Jump to content

Recommended Posts

post-32477-1261866970.gif

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs for these tools, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Please run a new MBAM scan being sure to update before scanning.

Post the scan results

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

Link to post
Share on other sites

Hi

followed your instructions. mbam always seems to be blocking ip addresses. ran a scan after recently updating to the version but it still didnt pick anything up.

thanks for your help see below for attach, dds and scan results

SCAN RESULTS:

Database version: v2012.02.16.05

2/17/2012 12:09:53 AM

mbam-log-2012-02-17 (00-09-53).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 160806

Time elapsed: 10 minute(s), 11 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

ATTACH:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 1/22/2012 10:29:27 PM

System Uptime: 2/16/2012 9:11:24 AM (1 hours ago)

.

Motherboard: FUJITSU SIEMENS | | AMILO PRO V3515

Processor: Intel® Core Duo CPU T2450 @ 2.00GHz | mPGA 479M | 1596/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 112 GiB total, 70.851 GiB free.

D: is CDROM ()

E: is CDROM (CDFS)

F: is FIXED (NTFS) - 466 GiB total, 123.609 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1: 1/22/2012 10:36:07 PM - System Checkpoint

RP2: 1/22/2012 10:37:20 PM - Installed Windows XP KB889673.

RP3: 1/22/2012 10:38:08 PM - Installed Platform

RP4: 1/22/2012 10:42:40 PM - Installed Wireless LAN Driver Installation Program

RP5: 1/23/2012 12:10:54 AM - Software Distribution Service 3.0

RP6: 1/23/2012 12:18:49 AM - Installed Java 6 Update 30

RP7: 1/23/2012 12:29:02 AM - Installed Windows XP Service Pack 3.

RP8: 1/23/2012 12:43:42 AM - Installed Windows XP KB952954.

RP9: 1/23/2012 12:44:37 AM - Installed Windows XP KB955069.

RP10: 1/23/2012 12:45:29 AM - Installed Windows XP KB961501.

RP11: 1/23/2012 12:46:34 AM - Installed Windows XP KB969059.

RP12: 1/23/2012 12:47:46 AM - Installed Windows XP KB975560.

RP13: 1/23/2012 12:48:42 AM - Installed Windows XP KB978338.

RP14: 1/23/2012 12:50:08 AM - Installed Windows XP KB979482.

RP15: 1/23/2012 1:43:15 AM - Software Distribution Service 3.0

RP16: 1/23/2012 7:15:19 AM - Software Distribution Service 3.0

RP17: 1/23/2012 9:40:29 AM - Software Distribution Service 3.0

RP18: 1/23/2012 10:30:11 AM - Installed AVG 2012

RP19: 1/23/2012 10:30:43 AM - Installed AVG 2012

RP20: 1/24/2012 1:48:37 AM - Software Distribution Service 3.0

RP21: 1/24/2012 8:50:18 AM - Software Distribution Service 3.0

RP22: 1/24/2012 11:11:03 AM - Software Distribution Service 3.0

RP23: 1/25/2012 12:10:29 PM - Unsigned driver install

RP24: 1/25/2012 6:07:02 PM - Software Distribution Service 3.0

RP25: 1/26/2012 1:52:34 PM - Installed Windows XP WgaNotify.

RP26: 1/26/2012 6:21:31 PM - Software Distribution Service 3.0

RP27: 1/29/2012 8:24:28 PM - System Checkpoint

RP28: 1/30/2012 11:52:55 PM - Unsigned driver install

RP29: 1/31/2012 4:08:23 AM - Installed DirectX

RP30: 1/31/2012 4:18:47 AM -

RP31: 1/31/2012 4:20:33 AM - Unsigned driver install

RP32: 1/31/2012 10:59:25 AM - Installed Windows Media Format Runtime

RP33: 1/31/2012 11:00:17 AM - Unsigned driver install

RP34: 1/31/2012 11:03:27 AM - Unsigned driver install

RP35: 2/1/2012 1:37:07 AM - Unsigned driver install

RP36: 2/1/2012 1:40:58 AM - Unsigned driver install

RP37: 2/1/2012 1:42:14 AM - Software Distribution Service 3.0

RP38: 2/1/2012 1:45:58 AM - Unsigned driver install

RP39: 2/1/2012 1:49:50 AM - Unsigned driver install

RP40: 2/1/2012 1:51:17 AM - Unsigned driver install

RP41: 2/1/2012 2:32:37 AM - Installed Driver Detective.

RP42: 2/1/2012 2:36:56 AM - Removed Driver Detective.

RP43: 2/1/2012 2:54:22 AM - Installed Adobe Reader X (10.1.2).

RP44: 2/1/2012 9:47:39 AM - Unsigned driver install

RP45: 2/1/2012 7:50:35 PM - Unsigned driver install

RP46: 2/1/2012 9:47:55 PM - Restore Operation

RP47: 2/1/2012 10:43:27 PM - Restore Operation

RP48: 2/1/2012 10:46:58 PM - Restore Operation

RP49: 2/1/2012 11:18:09 PM - Restore Operation

RP50: 2/1/2012 11:22:17 PM - Restore Operation

RP51: 2/3/2012 2:18:51 PM - Unsigned driver install

RP52: 2/3/2012 3:30:39 PM - Unsigned driver install

RP53: 2/6/2012 2:09:18 PM - System Checkpoint

RP54: 2/9/2012 2:02:48 AM - System Checkpoint

RP55: 2/12/2012 3:52:30 AM - System Checkpoint

RP56: 2/13/2012 12:23:25 AM - Unsigned driver install

RP57: 2/13/2012 4:18:43 PM - Unsigned driver install

RP58: 2/14/2012 7:22:57 PM - System Checkpoint

RP59: 2/15/2012 12:00:53 PM - Installed Windows Media Player 11

RP60: 2/15/2012 12:02:49 PM - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Reader X (10.1.2)

ALPS Touch Pad Driver

Audacity 1.2.6

AVG 2012

Conexant HD Audio

DAEMON Tools Lite

Dropbox

Google Chrome

High Definition Audio Driver Package - KB888111

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB976002-v5)

Hotfix for Windows XP (KB981793)

Hotkey 1.0.4

J2SE Runtime Environment 5.0 Update 6

Java Auto Updater

Java 6 Update 30

LAME v3.98.3 for Audacity

Malwarebytes Anti-Malware version 1.60.1.1000

Metal Gear Solid

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Platform

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Windows (KB2564958)

Security Update for Step By Step Interactive Training (KB898458)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 9 (KB911565)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982381)

Security Update for Windows XP (KB982665)

Soft Data Fax Modem with SmartCP

Steinberg Cubase SX v3.1.1.944

Syncrosoft's License Control

SyncroSoft Emu (Remove only)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB2598845)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2641690)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

VIA Platform Device Manager

VIA Rhine-Family Fast Ethernet Adapter

VIA/S3G Display Driver 6.14.10.0071

VLC media player 1.1.11

WebFldrs XP

Windows Genuine Advantage Notifications (KB905474)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

WinRAR 4.10 (32-bit)

Wireless LAN Driver Installation Program

.

==== End Of File ===========================

DDS:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by John Gary at 10:37:21 on 2012-02-16

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.766.442 [GMT 0:00]

.

AV: AVG Internet Security 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

FW: AVG Firewall *Enabled*

.

============== Running Processes ===============

.

C:\PROGRA~1\AVG\AVG2012\avgrsx.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Hotkey 1.0.4\FuncKey.exe

C:\Program Files\Apoint2K\Apoint.exe

C:\WINDOWS\system32\VTTimer.exe

C:\WINDOWS\system32\S3trayp.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\AVG\AVG2012\avgtray.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Apoint2K\Apntex.exe

C:\Documents and Settings\John Gary\Local Settings\Application Data\Google\Update\1.3.21.99\GoogleCrashHandler.exe

svchost.exe

C:\Program Files\AVG\AVG2012\avgfws.exe

C:\Program Files\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.0.6\ToolbarUpdater.exe

C:\Program Files\AVG\AVG2012\avgnsx.exe

C:\Program Files\AVG\AVG2012\avgemcx.exe

C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe

C:\Program Files\AVG\AVG2012\avgcsrvx.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://search.babylon.com/?AF=109130&babsrc=HP_ss&mntrId=841971f500000000000000c0a8e81a36

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.0.0.7\AVG Secure Search_toolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.0.0.7\AVG Secure Search_toolbar.dll

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

uRun: [Google Update] "c:\documents and settings\john gary\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [FuncKey] "c:\program files\hotkey 1.0.4\FuncKey.exe"

mRun: [Apoint] c:\program files\apoint2k\Apoint.exe

mRun: [VTTimer] VTTimer.exe

mRun: [s3Trayp] S3trayp.exe

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"

mRun: [vProt] "c:\program files\avg secure search\vprot.exe"

mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12

mRun: [H2O] c:\program files\syncrosoft\pos\h2o\cledx.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

StartupFolder: c:\docume~1\johnga~1\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\john gary\application data\dropbox\bin\Dropbox.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

TCP: DhcpNameServer = 89.101.160.4 89.101.160.5

TCP: Interfaces\{FD189A56-2475-47D9-BC52-C6EE32A09013} : DhcpNameServer = 89.101.160.4 89.101.160.5

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\10.0.6\ViProtocol.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-2-13 242240]

R2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2011-11-23 2391832]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-1-22 652360]

R2 vToolbarUpdater;vToolbarUpdater;c:\program files\common files\avg secure search\vtoolbarupdater\10.0.6\ToolbarUpdater.exe [2012-1-29 909152]

R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134608]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720]

R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [2012-1-31 33792]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-1-22 20464]

R3 S3GIGP;S3GIGP;c:\windows\system32\drivers\S3gIGPm.sys [2012-1-22 659456]

S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2011-5-23 30944]

.

=============== Created Last 30 ================

.

2012-02-15 12:05:56 -------- d-----w- c:\program files\Windows Media Connect 2

2012-02-15 12:04:29 276992 ------w- c:\windows\system32\audiodev.dll

2012-02-15 12:03:44 -------- d-----w- c:\windows\system32\LogFiles

2012-02-13 00:22:54 242240 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2012-02-13 00:22:40 -------- d-----w- c:\program files\DAEMON Tools Lite

2012-02-13 00:10:57 -------- d-----w- c:\program files\MagicISO

2012-02-13 00:09:23 -------- d-----w- c:\documents and settings\john gary\application data\DAEMON Tools Lite

2012-02-13 00:09:18 -------- d-----w- c:\documents and settings\all users\application data\DAEMON Tools Lite

2012-02-12 23:58:42 -------- d-----w- c:\program files\Metal Gear Solid

2012-02-12 22:40:36 -------- d-----w- c:\documents and settings\john gary\application data\Dropbox

2012-02-06 23:41:50 -------- d-sh--w- c:\documents and settings\john gary\PrivacIE

2012-02-06 13:50:28 -------- d-----w- c:\documents and settings\john gary\local settings\application data\Identities

2012-02-01 23:20:42 -------- d-----w- c:\documents and settings\all users\application data\Babylon

2012-02-01 23:05:30 -------- d-----w- c:\documents and settings\john gary\local settings\application data\Babylon

2012-02-01 23:05:28 -------- d-----w- c:\documents and settings\john gary\application data\Babylon

2012-02-01 22:21:41 -------- d-----w- C:\tmp

2012-02-01 02:56:12 -------- d-----w- c:\documents and settings\john gary\local settings\application data\Adobe

2012-02-01 02:34:42 -------- d-----w- c:\documents and settings\all users\application data\PC Drivers HeadQuarters Inc

2012-02-01 02:30:30 -------- d-----w- c:\documents and settings\john gary\application data\GetRightToGo

2012-02-01 02:05:12 -------- d-----w- c:\documents and settings\all users\application data\HardwareHelper

2012-01-31 11:09:55 -------- d-----w- c:\documents and settings\john gary\application data\Steinberg

2012-01-31 11:03:34 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys

2012-01-31 11:00:27 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys

2012-01-31 11:00:25 47616 ----a-w- c:\program files\windows media player\msoobci.dll

2012-01-31 11:00:25 1669120 ----a-w- c:\program files\windows media player\wmsetsdk.exe

2012-01-31 10:58:12 -------- d-----w- c:\program files\Steinberg

2012-01-31 04:19:09 33792 ----a-w- c:\windows\system32\drivers\cledx.sys

2012-01-31 04:18:53 16896 ----a-w- c:\windows\system32\drivers\synasUSB.sys

2012-01-31 04:18:49 45056 ----a-w- c:\windows\system32\Synsopos.exe

2012-01-31 04:18:48 147456 ----a-w- c:\windows\system32\SynsoLChk.dll

2012-01-31 04:18:47 704512 ----a-w- c:\windows\system32\SYNSOACC.dll

2012-01-31 04:18:47 -------- d-----w- c:\program files\Syncrosoft

2012-01-31 04:10:59 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll

2012-01-31 04:09:58 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll

2012-01-31 03:55:44 -------- d--h--w- c:\windows\msdownld.tmp

2012-01-31 03:55:32 -------- d-----w- c:\windows\Logs

2012-01-29 20:29:49 -------- d-----w- c:\program files\VideoLAN

2012-01-29 19:45:39 -------- d-----w- c:\program files\AVG Secure Search

2012-01-29 19:11:23 -------- d-----w- c:\windows\system32\cache

2012-01-26 13:54:25 -------- d-----w- c:\documents and settings\john gary\local settings\application data\PCHealth

2012-01-25 12:20:02 -------- d-----w- c:\program files\Lame For Audacity

2012-01-25 12:19:36 -------- d-----w- c:\program files\Audacity

2012-01-25 12:10:59 60032 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys

2012-01-25 12:10:29 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2012-01-24 17:14:42 -------- d--h--w- C:\$AVG

2012-01-24 02:19:43 953856 -c----w- c:\windows\system32\dllcache\mfc40u.dll

2012-01-24 02:18:41 617472 -c----w- c:\windows\system32\dllcache\comctl32.dll

2012-01-24 02:17:58 40960 -c----w- c:\windows\system32\dllcache\ndproxy.sys

2012-01-24 02:15:36 139656 -c----w- c:\windows\system32\dllcache\rdpwd.sys

2012-01-24 02:15:33 105472 -c----w- c:\windows\system32\dllcache\mup.sys

2012-01-24 02:07:52 -------- d-----w- C:\e90ea2dd7349978957b4

2012-01-24 02:05:07 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys

2012-01-24 02:01:04 45568 -c----w- c:\windows\system32\dllcache\wab.exe

2012-01-24 01:56:12 -------- d-----w- c:\windows\system32\XPSViewer

2012-01-24 01:55:43 89088 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

2012-01-24 01:55:23 117760 ------w- c:\windows\system32\prntvpt.dll

2012-01-24 01:55:22 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2012-01-24 01:55:22 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2012-01-24 01:55:22 597504 ------w- c:\windows\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe

2012-01-24 01:55:22 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll

2012-01-24 01:55:22 575488 ------w- c:\windows\system32\xpsshhdr.dll

2012-01-24 01:55:21 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll

2012-01-24 01:55:21 1676288 ------w- c:\windows\system32\xpssvcs.dll

2012-01-24 01:55:21 -------- d-----w- C:\2aebcf14e6db3061638b00

2012-01-23 12:30:39 -------- d-----w- c:\documents and settings\john gary\.swt

2012-01-23 12:30:35 -------- d-----w- c:\documents and settings\john gary\application data\Azureus

2012-01-23 12:29:53 -------- d-----w- c:\program files\Vuze

2012-01-23 12:19:34 -------- d-sh--w- c:\documents and settings\john gary\IETldCache

2012-01-23 10:34:20 -------- d-----w- c:\documents and settings\john gary\application data\AVG2012

2012-01-23 10:32:45 -------- d-----w- c:\documents and settings\john gary\application data\AVG Secure Search

2012-01-23 10:32:43 -------- d-----w- c:\documents and settings\all users\application data\AVG Secure Search

2012-01-23 10:32:40 -------- d-----w- c:\program files\common files\AVG Secure Search

2012-01-23 10:30:58 -------- d-----w- c:\windows\system32\drivers\AVG

2012-01-23 10:30:58 -------- d-----w- c:\documents and settings\all users\application data\AVG2012

2012-01-23 10:30:12 -------- d-----w- c:\program files\AVG

2012-01-23 09:48:43 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll

2012-01-23 09:48:22 -------- d-----w- c:\windows\ie8updates

2012-01-23 09:48:09 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2012-01-23 09:48:08 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2012-01-23 09:48:08 602112 -c----w- c:\windows\system32\dllcache\msfeeds.dll

2012-01-23 09:48:08 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll

2012-01-23 09:48:08 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2012-01-23 09:48:08 2000384 -c----w- c:\windows\system32\dllcache\iertutil.dll

2012-01-23 09:48:08 11081728 -c----w- c:\windows\system32\dllcache\ieframe.dll

2012-01-23 09:46:37 -------- dc-h--w- c:\windows\ie8

2012-01-23 07:32:12 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll

2012-01-23 07:31:28 284160 -c----w- c:\windows\system32\dllcache\pdh.dll

2012-01-23 07:31:27 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll

2012-01-23 07:31:27 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll

2012-01-23 07:31:27 110592 -c----w- c:\windows\system32\dllcache\services.exe

2012-01-23 07:31:26 718336 -c----w- c:\windows\system32\dllcache\ntdll.dll

2012-01-23 07:31:26 617472 -c----w- c:\windows\system32\dllcache\advapi32.dll

2012-01-23 07:31:26 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll

2012-01-23 07:31:26 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe

2012-01-23 01:28:13 272128 -c----w- c:\windows\system32\dllcache\bthport.sys

2012-01-23 01:25:25 357888 -c----w- c:\windows\system32\dllcache\srv.sys

2012-01-23 01:24:50 2148864 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe

2012-01-23 01:24:49 2027008 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe

2012-01-23 01:24:48 2069376 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe

2012-01-23 01:19:20 456320 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2012-01-23 01:08:19 744448 -c----w- c:\windows\system32\dllcache\helpsvc.exe

2012-01-23 00:49:00 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll

2012-01-23 00:49:00 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll

2012-01-23 00:48:36 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe

2012-01-23 00:47:15 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys

2012-01-23 00:46:48 331776 -c----w- c:\windows\system32\dllcache\msadce.dll

2012-01-23 00:46:16 153088 -c----w- c:\windows\system32\dllcache\triedit.dll

2012-01-23 00:39:28 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll

2012-01-23 00:39:28 79872 ------w- c:\windows\system32\msxml6r.dll

2012-01-23 00:39:28 1372672 -c----w- c:\windows\system32\dllcache\msxml6.dll

2012-01-23 00:39:28 1372672 ------w- c:\windows\system32\msxml6.dll

2012-01-23 00:35:04 -------- d-----w- c:\windows\ServicePackFiles

2012-01-23 00:34:41 294912 ------w- c:\program files\windows media player\dlimport.exe

2012-01-23 00:34:34 294912 -c----w- c:\windows\system32\dllcache\dlimport.exe

2012-01-23 00:31:59 46464 ------w- c:\windows\system32\drivers\gagp30kx.sys

2012-01-23 00:28:52 19569 ----a-w- c:\windows\002988_.tmp

2012-01-23 00:20:37 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll

2012-01-23 00:19:11 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-01-23 00:19:11 472808 ----a-w- c:\windows\system32\deployJava1.dll

2012-01-23 00:15:49 5120 ----a-w- c:\windows\system32\xpsp4res.dll

2012-01-23 00:15:49 218112 -c----w- c:\windows\system32\dllcache\wordpad.exe

2012-01-23 00:11:21 -------- d-----w- c:\windows\system32\PreInstall

2012-01-22 23:25:35 -------- d--h--w- c:\documents and settings\all users\application data\Common Files

2012-01-22 23:17:30 -------- d-----w- c:\documents and settings\all users\application data\MFAData

2012-01-22 23:11:39 226880 -c----w- c:\windows\system32\dllcache\tcpip6.sys

2012-01-22 23:11:39 100864 -c----w- c:\windows\system32\dllcache\6to4svc.dll

2012-01-22 23:10:52 74240 -c----w- c:\windows\system32\dllcache\mscms.dll

2012-01-22 23:10:06 1435648 -c----w- c:\windows\system32\dllcache\query.dll

2012-01-22 23:08:31 345600 -c----w- c:\windows\system32\dllcache\localspl.dll

2012-01-22 23:07:56 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll

2012-01-22 23:07:56 1292288 -c----w- c:\windows\system32\dllcache\quartz.dll

2012-01-22 23:07:29 -------- d-----w- c:\documents and settings\john gary\application data\Malwarebytes

2012-01-22 23:07:26 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-01-22 23:07:25 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-01-22 23:07:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-01-22 23:07:21 65536 -c----w- c:\windows\system32\dllcache\asycfilt.dll

2012-01-22 23:04:41 293376 ------w- c:\windows\system32\browserchoice.exe

.

==================== Find3M ====================

.

2011-11-25 21:57:19 293376 ----a-w- c:\windows\system32\winsrv.dll

2011-11-23 13:25:32 1859584 ----a-w- c:\windows\system32\win32k.sys

2011-11-18 12:35:08 60416 ----a-w- c:\windows\system32\packager.exe

.

============= FINISH: 10:38:31.40 ===============

Link to post
Share on other sites

Next:

Download TDSSKiller from here and save it to your Desktop.

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Link to post
Share on other sites

Ok I did everything you told me and made it to step 4. It found 118 threats which were all unsigned files so when I made sure it was assigned to "skip" and hit continue. But no restart message came up it jus closed after it 'cured' something of which I dont know as I ran the scan again and came up with the same results. Also I searched for scan logs but couldnt find it in c:. Not the most literate with computers to be honest....at all!

Thanks for your help

You're doing a great job!

Link to post
Share on other sites

actually is this what you're looking for?

03:17:15.0875 3648 TDSS rootkit removing tool 2.7.13.0 Feb 15 2012 19:33:14

03:17:16.0265 3648 ============================================================

03:17:16.0265 3648 Current date / time: 2012/02/18 03:17:16.0265

03:17:16.0265 3648 SystemInfo:

03:17:16.0265 3648

03:17:16.0265 3648 OS Version: 5.1.2600 ServicePack: 3.0

03:17:16.0265 3648 Product type: Workstation

03:17:16.0265 3648 ComputerName: ROCK-EB6A1A499A

03:17:16.0265 3648 UserName: John Gary

03:17:16.0265 3648 Windows directory: C:\WINDOWS

03:17:16.0265 3648 System windows directory: C:\WINDOWS

03:17:16.0281 3648 Processor architecture: Intel x86

03:17:16.0281 3648 Number of processors: 2

03:17:16.0281 3648 Page size: 0x1000

03:17:16.0281 3648 Boot type: Normal boot

03:17:16.0281 3648 ============================================================

03:17:18.0703 3648 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

03:17:18.0703 3648 \Device\Harddisk0\DR0:

03:17:18.0703 3648 MBR used

03:17:18.0703 3648 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xDF8F8C1

03:17:18.0703 3648 Initialize success

03:17:18.0703 3648 ============================================================

03:17:51.0078 2552 ============================================================

03:17:51.0078 2552 Scan started

03:17:51.0078 2552 Mode: Manual; SigCheck; TDLFS;

03:17:51.0078 2552 ============================================================

03:17:51.0703 2552 Abiosdsk - ok

03:17:51.0765 2552 abp480n5 - ok

03:17:51.0859 2552 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

03:17:52.0171 2552 ACPI ( UnsignedFile.Multi.Generic ) - warning

03:17:52.0171 2552 ACPI - detected UnsignedFile.Multi.Generic (1)

03:17:52.0218 2552 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

03:17:52.0250 2552 ACPIEC ( UnsignedFile.Multi.Generic ) - warning

03:17:52.0250 2552 ACPIEC - detected UnsignedFile.Multi.Generic (1)

03:17:52.0250 2552 adpu160m - ok

03:17:52.0296 2552 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

03:17:52.0312 2552 aec ( UnsignedFile.Multi.Generic ) - warning

03:17:52.0312 2552 aec - detected UnsignedFile.Multi.Generic (1)

03:17:52.0359 2552 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

03:17:52.0468 2552 AFD - ok

03:17:52.0484 2552 Aha154x - ok

03:17:52.0500 2552 aic78u2 - ok

03:17:52.0515 2552 aic78xx - ok

03:17:52.0531 2552 AliIde - ok

03:17:52.0546 2552 amsint - ok

03:17:52.0593 2552 ApfiltrService (e1e803933b17c3f3fa4e7385b97fc4f2) C:\WINDOWS\system32\DRIVERS\Apfiltr.sys

03:17:52.0609 2552 ApfiltrService ( UnsignedFile.Multi.Generic ) - warning

03:17:52.0609 2552 ApfiltrService - detected UnsignedFile.Multi.Generic (1)

03:17:52.0671 2552 AR5211 (d07ccc37476034ebf5de4608a8af4386) C:\WINDOWS\system32\DRIVERS\ar5211.sys

03:17:52.0703 2552 AR5211 ( UnsignedFile.Multi.Generic ) - warning

03:17:52.0703 2552 AR5211 - detected UnsignedFile.Multi.Generic (1)

03:17:52.0718 2552 asc - ok

03:17:52.0734 2552 asc3350p - ok

03:17:52.0750 2552 asc3550 - ok

03:17:52.0812 2552 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

03:17:52.0828 2552 AsyncMac ( UnsignedFile.Multi.Generic ) - warning

03:17:52.0828 2552 AsyncMac - detected UnsignedFile.Multi.Generic (1)

03:17:52.0875 2552 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

03:17:52.0906 2552 atapi ( UnsignedFile.Multi.Generic ) - warning

03:17:52.0906 2552 atapi - detected UnsignedFile.Multi.Generic (1)

03:17:52.0906 2552 Atdisk - ok

03:17:52.0984 2552 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

03:17:52.0984 2552 Atmarpc ( UnsignedFile.Multi.Generic ) - warning

03:17:52.0984 2552 Atmarpc - detected UnsignedFile.Multi.Generic (1)

03:17:53.0031 2552 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

03:17:53.0031 2552 audstub ( UnsignedFile.Multi.Generic ) - warning

03:17:53.0031 2552 audstub - detected UnsignedFile.Multi.Generic (1)

03:17:53.0062 2552 Avgfwdx (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys

03:17:53.0093 2552 Avgfwdx - ok

03:17:53.0109 2552 Avgfwfd (841b0a982065bffc7d7e84009f2fa76f) C:\WINDOWS\system32\DRIVERS\avgfwdx.sys

03:17:53.0125 2552 Avgfwfd - ok

03:17:53.0187 2552 AVGIDSDriver (4fa401b33c1b50c816486f6951244a14) C:\WINDOWS\system32\DRIVERS\AVGIDSDriver.Sys

03:17:53.0375 2552 AVGIDSDriver - ok

03:17:53.0390 2552 AVGIDSEH (69578bc9d43d614c6b3455db4af19762) C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys

03:17:53.0406 2552 AVGIDSEH - ok

03:17:53.0437 2552 AVGIDSFilter (6df528406aa22201f392b9b19121cd6f) C:\WINDOWS\system32\DRIVERS\AVGIDSFilter.Sys

03:17:53.0468 2552 AVGIDSFilter - ok

03:17:53.0484 2552 AVGIDSShim (1e01c2166b5599802bcd61b9691f7476) C:\WINDOWS\system32\DRIVERS\AVGIDSShim.Sys

03:17:53.0500 2552 AVGIDSShim - ok

03:17:53.0531 2552 Avgldx86 (bf8118cd5e2255387b715b534d64acd1) C:\WINDOWS\system32\DRIVERS\avgldx86.sys

03:17:53.0578 2552 Avgldx86 - ok

03:17:53.0593 2552 Avgmfx86 (1c77ef67f196466adc9924cb288afe87) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

03:17:53.0609 2552 Avgmfx86 - ok

03:17:53.0625 2552 Avgrkx86 (f2038ed7284b79dcef581468121192a9) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

03:17:53.0656 2552 Avgrkx86 - ok

03:17:53.0687 2552 Avgtdix (a6d562b612216d8d02a35ebeb92366bd) C:\WINDOWS\system32\DRIVERS\avgtdix.sys

03:17:53.0781 2552 Avgtdix - ok

03:17:53.0875 2552 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

03:17:53.0890 2552 Beep ( UnsignedFile.Multi.Generic ) - warning

03:17:53.0890 2552 Beep - detected UnsignedFile.Multi.Generic (1)

03:17:53.0968 2552 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

03:17:54.0000 2552 cbidf2k ( UnsignedFile.Multi.Generic ) - warning

03:17:54.0000 2552 cbidf2k - detected UnsignedFile.Multi.Generic (1)

03:17:54.0015 2552 cd20xrnt - ok

03:17:54.0078 2552 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

03:17:54.0078 2552 Cdaudio ( UnsignedFile.Multi.Generic ) - warning

03:17:54.0078 2552 Cdaudio - detected UnsignedFile.Multi.Generic (1)

03:17:54.0109 2552 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

03:17:54.0125 2552 Cdfs ( UnsignedFile.Multi.Generic ) - warning

03:17:54.0125 2552 Cdfs - detected UnsignedFile.Multi.Generic (1)

03:17:54.0187 2552 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

03:17:54.0187 2552 Cdrom ( UnsignedFile.Multi.Generic ) - warning

03:17:54.0187 2552 Cdrom - detected UnsignedFile.Multi.Generic (1)

03:17:54.0203 2552 Changer - ok

03:17:54.0281 2552 CLEDX (b53f9635457b56dcffef750e18aec6cb) C:\WINDOWS\system32\DRIVERS\cledx.sys

03:17:54.0281 2552 CLEDX ( UnsignedFile.Multi.Generic ) - warning

03:17:54.0281 2552 CLEDX - detected UnsignedFile.Multi.Generic (1)

03:17:54.0359 2552 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

03:17:54.0359 2552 CmBatt ( UnsignedFile.Multi.Generic ) - warning

03:17:54.0359 2552 CmBatt - detected UnsignedFile.Multi.Generic (1)

03:17:54.0390 2552 CmdIde - ok

03:17:54.0406 2552 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

03:17:54.0421 2552 Compbatt ( UnsignedFile.Multi.Generic ) - warning

03:17:54.0421 2552 Compbatt - detected UnsignedFile.Multi.Generic (1)

03:17:54.0484 2552 Cpqarray - ok

03:17:54.0515 2552 dac2w2k - ok

03:17:54.0546 2552 dac960nt - ok

03:17:54.0625 2552 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

03:17:54.0640 2552 Disk ( UnsignedFile.Multi.Generic ) - warning

03:17:54.0640 2552 Disk - detected UnsignedFile.Multi.Generic (1)

03:17:54.0781 2552 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

03:17:54.0828 2552 dmboot ( UnsignedFile.Multi.Generic ) - warning

03:17:54.0828 2552 dmboot - detected UnsignedFile.Multi.Generic (1)

03:17:54.0843 2552 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

03:17:54.0875 2552 dmio ( UnsignedFile.Multi.Generic ) - warning

03:17:54.0875 2552 dmio - detected UnsignedFile.Multi.Generic (1)

03:17:54.0906 2552 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

03:17:54.0953 2552 dmload ( UnsignedFile.Multi.Generic ) - warning

03:17:54.0953 2552 dmload - detected UnsignedFile.Multi.Generic (1)

03:17:55.0000 2552 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

03:17:55.0015 2552 DMusic ( UnsignedFile.Multi.Generic ) - warning

03:17:55.0015 2552 DMusic - detected UnsignedFile.Multi.Generic (1)

03:17:55.0062 2552 dpti2o - ok

03:17:55.0109 2552 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

03:17:55.0125 2552 drmkaud ( UnsignedFile.Multi.Generic ) - warning

03:17:55.0125 2552 drmkaud - detected UnsignedFile.Multi.Generic (1)

03:17:55.0171 2552 dtsoftbus01 (687af6bb383885ff6a64071b189a7f3e) C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys

03:17:55.0203 2552 dtsoftbus01 - ok

03:17:55.0281 2552 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

03:17:55.0296 2552 Fastfat ( UnsignedFile.Multi.Generic ) - warning

03:17:55.0296 2552 Fastfat - detected UnsignedFile.Multi.Generic (1)

03:17:55.0359 2552 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

03:17:55.0390 2552 Fdc ( UnsignedFile.Multi.Generic ) - warning

03:17:55.0390 2552 Fdc - detected UnsignedFile.Multi.Generic (1)

03:17:55.0437 2552 FETND5BV (47d9ee42ae1659b220df7b1bb2720df1) C:\WINDOWS\system32\DRIVERS\fetnd5bv.sys

03:17:55.0468 2552 FETND5BV ( UnsignedFile.Multi.Generic ) - warning

03:17:55.0468 2552 FETND5BV - detected UnsignedFile.Multi.Generic (1)

03:17:55.0515 2552 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys

03:17:55.0531 2552 FETNDIS ( UnsignedFile.Multi.Generic ) - warning

03:17:55.0531 2552 FETNDIS - detected UnsignedFile.Multi.Generic (1)

03:17:55.0562 2552 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

03:17:55.0562 2552 Fips ( UnsignedFile.Multi.Generic ) - warning

03:17:55.0562 2552 Fips - detected UnsignedFile.Multi.Generic (1)

03:17:55.0593 2552 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

03:17:55.0609 2552 Flpydisk ( UnsignedFile.Multi.Generic ) - warning

03:17:55.0609 2552 Flpydisk - detected UnsignedFile.Multi.Generic (1)

03:17:55.0656 2552 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

03:17:55.0671 2552 FltMgr ( UnsignedFile.Multi.Generic ) - warning

03:17:55.0671 2552 FltMgr - detected UnsignedFile.Multi.Generic (1)

03:17:55.0718 2552 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

03:17:55.0734 2552 Fs_Rec ( UnsignedFile.Multi.Generic ) - warning

03:17:55.0734 2552 Fs_Rec - detected UnsignedFile.Multi.Generic (1)

03:17:55.0781 2552 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

03:17:55.0796 2552 Ftdisk ( UnsignedFile.Multi.Generic ) - warning

03:17:55.0796 2552 Ftdisk - detected UnsignedFile.Multi.Generic (1)

03:17:55.0859 2552 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

03:17:55.0859 2552 Gpc ( UnsignedFile.Multi.Generic ) - warning

03:17:55.0859 2552 Gpc - detected UnsignedFile.Multi.Generic (1)

03:17:55.0937 2552 HdAudAddService (08f0f83fdb49cdbcacf546971a660524) C:\WINDOWS\system32\drivers\CHDAud.sys

03:17:55.0984 2552 HdAudAddService ( UnsignedFile.Multi.Generic ) - warning

03:17:56.0000 2552 HdAudAddService - detected UnsignedFile.Multi.Generic (1)

03:17:56.0031 2552 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

03:17:56.0046 2552 HDAudBus ( UnsignedFile.Multi.Generic ) - warning

03:17:56.0046 2552 HDAudBus - detected UnsignedFile.Multi.Generic (1)

03:17:56.0125 2552 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

03:17:56.0125 2552 HidUsb ( UnsignedFile.Multi.Generic ) - warning

03:17:56.0125 2552 HidUsb - detected UnsignedFile.Multi.Generic (1)

03:17:56.0156 2552 hpn - ok

03:17:56.0187 2552 HSFHWAZL (d8d9ded6dcc4e3aee633e6ba462b75c4) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys

03:17:56.0250 2552 HSFHWAZL ( UnsignedFile.Multi.Generic ) - warning

03:17:56.0250 2552 HSFHWAZL - detected UnsignedFile.Multi.Generic (1)

03:17:56.0343 2552 HSF_DPV (2df42cf7300b14b15953218a2b32217c) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

03:17:56.0453 2552 HSF_DPV ( UnsignedFile.Multi.Generic ) - warning

03:17:56.0453 2552 HSF_DPV - detected UnsignedFile.Multi.Generic (1)

03:17:56.0515 2552 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

03:17:56.0546 2552 HTTP - ok

03:17:56.0578 2552 i2omgmt - ok

03:17:56.0609 2552 i2omp - ok

03:17:56.0687 2552 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

03:17:56.0687 2552 i8042prt ( UnsignedFile.Multi.Generic ) - warning

03:17:56.0687 2552 i8042prt - detected UnsignedFile.Multi.Generic (1)

03:17:56.0750 2552 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

03:17:56.0765 2552 Imapi ( UnsignedFile.Multi.Generic ) - warning

03:17:56.0765 2552 Imapi - detected UnsignedFile.Multi.Generic (1)

03:17:56.0812 2552 ini910u - ok

03:17:56.0859 2552 IntelIde - ok

03:17:56.0921 2552 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

03:17:56.0921 2552 intelppm ( UnsignedFile.Multi.Generic ) - warning

03:17:56.0921 2552 intelppm - detected UnsignedFile.Multi.Generic (1)

03:17:56.0984 2552 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

03:17:57.0000 2552 Ip6Fw ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0000 2552 Ip6Fw - detected UnsignedFile.Multi.Generic (1)

03:17:57.0031 2552 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

03:17:57.0062 2552 IpFilterDriver ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0062 2552 IpFilterDriver - detected UnsignedFile.Multi.Generic (1)

03:17:57.0093 2552 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

03:17:57.0093 2552 IpInIp ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0093 2552 IpInIp - detected UnsignedFile.Multi.Generic (1)

03:17:57.0140 2552 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

03:17:57.0171 2552 IpNat ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0171 2552 IpNat - detected UnsignedFile.Multi.Generic (1)

03:17:57.0203 2552 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

03:17:57.0203 2552 IPSec ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0203 2552 IPSec - detected UnsignedFile.Multi.Generic (1)

03:17:57.0234 2552 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

03:17:57.0250 2552 IRENUM ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0250 2552 IRENUM - detected UnsignedFile.Multi.Generic (1)

03:17:57.0296 2552 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

03:17:57.0296 2552 isapnp ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0296 2552 isapnp - detected UnsignedFile.Multi.Generic (1)

03:17:57.0359 2552 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

03:17:57.0375 2552 Kbdclass ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0375 2552 Kbdclass - detected UnsignedFile.Multi.Generic (1)

03:17:57.0406 2552 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

03:17:57.0437 2552 kmixer ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0437 2552 kmixer - detected UnsignedFile.Multi.Generic (1)

03:17:57.0468 2552 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

03:17:57.0484 2552 KSecDD ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0484 2552 KSecDD - detected UnsignedFile.Multi.Generic (1)

03:17:57.0531 2552 lbrtfdc - ok

03:17:57.0593 2552 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys

03:17:57.0609 2552 MBAMProtector - ok

03:17:57.0656 2552 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

03:17:57.0671 2552 mdmxsdk ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0671 2552 mdmxsdk - detected UnsignedFile.Multi.Generic (1)

03:17:57.0734 2552 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

03:17:57.0734 2552 mnmdd ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0734 2552 mnmdd - detected UnsignedFile.Multi.Generic (1)

03:17:57.0796 2552 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

03:17:57.0812 2552 Modem ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0812 2552 Modem - detected UnsignedFile.Multi.Generic (1)

03:17:57.0843 2552 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

03:17:57.0859 2552 Mouclass ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0859 2552 Mouclass - detected UnsignedFile.Multi.Generic (1)

03:17:57.0875 2552 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

03:17:57.0890 2552 mouhid ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0890 2552 mouhid - detected UnsignedFile.Multi.Generic (1)

03:17:57.0906 2552 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

03:17:57.0937 2552 MountMgr ( UnsignedFile.Multi.Generic ) - warning

03:17:57.0937 2552 MountMgr - detected UnsignedFile.Multi.Generic (1)

03:17:57.0953 2552 mraid35x - ok

03:17:57.0984 2552 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

03:17:58.0000 2552 MRxDAV ( UnsignedFile.Multi.Generic ) - warning

03:17:58.0000 2552 MRxDAV - detected UnsignedFile.Multi.Generic (1)

03:17:58.0062 2552 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

03:17:58.0125 2552 MRxSmb - ok

03:17:58.0171 2552 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

03:17:58.0187 2552 Msfs ( UnsignedFile.Multi.Generic ) - warning

03:17:58.0187 2552 Msfs - detected UnsignedFile.Multi.Generic (1)

03:17:58.0218 2552 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

03:17:58.0234 2552 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning

03:17:58.0234 2552 MSKSSRV - detected UnsignedFile.Multi.Generic (1)

03:17:58.0265 2552 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

03:17:58.0265 2552 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning

03:17:58.0265 2552 MSPCLOCK - detected UnsignedFile.Multi.Generic (1)

03:17:58.0281 2552 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

03:17:58.0312 2552 MSPQM ( UnsignedFile.Multi.Generic ) - warning

03:17:58.0312 2552 MSPQM - detected UnsignedFile.Multi.Generic (1)

03:17:58.0359 2552 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

03:17:58.0359 2552 mssmbios ( UnsignedFile.Multi.Generic ) - warning

03:17:58.0359 2552 mssmbios - detected UnsignedFile.Multi.Generic (1)

03:17:58.0406 2552 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

03:17:58.0437 2552 Mup - ok

03:17:58.0484 2552 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

03:17:58.0500 2552 NDIS ( UnsignedFile.Multi.Generic ) - warning

03:17:58.0500 2552 NDIS - detected UnsignedFile.Multi.Generic (1)

03:17:58.0562 2552 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

03:17:58.0578 2552 NdisTapi - ok

03:17:58.0593 2552 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

03:17:58.0625 2552 Ndisuio ( UnsignedFile.Multi.Generic ) - warning

03:17:58.0625 2552 Ndisuio - detected UnsignedFile.Multi.Generic (1)

03:17:58.0640 2552 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

03:17:58.0656 2552 NdisWan ( UnsignedFile.Multi.Generic ) - warning

03:17:58.0656 2552 NdisWan - detected UnsignedFile.Multi.Generic (1)

03:17:58.0687 2552 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

03:17:58.0734 2552 NDProxy - ok

03:17:58.0765 2552 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

03:17:58.0765 2552 NetBIOS ( UnsignedFile.Multi.Generic ) - warning

03:17:58.0765 2552 NetBIOS - detected UnsignedFile.Multi.Generic (1)

03:17:58.0796 2552 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

03:17:58.0828 2552 NetBT ( UnsignedFile.Multi.Generic ) - warning

03:17:58.0828 2552 NetBT - detected UnsignedFile.Multi.Generic (1)

03:17:58.0906 2552 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

03:17:58.0937 2552 Npfs ( UnsignedFile.Multi.Generic ) - warning

03:17:58.0937 2552 Npfs - detected UnsignedFile.Multi.Generic (1)

03:17:58.0984 2552 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

03:17:59.0015 2552 Ntfs ( UnsignedFile.Multi.Generic ) - warning

03:17:59.0015 2552 Ntfs - detected UnsignedFile.Multi.Generic (1)

03:17:59.0093 2552 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

03:17:59.0093 2552 Null ( UnsignedFile.Multi.Generic ) - warning

03:17:59.0093 2552 Null - detected UnsignedFile.Multi.Generic (1)

03:17:59.0140 2552 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

03:17:59.0140 2552 NwlnkFlt ( UnsignedFile.Multi.Generic ) - warning

03:17:59.0140 2552 NwlnkFlt - detected UnsignedFile.Multi.Generic (1)

03:17:59.0171 2552 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

03:17:59.0187 2552 NwlnkFwd ( UnsignedFile.Multi.Generic ) - warning

03:17:59.0187 2552 NwlnkFwd - detected UnsignedFile.Multi.Generic (1)

03:17:59.0234 2552 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

03:17:59.0250 2552 Parport ( UnsignedFile.Multi.Generic ) - warning

03:17:59.0250 2552 Parport - detected UnsignedFile.Multi.Generic (1)

03:17:59.0265 2552 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

03:17:59.0281 2552 PartMgr ( UnsignedFile.Multi.Generic ) - warning

03:17:59.0281 2552 PartMgr - detected UnsignedFile.Multi.Generic (1)

03:17:59.0312 2552 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

03:17:59.0328 2552 ParVdm ( UnsignedFile.Multi.Generic ) - warning

03:17:59.0328 2552 ParVdm - detected UnsignedFile.Multi.Generic (1)

03:17:59.0343 2552 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

03:17:59.0359 2552 PCI ( UnsignedFile.Multi.Generic ) - warning

03:17:59.0359 2552 PCI - detected UnsignedFile.Multi.Generic (1)

03:17:59.0375 2552 PCIDump - ok

03:17:59.0406 2552 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

03:17:59.0437 2552 PCIIde ( UnsignedFile.Multi.Generic ) - warning

03:17:59.0437 2552 PCIIde - detected UnsignedFile.Multi.Generic (1)

03:17:59.0484 2552 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

03:17:59.0484 2552 Pcmcia ( UnsignedFile.Multi.Generic ) - warning

03:17:59.0484 2552 Pcmcia - detected UnsignedFile.Multi.Generic (1)

03:17:59.0515 2552 PDCOMP - ok

03:17:59.0546 2552 PDFRAME - ok

03:17:59.0562 2552 PDRELI - ok

03:17:59.0593 2552 PDRFRAME - ok

03:17:59.0609 2552 perc2 - ok

03:17:59.0640 2552 perc2hib - ok

03:17:59.0750 2552 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

03:17:59.0750 2552 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning

03:17:59.0750 2552 PptpMiniport - detected UnsignedFile.Multi.Generic (1)

03:17:59.0781 2552 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

03:17:59.0812 2552 PSched ( UnsignedFile.Multi.Generic ) - warning

03:17:59.0812 2552 PSched - detected UnsignedFile.Multi.Generic (1)

03:17:59.0843 2552 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

03:17:59.0906 2552 Ptilink ( UnsignedFile.Multi.Generic ) - warning

03:17:59.0906 2552 Ptilink - detected UnsignedFile.Multi.Generic (1)

03:17:59.0921 2552 ql1080 - ok

03:17:59.0953 2552 Ql10wnt - ok

03:17:59.0984 2552 ql12160 - ok

03:18:00.0000 2552 ql1240 - ok

03:18:00.0031 2552 ql1280 - ok

03:18:00.0078 2552 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

03:18:00.0078 2552 RasAcd ( UnsignedFile.Multi.Generic ) - warning

03:18:00.0078 2552 RasAcd - detected UnsignedFile.Multi.Generic (1)

03:18:00.0109 2552 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

03:18:00.0125 2552 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning

03:18:00.0125 2552 Rasl2tp - detected UnsignedFile.Multi.Generic (1)

03:18:00.0156 2552 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

03:18:00.0187 2552 RasPppoe ( UnsignedFile.Multi.Generic ) - warning

03:18:00.0187 2552 RasPppoe - detected UnsignedFile.Multi.Generic (1)

03:18:00.0203 2552 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

03:18:00.0234 2552 Raspti ( UnsignedFile.Multi.Generic ) - warning

03:18:00.0234 2552 Raspti - detected UnsignedFile.Multi.Generic (1)

03:18:00.0265 2552 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

03:18:00.0265 2552 Rdbss ( UnsignedFile.Multi.Generic ) - warning

03:18:00.0265 2552 Rdbss - detected UnsignedFile.Multi.Generic (1)

03:18:00.0296 2552 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

03:18:00.0328 2552 RDPCDD ( UnsignedFile.Multi.Generic ) - warning

03:18:00.0328 2552 RDPCDD - detected UnsignedFile.Multi.Generic (1)

03:18:00.0359 2552 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

03:18:00.0375 2552 rdpdr ( UnsignedFile.Multi.Generic ) - warning

03:18:00.0375 2552 rdpdr - detected UnsignedFile.Multi.Generic (1)

03:18:00.0453 2552 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

03:18:00.0484 2552 RDPWD - ok

03:18:00.0578 2552 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

03:18:00.0593 2552 redbook ( UnsignedFile.Multi.Generic ) - warning

03:18:00.0593 2552 redbook - detected UnsignedFile.Multi.Generic (1)

03:18:00.0734 2552 S3GIGP (7e8f62b62f3b85b88f2fa1b6399b06f2) C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys

03:18:00.0781 2552 S3GIGP ( UnsignedFile.Multi.Generic ) - warning

03:18:00.0781 2552 S3GIGP - detected UnsignedFile.Multi.Generic (1)

03:18:00.0859 2552 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

03:18:00.0859 2552 Secdrv ( UnsignedFile.Multi.Generic ) - warning

03:18:00.0859 2552 Secdrv - detected UnsignedFile.Multi.Generic (1)

03:18:00.0953 2552 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

03:18:00.0953 2552 Serial ( UnsignedFile.Multi.Generic ) - warning

03:18:00.0953 2552 Serial - detected UnsignedFile.Multi.Generic (1)

03:18:01.0031 2552 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

03:18:01.0046 2552 Sfloppy ( UnsignedFile.Multi.Generic ) - warning

03:18:01.0046 2552 Sfloppy - detected UnsignedFile.Multi.Generic (1)

03:18:01.0093 2552 Simbad - ok

03:18:01.0125 2552 Sparrow - ok

03:18:01.0171 2552 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

03:18:01.0171 2552 splitter ( UnsignedFile.Multi.Generic ) - warning

03:18:01.0171 2552 splitter - detected UnsignedFile.Multi.Generic (1)

03:18:01.0218 2552 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

03:18:01.0234 2552 sr ( UnsignedFile.Multi.Generic ) - warning

03:18:01.0234 2552 sr - detected UnsignedFile.Multi.Generic (1)

03:18:01.0296 2552 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

03:18:01.0343 2552 Srv - ok

03:18:01.0390 2552 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

03:18:01.0406 2552 swenum ( UnsignedFile.Multi.Generic ) - warning

03:18:01.0406 2552 swenum - detected UnsignedFile.Multi.Generic (1)

03:18:01.0421 2552 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

03:18:01.0437 2552 swmidi ( UnsignedFile.Multi.Generic ) - warning

03:18:01.0437 2552 swmidi - detected UnsignedFile.Multi.Generic (1)

03:18:01.0484 2552 symc810 - ok

03:18:01.0515 2552 symc8xx - ok

03:18:01.0531 2552 sym_hi - ok

03:18:01.0562 2552 sym_u3 - ok

03:18:01.0609 2552 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

03:18:01.0609 2552 sysaudio ( UnsignedFile.Multi.Generic ) - warning

03:18:01.0609 2552 sysaudio - detected UnsignedFile.Multi.Generic (1)

03:18:01.0703 2552 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

03:18:01.0718 2552 Tcpip - ok

03:18:01.0750 2552 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

03:18:01.0765 2552 TDPIPE ( UnsignedFile.Multi.Generic ) - warning

03:18:01.0765 2552 TDPIPE - detected UnsignedFile.Multi.Generic (1)

03:18:01.0796 2552 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

03:18:01.0796 2552 TDTCP ( UnsignedFile.Multi.Generic ) - warning

03:18:01.0796 2552 TDTCP - detected UnsignedFile.Multi.Generic (1)

03:18:01.0828 2552 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

03:18:01.0843 2552 TermDD ( UnsignedFile.Multi.Generic ) - warning

03:18:01.0843 2552 TermDD - detected UnsignedFile.Multi.Generic (1)

03:18:01.0890 2552 TosIde - ok

03:18:01.0937 2552 uagp35 (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys

03:18:01.0953 2552 uagp35 ( UnsignedFile.Multi.Generic ) - warning

03:18:01.0953 2552 uagp35 - detected UnsignedFile.Multi.Generic (1)

03:18:02.0000 2552 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

03:18:02.0015 2552 Udfs ( UnsignedFile.Multi.Generic ) - warning

03:18:02.0015 2552 Udfs - detected UnsignedFile.Multi.Generic (1)

03:18:02.0031 2552 UIUSys - ok

03:18:02.0062 2552 ultra - ok

03:18:02.0109 2552 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

03:18:02.0125 2552 Update ( UnsignedFile.Multi.Generic ) - warning

03:18:02.0125 2552 Update - detected UnsignedFile.Multi.Generic (1)

03:18:02.0203 2552 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

03:18:02.0203 2552 usbaudio ( UnsignedFile.Multi.Generic ) - warning

03:18:02.0203 2552 usbaudio - detected UnsignedFile.Multi.Generic (1)

03:18:02.0250 2552 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

03:18:02.0281 2552 usbccgp ( UnsignedFile.Multi.Generic ) - warning

03:18:02.0281 2552 usbccgp - detected UnsignedFile.Multi.Generic (1)

03:18:02.0312 2552 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

03:18:02.0328 2552 usbehci ( UnsignedFile.Multi.Generic ) - warning

03:18:02.0328 2552 usbehci - detected UnsignedFile.Multi.Generic (1)

03:18:02.0343 2552 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

03:18:02.0375 2552 usbhub ( UnsignedFile.Multi.Generic ) - warning

03:18:02.0375 2552 usbhub - detected UnsignedFile.Multi.Generic (1)

03:18:02.0406 2552 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

03:18:02.0421 2552 USBSTOR ( UnsignedFile.Multi.Generic ) - warning

03:18:02.0421 2552 USBSTOR - detected UnsignedFile.Multi.Generic (1)

03:18:02.0468 2552 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

03:18:02.0468 2552 usbuhci ( UnsignedFile.Multi.Generic ) - warning

03:18:02.0468 2552 usbuhci - detected UnsignedFile.Multi.Generic (1)

03:18:02.0500 2552 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

03:18:02.0515 2552 VgaSave ( UnsignedFile.Multi.Generic ) - warning

03:18:02.0515 2552 VgaSave - detected UnsignedFile.Multi.Generic (1)

03:18:02.0546 2552 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

03:18:02.0562 2552 ViaIde ( UnsignedFile.Multi.Generic ) - warning

03:18:02.0562 2552 ViaIde - detected UnsignedFile.Multi.Generic (1)

03:18:02.0593 2552 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

03:18:02.0609 2552 VolSnap ( UnsignedFile.Multi.Generic ) - warning

03:18:02.0609 2552 VolSnap - detected UnsignedFile.Multi.Generic (1)

03:18:02.0671 2552 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

03:18:02.0687 2552 Wanarp ( UnsignedFile.Multi.Generic ) - warning

03:18:02.0687 2552 Wanarp - detected UnsignedFile.Multi.Generic (1)

03:18:02.0703 2552 WDICA - ok

03:18:02.0750 2552 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

03:18:02.0765 2552 wdmaud ( UnsignedFile.Multi.Generic ) - warning

03:18:02.0765 2552 wdmaud - detected UnsignedFile.Multi.Generic (1)

03:18:02.0859 2552 winachsf (86723ea860346fbe5490835344cad939) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

03:18:02.0890 2552 winachsf ( UnsignedFile.Multi.Generic ) - warning

03:18:02.0890 2552 winachsf - detected UnsignedFile.Multi.Generic (1)

03:18:02.0953 2552 WINIO (6943c8f5cba301e07a1f69df69b09257) C:\WINDOWS\system32\WinIo.sys

03:18:02.0968 2552 WINIO ( UnsignedFile.Multi.Generic ) - warning

03:18:02.0968 2552 WINIO - detected UnsignedFile.Multi.Generic (1)

03:18:03.0203 2552 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

03:18:03.0218 2552 WudfPf - ok

03:18:03.0250 2552 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

03:18:03.0281 2552 WudfRd - ok

03:18:03.0390 2552 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

03:18:03.0625 2552 \Device\Harddisk0\DR0 - ok

03:18:03.0640 2552 Boot (0x1200) (c765205c0b21febf5c711004784565ca) \Device\Harddisk0\DR0\Partition0

03:18:03.0640 2552 \Device\Harddisk0\DR0\Partition0 - ok

03:18:03.0656 2552 ============================================================

03:18:03.0656 2552 Scan finished

03:18:03.0656 2552 ============================================================

03:18:03.0812 3044 Detected object count: 118

03:18:03.0812 3044 Actual detected object count: 118

03:26:39.0156 3044 ACPI ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0156 3044 ACPI ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0156 3044 ACPIEC ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0156 3044 ACPIEC ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0156 3044 aec ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0156 3044 aec ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0156 3044 ApfiltrService ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0156 3044 ApfiltrService ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0156 3044 AR5211 ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0156 3044 AR5211 ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0171 3044 AsyncMac ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0171 3044 AsyncMac ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0187 3044 atapi ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0187 3044 atapi ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0187 3044 Atmarpc ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0187 3044 Atmarpc ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0203 3044 audstub ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0203 3044 audstub ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0218 3044 Beep ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0218 3044 Beep ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0218 3044 cbidf2k ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0218 3044 cbidf2k ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0234 3044 Cdaudio ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0234 3044 Cdaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0250 3044 Cdfs ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0250 3044 Cdfs ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0250 3044 Cdrom ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0250 3044 Cdrom ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0265 3044 CLEDX ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0265 3044 CLEDX ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0281 3044 CmBatt ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0281 3044 CmBatt ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0281 3044 Compbatt ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0281 3044 Compbatt ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0296 3044 Disk ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0296 3044 Disk ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0312 3044 dmboot ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0312 3044 dmboot ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0312 3044 dmio ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0312 3044 dmio ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0328 3044 dmload ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0328 3044 dmload ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0343 3044 DMusic ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0343 3044 DMusic ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0343 3044 drmkaud ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0343 3044 drmkaud ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0359 3044 Fastfat ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0359 3044 Fastfat ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0375 3044 Fdc ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0375 3044 Fdc ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0375 3044 FETND5BV ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0375 3044 FETND5BV ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0390 3044 FETNDIS ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0390 3044 FETNDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0406 3044 Fips ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0406 3044 Fips ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0406 3044 Flpydisk ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0406 3044 Flpydisk ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0421 3044 FltMgr ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0421 3044 FltMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0437 3044 Fs_Rec ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0437 3044 Fs_Rec ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0437 3044 Ftdisk ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0437 3044 Ftdisk ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0453 3044 Gpc ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0453 3044 Gpc ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0468 3044 HdAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0468 3044 HdAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0468 3044 HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0468 3044 HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0484 3044 HidUsb ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0484 3044 HidUsb ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0500 3044 HSFHWAZL ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0500 3044 HSFHWAZL ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0515 3044 HSF_DPV ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0515 3044 HSF_DPV ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0515 3044 i8042prt ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0515 3044 i8042prt ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0531 3044 Imapi ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0531 3044 Imapi ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0531 3044 intelppm ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0531 3044 intelppm ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0546 3044 Ip6Fw ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0546 3044 Ip6Fw ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0562 3044 IpFilterDriver ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0562 3044 IpFilterDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0562 3044 IpInIp ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0562 3044 IpInIp ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0578 3044 IpNat ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0578 3044 IpNat ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0593 3044 IPSec ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0593 3044 IPSec ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0609 3044 IRENUM ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0609 3044 IRENUM ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0609 3044 isapnp ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0609 3044 isapnp ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0625 3044 Kbdclass ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0625 3044 Kbdclass ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0640 3044 kmixer ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0640 3044 kmixer ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0640 3044 KSecDD ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0640 3044 KSecDD ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0656 3044 mdmxsdk ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0656 3044 mdmxsdk ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0656 3044 mnmdd ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0656 3044 mnmdd ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0671 3044 Modem ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0671 3044 Modem ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0687 3044 Mouclass ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0687 3044 Mouclass ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0687 3044 mouhid ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0687 3044 mouhid ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0703 3044 MountMgr ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0703 3044 MountMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0718 3044 MRxDAV ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0718 3044 MRxDAV ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0734 3044 Msfs ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0734 3044 Msfs ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0734 3044 MSKSSRV ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0734 3044 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0750 3044 MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0750 3044 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0765 3044 MSPQM ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0765 3044 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0781 3044 mssmbios ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0781 3044 mssmbios ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0781 3044 NDIS ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0781 3044 NDIS ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0796 3044 Ndisuio ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0796 3044 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0796 3044 NdisWan ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0812 3044 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0812 3044 NetBIOS ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0812 3044 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0828 3044 NetBT ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0828 3044 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0843 3044 Npfs ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0843 3044 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0843 3044 Ntfs ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0843 3044 Ntfs ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0859 3044 Null ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0859 3044 Null ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0859 3044 NwlnkFlt ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0859 3044 NwlnkFlt ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0875 3044 NwlnkFwd ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0875 3044 NwlnkFwd ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0890 3044 Parport ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0890 3044 Parport ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0906 3044 PartMgr ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0906 3044 PartMgr ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0921 3044 ParVdm ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0921 3044 ParVdm ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0937 3044 PCI ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0937 3044 PCI ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0937 3044 PCIIde ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0937 3044 PCIIde ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0953 3044 Pcmcia ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0953 3044 Pcmcia ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0968 3044 PptpMiniport ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0968 3044 PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0968 3044 PSched ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0968 3044 PSched ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0968 3044 Ptilink ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0968 3044 Ptilink ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:39.0984 3044 RasAcd ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:39.0984 3044 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0000 3044 Rasl2tp ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0000 3044 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0015 3044 RasPppoe ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0015 3044 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0015 3044 Raspti ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0015 3044 Raspti ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0031 3044 Rdbss ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0031 3044 Rdbss ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0046 3044 RDPCDD ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0046 3044 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0046 3044 rdpdr ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0046 3044 rdpdr ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0062 3044 redbook ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0062 3044 redbook ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0078 3044 S3GIGP ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0078 3044 S3GIGP ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0093 3044 Secdrv ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0093 3044 Secdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0093 3044 Serial ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0093 3044 Serial ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0109 3044 Sfloppy ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0109 3044 Sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0125 3044 splitter ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0125 3044 splitter ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0125 3044 sr ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0125 3044 sr ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0140 3044 swenum ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0140 3044 swenum ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0156 3044 swmidi ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0156 3044 swmidi ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0156 3044 sysaudio ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0156 3044 sysaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0171 3044 TDPIPE ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0171 3044 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0187 3044 TDTCP ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0187 3044 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0187 3044 TermDD ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0187 3044 TermDD ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0203 3044 uagp35 ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0203 3044 uagp35 ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0203 3044 Udfs ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0218 3044 Udfs ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0218 3044 Update ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0218 3044 Update ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0234 3044 usbaudio ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0234 3044 usbaudio ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0250 3044 usbccgp ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0250 3044 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0250 3044 usbehci ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0250 3044 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0265 3044 usbhub ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0265 3044 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0281 3044 USBSTOR ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0281 3044 USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0281 3044 usbuhci ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0281 3044 usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0296 3044 VgaSave ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0296 3044 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0312 3044 ViaIde ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0312 3044 ViaIde ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0312 3044 VolSnap ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0312 3044 VolSnap ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0328 3044 Wanarp ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0328 3044 Wanarp ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0328 3044 wdmaud ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0328 3044 wdmaud ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0343 3044 winachsf ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0343 3044 winachsf ( UnsignedFile.Multi.Generic ) - User select action: Skip

03:26:40.0359 3044 WINIO ( UnsignedFile.Multi.Generic ) - skipped by user

03:26:40.0359 3044 WINIO ( UnsignedFile.Multi.Generic ) - User select action: Skip

Link to post
Share on other sites

Please do not attach the scan results from Combofx. Use copy/paste.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Download ComboFix from one of these locations:

Link 1

Link 2 If using this link, Right Click and select Save As.

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs
  • Double click on ComboFix.exe & follow the prompts.
    Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7.
    Note: If you have XP SP3, use the XP SP2 package.
    If Vista or Windows 7, skip the Recovery Console part
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RC1.png

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC2-1.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.

4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Give it atleast 20-30 minutes to finish if needed.

Please do not attach the scan results from Combofx. Use copy/paste.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

ComboFix 12-02-17.02 - John Gary 02/18/2012 21:28:37.2.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.766.307 [GMT 0:00]

Running from: c:\documents and settings\John Gary\My Documents\Downloads\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

---- Previous Run -------

.

c:\windows\system32\Cache\1bdeb65957b83b6e.fb

c:\windows\system32\Cache\272512937d9e61a4.fb

c:\windows\system32\Cache\287204568329e189.fb

c:\windows\system32\Cache\28bc8f716fd76a47.fb

c:\windows\system32\Cache\2c53092c95605355.fb

c:\windows\system32\Cache\3864b0b3c276abdd.fb

c:\windows\system32\Cache\3917078cb68ec657.fb

c:\windows\system32\Cache\590ba23ce359fd0c.fb

c:\windows\system32\Cache\610289e025a3ee9a.fb

c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb

c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb

c:\windows\system32\Cache\a8556537add6dfc5.fb

c:\windows\system32\Cache\ad10a52aff5e038d.fb

c:\windows\system32\Cache\c4d28dca2e7648be.fb

c:\windows\system32\Cache\d201ef9910cd39de.fb

c:\windows\system32\Cache\d2e94710a5708128.fb

c:\windows\system32\Cache\d79b9dfe81484ec4.fb

c:\windows\system32\Cache\e0de16f883bea794.fb

c:\windows\system32\SET9C.tmp

c:\windows\system32\SETA1.tmp

c:\windows\system32\SETA8.tmp

c:\windows\system32\WinIo.sys

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_WINIO

-------\Service_WINIO

.

.

((((((((((((((((((((((((( Files Created from 2012-01-18 to 2012-02-18 )))))))))))))))))))))))))))))))

.

.

2012-02-01 23:06 . 2012-02-01 23:06 1492 ----a-w- C:\user.js

2012-02-01 22:21 . 2012-02-01 22:26 -------- d-----w- C:\tmp

2012-01-24 17:14 . 2012-01-24 17:14 -------- d-----w- C:\$AVG

2012-01-24 02:07 . 2012-01-24 02:07 -------- d-----w- C:\e90ea2dd7349978957b4

2012-01-24 01:55 . 2012-01-24 01:55 -------- d-----w- C:\2aebcf14e6db3061638b00

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-01-12 16:53 . 2005-10-06 00:06 1859968 ----a-w- c:\windows\system32\win32k.sys

2011-12-17 19:46 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

2011-12-17 19:46 . 2004-08-04 12:00 43520 ------w- c:\windows\system32\licmgr10.dll

2011-12-17 19:46 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-12-16 12:22 . 2004-08-04 12:00 385024 ------w- c:\windows\system32\html.iec

2011-11-25 21:57 . 2004-08-04 12:00 293376 ----a-w- c:\windows\system32\winsrv.dll

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys

[-] 2008-04-14 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys

[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys

.

[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys

[-] 2008-04-14 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys

[-] 2004-08-04 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\asyncmac.sys

.

[-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys

[-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys

.

[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys

[-] 2008-04-14 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys

[-] 2004-08-04 . EBDEE8A2EE5393890A1ACEE971C4C246 . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kbdclass.sys

.

[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys

[-] 2008-04-14 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys

[-] 2004-08-04 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ndis.sys

.

[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys

[-] 2008-04-14 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys

[-] 2004-08-04 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntfs.sys

.

[-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys

[-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys

.

[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll

[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll

[-] 2004-08-04 . E3CFCCDDA4EDD1D0DC9168B2E18F27B8 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll

.

[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe

[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe

[-] 2004-08-04 . 84885F9B82F4D55C6146EBF6065D75D2 . 13312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lsass.exe

.

[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll

[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll

[-] 2004-08-04 . DAB9E6C7105D2EF49876FE92C524F565 . 198144 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netman.dll

.

[-] 2008-04-14 05:41 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll

[-] 2008-04-14 05:41 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll

[-] 2004-08-04 12:00 . 6728270CB7DBB776ED086F5AC4C82310 . 792064 . . [2001.12.4414.258] . . c:\windows\$NtServicePackUninstall$\comres.dll

.

[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll

[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll

[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll

[-] 2004-08-04 . 2C69EC7E5A311334D10DD95F338FCCEA . 382464 . . [6.6.2600.2180] . . c:\windows\$NtServicePackUninstall$\qmgr.dll

.

[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll

[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll

[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll

[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll

[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll

[-] 2005-07-26 . CE94A2BD25E3E9F4D46A7373FF455C6D . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll

[-] 2005-07-26 . C369DF215D352B6F3A0B8C3469AA34F8 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll

.

[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe

[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe

[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe

[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe

[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe

[-] 2004-08-04 . C6CE6EEC82F187615D1002BB3BB50ED4 . 108032 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe

.

[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe

[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe

[-] 2004-08-04 . 01C3346C241652F43AED8E2149881BFE . 502272 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\winlogon.exe

.

[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys

[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys

[-] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys

.

[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll

[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll

[-] 2004-08-04 . 10654F9DDCEA9C46CFB77554231BE73B . 60416 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\cryptsvc.dll

.

[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll

[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll

[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll

[-] 2008-04-14 05:41 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll

[-] 2008-04-14 05:41 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll

[-] 2005-07-26 04:39 . 34BBD9ACC1538818F2C878898C64E793 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtServicePackUninstall$\es.dll

[-] 2005-07-26 04:20 . 95F5FEA4C6DE2C3F28784D0DCC8F0DD3 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll

.

[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll

[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll

[-] 2004-08-04 . 87CA7CE6469577F059297B9D6556D66D . 110080 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\imm32.dll

.

[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll

[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll

[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll

[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll

[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll

[-] 2004-08-04 . 888190E31455FAD793312F8D087146EB . 983552 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\kernel32.dll

.

[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll

[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll

[-] 2005-09-01 . 648BF0B4DDE4F7A1156DAE7174D36EFA . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll

[-] 2005-09-01 . A1A688EE56CF3BBD24EDEB815D48E9BA . 19968 . . [5.1.2600.2751] . . c:\windows\$NtServicePackUninstall$\linkinfo.dll

.

[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll

[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll

[-] 2004-08-04 . 74D66B3DE265E8789153414E75175F26 . 22016 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\lpk.dll

.

[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll

[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll

[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll

[-] 2004-08-04 . B0FEFA816D61EC66AA765DDF534EAB5E . 343040 . . [7.0.2600.2180] . . c:\windows\$NtServicePackUninstall$\msvcrt.dll

[-] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll

[-] 2004-08-04 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll

.

[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll

[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll

[-] 2004-08-04 . 96353FCECBA774BB8DA74A1C6507015A . 407040 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\netlogon.dll

.

[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll

[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll

[-] 2004-08-04 . 1B5F6923ABB450692E9FE0672C897AED . 17408 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\powrprof.dll

.

[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll

[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll

[-] 2004-08-04 . 0F78E27F563F2AAF74B91A49E2ABF19A . 180224 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\scecli.dll

.

[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll

[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll

[-] 2004-08-04 . E8A12A12EA9088B4327D49EDCA3ADD3E . 5120 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfc.dll

.

[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe

[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe

[-] 2004-08-04 . 8F078AE4ED187AAABC0A305146DE6716 . 14336 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\svchost.exe

.

[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll

[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll

[-] 2005-07-08 . 1418A3A6E76E5A2E3F5E43866E793A8B . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll

[-] 2005-07-08 . FB78839B36025AA286A51289ED28B73E . 249344 . . [5.1.2600.2716] . . c:\windows\$NtServicePackUninstall$\tapisrv.dll

.

[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll

[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll

[-] 2005-03-02 . 1800F293BCCC8EDE8A70E12B88D80036 . 577024 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll

[-] 2005-03-02 . DE2DB164BBB35DB061AF0997E4499054 . 577024 . . [5.1.2600.2622] . . c:\windows\$NtServicePackUninstall$\user32.dll

.

[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe

[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe

[-] 2004-08-04 . 39B1FFB03C2296323832ACBAE50D2AFF . 24576 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\userinit.exe

.

[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll

[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll

[-] 2004-08-04 . 2ED0B7F12A60F90092081C50FA0EC2B2 . 82944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2_32.dll

.

[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll

[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll

[-] 2004-08-04 . 9BEACB911CA61E5881102188AB7FB431 . 19968 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ws2help.dll

.

[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe

[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe

[-] 2004-08-04 . A0732187050030AE399B241436565E64 . 1032192 . . [6.00.2900.2180] . . c:\windows\$NtServicePackUninstall$\explorer.exe

.

[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\regedit.exe

[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe

[-] 2004-08-04 . 783AFC80383C176B22DBF8333343992D . 146432 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regedit.exe

.

[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll

[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll

[-] 2004-08-04 . CBCD254547689BFF80C9F547B20911E9 . 4096 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\ksuser.dll

.

[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe

[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe

[-] 2004-08-04 . 24232996A38C0B0CF151C2140AE29FC8 . 15360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ctfmon.exe

.

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll

[-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

.

[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe

[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe

[-] 2004-08-04 . 49911DD39E023BB6C45E4E436CFBD297 . 13824 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wscntfy.exe

.

[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll

[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll

[-] 2004-08-04 . EEF46DAB68229A14DA3D8E73C99E2959 . 129536 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\xmlprov.dll

.

[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll

[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll

[-] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\eventlog.dll

.

[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll

[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll

[-] 2004-08-04 . 30A609E00BD1D4FFC49D6B5A432BE7F2 . 1580544 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\sfcfiles.dll

.

[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys

[-] 2008-04-14 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys

[-] 2004-08-04 . 64537AA5C003A6AFEEE1DF819062D0D1 . 74752 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ipsec.sys

.

[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll

[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll

[-] 2004-08-04 . 3151427DB7D87107D1C5BE58FAC53960 . 59904 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\regsvc.dll

.

[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll

[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll

[-] 2004-08-04 . 92360854316611F6CC471612213C3D92 . 190976 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\schedsvc.dll

.

[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll

[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll

[-] 2004-08-04 . 4B8D61792F7175BED48859CC18CE4E38 . 71680 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ssdpsrv.dll

.

[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll

[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll

[-] 2004-08-04 . B60C877D16D9C880B952FDA04ADF16E6 . 295424 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\termsrv.dll

.

[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll

[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll

[-] 2004-08-04 . 765B30C776A1780B46B479FE614F707C . 344064 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\hnetcfg.dll

.

[-] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\appmgmts.dll

[-] 2008-04-14 . D8849F77C0B66226335A59D26CB4EDC6 . 167936 . . [5.1.2600.5512] . . c:\windows\system32\appmgmts.dll

[-] 2004-08-04 . 9C3C12975C97119412802B181FBEEFFE . 167936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\appmgmts.dll

.

[-] 2004-08-04 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys

.

[-] 2008-04-13 22:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys

[-] 2008-04-13 22:09 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys

[-] 2004-08-03 22:39 . 841F385C6CFAF66B58FBD898722BB4F0 . 142464 . . [5.1.2601.2078] . . c:\windows\$NtServicePackUninstall$\aec.sys

.

[-] 2008-04-14 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys

[-] 2008-04-14 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys

.

[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys

[-] 2008-04-14 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys

[-] 2004-08-04 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ip6fw.sys

.

[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll

[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll

[-] 2004-08-04 . 95FD808E4AC22ABA025A7B3EAC0375D2 . 33792 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msgsvc.dll

.

[-] 2008-04-14 05:42 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll

[-] 2008-04-14 05:42 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll

[-] 2004-08-04 12:00 . B62F29C00AC55A761B2E45877D85EA0F . 435200 . . [5.1.2400.2180] . . c:\windows\$NtServicePackUninstall$\ntmssvc.dll

.

[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll

[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll

[-] 2004-08-04 . 0546477BDE979E33294FE97F6B3DE84A . 185344 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\upnphost.dll

.

[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll

[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll

[-] 2004-08-04 . 55E148C01296696588EAFA425782C3E8 . 367616 . . [5.3.2600.2180] . . c:\windows\$NtServicePackUninstall$\dsound.dll

.

[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll

[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll

[-] 2004-08-04 . D67BDBBDA86CC9AEEBBAF3217C1717D8 . 1689088 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\d3d9.dll

.

[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll

[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll

[-] 2004-08-04 . 7ED462F353B3D915A418A689FA881F96 . 266240 . . [5.03.2600.2180] . . c:\windows\$NtServicePackUninstall$\ddraw.dll

.

[-] 2008-04-14 05:42 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll

[-] 2008-04-14 05:42 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll

[-] 2004-08-04 12:00 . B48D3193DD1474DCBCC32BF4779AC698 . 83456 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\olepro32.dll

.

[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll

[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll

[-] 2004-08-04 . 96492C721C6EA517E2BFD5381FEF55E3 . 39936 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\perfctrs.dll

.

[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll

[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll

[-] 2004-08-04 . D38408967BE738D0C1B47005BCE8CEEB . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\version.dll

.

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll

[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll

[-] 2004-08-04 . 92BDF74F12D6CBEC43C94D4B7F804838 . 170496 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\srsvc.dll

.

[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll

[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll

[-] 2004-08-04 . 2B281958F5D0CF99ED626E3EF39D5C8D . 174592 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\w32time.dll

.

[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll

[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll

[-] 2004-08-04 . D9F6C4F6B1E188ADAFC42B561D9BC2E6 . 333312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\wiaservc.dll

.

[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll

[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll

[-] 2004-08-04 . 3B4702155BB2AE9DC00C06A68834BDFA . 18944 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\midimap.dll

.

[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll

[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll

[-] 2004-08-04 . 4CAEC028C1E21C75E17877D4522D3DB4 . 8192 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\rasadhlp.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-01-18 18:49 94208 ----a-w- c:\documents and settings\John Gary\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-01-18 18:49 94208 ----a-w- c:\documents and settings\John Gary\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-01-18 18:49 94208 ----a-w- c:\documents and settings\John Gary\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-01-18 18:49 94208 ----a-w- c:\documents and settings\John Gary\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2012-01-24 3478336]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]

"FuncKey"="c:\program files\Hotkey 1.0.4\FuncKey.exe" [2006-07-27 122880]

"Apoint"="c:\program files\Apoint2K\Apoint.exe" [2005-04-16 172032]

"VTTimer"="VTTimer.exe" [2006-08-03 53248]

"S3Trayp"="S3trayp.exe" [2006-07-11 176128]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]

"H2O"="c:\program files\SyncroSoft\Pos\H2O\cledx.exe" [2005-10-23 385024]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 997920]

.

c:\documents and settings\John Gary\Start Menu\Programs\Startup\

Dropbox.lnk - c:\documents and settings\John Gary\Application Data\Dropbox\bin\Dropbox.exe [2012-1-18 24246216]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Vuze\\Azureus.exe"=

"c:\\Documents and Settings\\John Gary\\Application Data\\Dropbox\\bin\\Dropbox.exe"=

.

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2/13/2012 12:22 AM 242240]

R1 MpKsl81e3ca39;MpKsl81e3ca39;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{BB5BDE29-F6AE-4CA7-8036-018FB0E19CE9}\MpKsl81e3ca39.sys [2/18/2012 9:16 PM 29904]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [1/22/2012 11:07 PM 652360]

R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [1/31/2012 4:19 AM 33792]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [1/22/2012 11:07 PM 20464]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MPKSL81E3CA39

*NewlyCreated* - WINIO

*NewlyCreated* - WS2IFSL

.

Contents of the 'Scheduled Tasks' folder

.

2012-02-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-861567501-1788223648-682003330-1003Core.job

- c:\documents and settings\John Gary\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-01-22 22:48]

.

2012-02-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-861567501-1788223648-682003330-1003UA.job

- c:\documents and settings\John Gary\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-01-22 22:48]

.

2012-02-18 c:\windows\Tasks\MP Scheduled Scan.job

- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 15:39]

.

2012-02-18 c:\windows\Tasks\MpIdleTask.job

- c:\program files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27 15:39]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://search.babylon.com/?AF=109130&babsrc=HP_ss&mntrId=841971f500000000000000c0a8e81a36

TCP: DhcpNameServer = 192.168.1.254

.

- - - - ORPHANS REMOVED - - - -

.

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

HKLM-Run-ROC_roc_dec12 - c:\program files\AVG Secure Search\ROC_roc_dec12.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-02-18 21:36

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(2664)

c:\windows\system32\WININET.dll

c:\documents and settings\John Gary\Application Data\Dropbox\bin\DropboxExt.14.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Completion time: 2012-02-18 21:41:03

ComboFix-quarantined-files.txt 2012-02-18 21:40

.

Pre-Run: 71,660,187,648 bytes free

Post-Run: 71,649,243,136 bytes free

.

- - End Of File - - 532EC8C58B4728FF199AC8B0BD648803

Link to post
Share on other sites

Good job thumbup.gif

The following will implement some cleanup procedures as well as reset System Restore points:

For XP:

  • Click START run
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.

For Vista / Windows 7

  • Click START Search
  • Now type ComboFix /Uninstall in the runbox and click OK. Note the space between the X and the /, it needs to be there.

Here's my usual all clean post

To be on the safe side, I would also change all my passwords.

This infection appears to have been cleaned, but as the malware could be configured to run any program a remote attacker requires, it's impossible to be 100% sure that any machine is clean.

Log looks good :D

  • Update your AntiVirus Software - It is imperative that you update your Antivirus software at least once a week
    (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
  • Use a Firewall - I can not stress how important it is that you use a Firewall on your computer.
    Without a firewall your computer is succeptible to being hacked and taken over.
    I am very serious about this and see it happen almost every day with my clients.
    Simply using a Firewall in its default configuration can lower your risk greatly.
  • Using a secure browser plugin M86 SecureBrowsing makes it safe to search, surf and socialize online. This free browser plug-in displays security icons next to links on search engines and social networking sites like Facebook, Twitter and LinkedIn, so you'll know which pages are safe and which ones to avoid.
    •Free browser plug-in for Internet Explorer and Firefox
    •Real-time safety ratings
    •Ideal for Facebook, Twitter and LinkedIn
  • JAVA Click this link and click on the Free JAVA Download
  • Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly.
    This will ensure your computer has always the latest security updates available installed on your computer.
    If there are new updates to install, install them immediately, reboot your computer, and revisit the site
    until there are no more critical updates.

Only run one Anti-Virus and Firewall program.

I would suggest you read:

PC Safety and Security--What Do I Need?.

How to Prevent Malware:

The full version of Malwarebytes' Anti-Malware could have helped protect your computer against this threat.

We use different ways of protecting your computer(s):

  • Dynamically Blocks Malware Sites & Servers
  • Malware Execution Prevention

Save yourself the hassle and get protected.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.