeymour.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\plugins\nphpclipbook.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\tabletplugins\npwacom.dll FF - plugin: c:\users\shanna\appdata\local\google\update\1.3.21.57\npGoogleUpdate3.dll FF - plugin: c:\windows\system32\wat\npWatWeb.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: DivX Plus Web Player HTML5 <video>: {23fcfd51-4958-4f00-80a3-ae97e717ed8b} - c:\program files\divx\divx plus web player\firefox\html5video FF - Ext: DivX HiQ: {6904342A-8307-11DF-A508-4AE2DFD72085} - c:\program files\divx\divx plus web player\firefox\wpa FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3 FF - Ext: HP Smart Web Printing: smartwebprinting@hp.com - c:\program files\hp\digital imaging\smart web printing\MozillaAddOn3 FF - Ext: FoxyProxy Standard: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung FF - Ext: FoxyProxy Basic: foxyproxy@eric.h.jung - %profile%\extensions\foxyproxy@eric.h.jung . ============= SERVICES / DRIVERS =============== . R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128] R2 TabletServiceWacom;TabletServiceWacom;c:\program files\tablet\wacom\Wacom_Tablet.exe [2010-12-15 4807536] R2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files\cisco\cisco anyconnect secure mobility client\vpnagent.exe [2011-5-23 465872] R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2008-3-4 48600] R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360] R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992] R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-5-20 314368] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2011-7-21 1153368] S3 acsock;acsock;c:\windows\system32\drivers\acsock.sys [2011-5-23 77968] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-12-27 31124344] S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2011-4-18 43392] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 65024] S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\antimalware\NisSrv.exe [2011-4-27 208944] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-7-18 15872] S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2011-2-20 11232] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-18 52224] S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2010-12-15 10752] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-12-10 1343400] S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\zune\WMZuneComm.exe [2010-11-11 268528] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-10 47128] S4 ScrybeUpdater;Scrybe Updater;c:\program files\synaptics\scrybe\service\ScrybeUpdater.exe [2011-1-14 1294848] . =============== Created Last 30 ================ . 2011-07-23 02:20:22 -------- d-----w- c:\program files\ESET 2011-07-22 22:21:38 -------- d-----w- c:\program files\Microsoft Security Client 2011-07-22 20:05:45 -------- d-----w- c:\users\shanna\appdata\roaming\Malwarebytes 2011-07-22 20:05:36 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-07-22 20:05:35 -------- d-----w- c:\programdata\Malwarebytes 2011-07-22 20:05:31 22712 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-07-22 20:05:31 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-07-22 05:44:01 -------- d-sh--w- C:\found.000 2011-07-22 01:00:31 -------- d-----w- c:\windows\system32\SPReview 2011-07-22 00:59:32 -------- d-----w- c:\windows\system32\EventProviders 2011-07-22 00:54:08 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-07-22 00:54:08 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-07-20 06:58:43 75776 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2011-07-20 06:58:43 5888 ----a-w- c:\windows\system32\drivers\usbd.sys 2011-07-20 06:58:43 43008 ----a-w- c:\windows\system32\drivers\usbehci.sys 2011-07-20 06:58:43 284672 ----a-w- c:\windows\system32\drivers\usbport.sys 2011-07-20 06:58:43 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys 2011-07-20 06:58:43 24064 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2011-07-20 06:58:43 20480 ----a-w- c:\windows\system32\drivers\usbohci.sys 2011-07-19 04:10:55 -------- d-----w- c:\programdata\VanDyke 2011-07-19 03:55:29 -------- d-----w- c:\users\shanna\appdata\roaming\VanDyke 2011-07-19 03:52:24 -------- d-----w- c:\program files\VanDyke Software 2011-07-19 03:51:09 -------- d-----w- c:\users\shanna\appdata\local\Downloaded Installations 2011-07-19 03:46:59 750592 ----a-w- c:\windows\system32\schedsvc.dll 2011-07-19 03:45:59 155472 ----a-w- c:\windows\system32\mscorier.dll 2011-07-19 03:44:59 50176 ----a-w- c:\windows\system32\drivers\appid.sys 2011-07-19 03:42:57 323072 ----a-w- c:\windows\system32\drvstore.dll 2011-07-19 03:42:56 257024 ----a-w- c:\windows\system32\dpx.dll 2011-07-19 03:39:59 -------- d-----w- c:\users\shanna\appdata\local\Cisco 2011-07-19 03:39:59 -------- d-----w- c:\program files\Cisco 2011-07-19 03:38:32 -------- d-----w- c:\programdata\Cisco 2011-07-19 03:16:59 2334208 ----a-w- c:\windows\system32\win32k.sys 2011-06-23 21:21:16 310272 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-06-23 21:21:15 311808 ----a-w- c:\windows\system32\drivers\srv.sys 2011-06-23 21:21:15 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-06-23 21:21:07 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys 2011-06-23 21:21:06 187776 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2011-06-23 21:21:05 338944 ----a-w- c:\windows\system32\drivers\afd.sys 2011-06-23 21:20:43 571904 ----a-w- c:\windows\system32\oleaut32.dll 2011-06-23 21:20:26 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe 2011-06-23 21:20:25 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe 2011-06-23 21:20:15 219136 ----a-w- c:\windows\system32\d3d10_1core.dll 2011-06-23 21:20:15 161792 ----a-w- c:\windows\system32\d3d10_1.dll 2011-06-23 21:20:06 741376 ----a-w- c:\windows\system32\inetcomm.dll 2011-06-23 21:18:57 123904 ----a-w- c:\windows\system32\poqexec.exe 2011-06-23 21:18:53 27008 ----a-w- c:\windows\system32\drivers\Diskdump.sys . ==================== Find3M ==================== . 2011-07-23 02:47:03 44544 ----a-w- c:\windows\system32\agremove.exe 2011-07-22 01:10:23 152576 ----a-w- c:\windows\system32\msclmd.dll 2011-06-03 06:01:04 169984 ----a-w- c:\windows\system32\winsrv.dll 2011-06-03 05:59:23 290816 ----a-w- c:\windows\system32\KernelBase.dll 2011-06-03 05:56:57 271872 ----a-w- c:\windows\system32\conhost.exe 2011-06-03 03:48:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2011-06-03 03:48:31 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2011-06-03 03:48:31 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2011-06-03 03:48:31 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2011-05-28 02:53:58 1638912 ----a-w- c:\windows\system32\mshtml.tlb 2011-05-24 10:44:59 293376 ----a-w- c:\windows\system32\umpnpmgr.dll 2011-05-23 18:55:29 10704 ----a-w- c:\windows\system32\vpncategories.dll 2011-05-23 18:55:22 32720 ----a-w- c:\windows\system32\vpnevents.dll 2011-05-23 18:45:27 23464 ----a-w- c:\windows\system32\drivers\vpnva.sys 2011-05-23 18:45:05 77968 ----a-r- c:\windows\system32\drivers\acsock.sys 2011-05-04 04:34:43 1549312 ----a-w- c:\windows\system32\tquery.dll 2011-05-04 04:32:02 666624 ----a-w- c:\windows\system32\mssvp.dll 2011-05-04 04:32:01 337408 ----a-w- c:\windows\system32\mssph.dll 2011-05-04 04:32:01 197120 ----a-w- c:\windows\system32\mssphtb.dll 2011-05-04 04:32:01 1401344 ----a-w- c:\windows\system32\mssrch.dll 2011-05-04 04:32:00 59392 ----a-w- c:\windows\system32\msscntrs.dll 2011-05-04 04:28:31 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe 2011-05-04 04:28:31 427520 ----a-w- c:\windows\system32\SearchIndexer.exe 2011-05-04 04:28:31 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe 2011-04-27 19:25:24 65024 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2011-04-27 02:17:36 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-04-27 02:17:28 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-04-27 02:17:22 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys . ============= FINISH: 22:51:31.29 =============== Attach (1).zip
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.