mbam doesn't run anymore

[chcjcamo]

Hi. MalwareBytes seems to have stopped running. It will start go for a couple of minutes then crash. SuperAntiSpyware does the same thing. Was able to run them both in Safe Mode and they both found a few things. But it still isn't working logged in normally. I suspect it still has a virus. I disconnected from the internet and disabled the AV briefly to run the DDS program. Now after reconnecting and turning the AV back on it mysteriously won't connect to the internet anymore.

Any help would be much appreciated. Thank you. Chrystal

dds.txtattach.txt

[Maurice Naggar]

Hello chcjcamo,

If need be, restart the system, and right away, before Windows loads, tap & re-tap F8 Function-key to get to Advanced Boot Options.

Then use Up/down keyboard arrows & select Safe mode with Networking

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

Set Windows to show all files and all folders.

On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed.

"CHECK" (turn on) Display the contents of system folders.

Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.

Next, un-check Hide extensions for known file types.

Next un-check Hide protected operating system files.

Step 3

Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.

• Double click on RSIT.exe to run RSIT.
  
• Click Continue at the disclaimer screen.
  
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Step 4

Download Security Check by screen317 and save it to your Desktop: here or here

• Run Security Check
• Follow the onscreen instructions inside of the command window.
• A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Step 5
Close all open browsers at this point.
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall
Start Internet Explorer
Using Internet Explorer browser only, go to BitDefender Quickscan website:
http://quickscan.bitdefender.com
and click "Start Scan".
Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.
Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.
If prompted, reply yes to allow it to run.
Press the Allow button and follow prompts.
Press the "Start Scan" once more.
You'll see the EULA in a pop-up window. Click the I accept & then the OK button
Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/
and that QuickScan has no removal capability.
The site boasts a 60-second scan. Do have patience as it likely will take longer.
It may seem to stall at moments, but have patience; it will move on.
You'll see a progress bar at top right of window.
Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.
The log report will show in your text editor. Save the log.
Do a Select ALL, Copy. Then paste contents into your next reply.
Step 6

• Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
  >> from here <<
  
• Quit all programs that you may have started.
  
• For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
  For Windows XP, double-click to start.
  
• Wait until Prescan has finished ...
  
• Click on Scan.
  
• Click on Report and copy/paste the content of the notepad into your next reply.

Step 7

RE-Enable your antivirus program.

Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from Bitdefender & RogueKiller log.

Use separate replies as needed if logs do not fit into one reply box.

[chcjcamo]

Thank you for the quick reply. Instructions completed and logs follow:

Logfile of random's system information tool 1.09 (written by random/random)

Run by administrator at 2012-03-27 15:04:41

Microsoft Windows XP Professional Service Pack 3

System drive C: has 49 GB (47%) free of 104 GB

Total RAM: 1919 MB (82% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 15:05:03, on 27/03/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Safe mode with network support

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\WINDOWS\Explorer.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\Administrator.FEVERSHAM_COLL\Desktop\RSIT.exe

C:\Program Files\trend micro\administrator.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fevershamcollege.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.bradfordlearning.net:3128

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = fevershamcollege.mrooms2.net;<local>

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [PCE Client] C:\WINDOWS\system32\PCENT\PCClient.exe

O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\RunServices: [CS32] C:\WINDOWS\c32cs2.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - S-1-5-18 Startup: CCC.lnk = ? (User 'SYSTEM')

O4 - .DEFAULT Startup: CCC.lnk = ? (User 'Default user')

O4 - .DEFAULT User Startup: CCC.lnk = ? (User 'Default user')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1228725012820

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256125088860

O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = fevershamcollege.com

O17 - HKLM\Software\..\Telephony: DomainName = fevershamcollege.com

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = fevershamcollege.com

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Program Files\LSI SoftModem\agrsmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe

O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Symantec Auto-upgrade Agent (Smcinst) - Unknown owner - C:\Program Files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe (file missing)

O23 - Service: stllssvr - Unknown owner - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)

O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

--

End of file - 7860 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\DEFRAG.job

C:\WINDOWS\tasks\Disk Cleanup.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{AD44862F-11C3-4500-90A7-129F5F3235DA}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-23 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-23 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-03-23 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-02-23 814160]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"PCE Client"=C:\WINDOWS\system32\PCENT\PCClient.exe [2008-07-31 1015877]

"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2008-04-14 143360]

"MsmqIntCert"=regsvr32 /s mqrt.dll []

"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-02-23 3451496]

"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2008-04-14 169984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\14032184]

C:\Documents and Settings\All Users\Application Data\14032184\14032184.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-11 40048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2011-09-27 59240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Detector]

C:\PROGRA~1\ACDSYS~1\DEVDET~1\DEVDET~1.EXE [2002-12-09 208896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]

C:\Program Files\Common Files\Symantec Shared\ccApp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CognizanceTS]

C:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cpqset]

C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe [2007-05-03 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

C:\Program Files\iTunes\iTunesHelper.exe [2010-07-21 141608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

C:\WINDOWS\system32\dumprep 0 -k []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar Search Scope Monitor]

C:\PROGRA~1\MYWEBS~1\bar\2.bin\m3SrchMn.exe /m=2 /w /h []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]

C:\PROGRA~1\MYWEBS~1\bar\2.bin\mwsoemon.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NPSStartup]

[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDF Complete]

C:\Program Files\PDF Complete\pdfsty.exe [2007-05-08 331552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PTHOSTTR]

C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl]

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-05-03 163840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe [2011-10-24 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]

C:\WINDOWS\Sminst\Recguard.exe [2005-12-21 1187840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Reminder]

C:\WINDOWS\Creator\Remind_XP.exe [2006-03-10 806912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Scheduler]

C:\WINDOWS\SMINST\Scheduler.exe [2006-10-09 697976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAX]

C:\Program Files\Analog Devices\SoundMAX\Smax4.exe [2006-07-13 729088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]

C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-01-05 872448]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2006-11-10 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-03-07 3905920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SVOHST]

svohst.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Synchronization Manager]

C:\WINDOWS\system32\mobsync.exe [2008-04-14 143360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-12 827392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WatchDog]

C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2007-05-23 192512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator.FEVERSHAM_COLL^Start Menu^Programs^Startup^CCC.lnk]

C:\PROGRA~1\ATITEC~1\ATI.ACE\CORE-S~1\CCC.exe [2007-07-17 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Administrator^Start Menu^Programs^Startup^CCC.lnk]

C:\PROGRA~1\ATITEC~1\ATI.ACE\CORE-S~1\CCC.exe [2007-07-17 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]

C:\PROGRA~1\Adobe\ACROBA~1.0\Reader\READER~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth.lnk]

C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-02-06 561213]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^DVD Check.lnk]

C:\PROGRA~1\INTERV~1\DVDCHE~1\DVDCheck.exe [2007-05-23 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]

C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2011-05-04 551296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]

C:\WINDOWS\system32\Ati2evxx.dll [2007-12-18 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-19 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-19 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\client32]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"DisableStatusMessages"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

"NoAddPrinter"=1

"NoDeletePrinter"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"

"C:\WINDOWS\SMINST\Scheduler.exe"="C:\WINDOWS\SMINST\Scheduler.exe:*:Enabled:Scheduler "

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service"

"C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsasvr.exe:*:Enabled:KTF MUSIC AoD Server"

"C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe"="C:\Program Files\Samsung\Samsung New PC Studio\npsvsvr.exe:*:Enabled:KTF MUSIC VoD Server"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Message Queuing"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\WINDOWS\system32\PCENT\PCClient.Exe"="C:\WINDOWS\system32\PCENT\PCClient.Exe:*:Enabled:PCE Client"

"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:MSN Messenger 7.0"

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"vidc.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"vidc.yvyu"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"VIDC.DIVX"=divx.dll

"VIDC.XVID"=xvidvfw.dll

"msacm.ac3acm"=ac3acm.acm

"VIDC.wmv3"=wmv9vcm.dll

"VIDC.FFDS"=ff_vfw.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.inf - install -

.scr - install -

.cpl - cplopen -

======List of files/folders created in the last 1 month======

2012-03-27 15:04:41 ----D---- C:\Program Files\trend micro

2012-03-27 15:04:40 ----D---- C:\rsit

2012-03-27 15:00:52 ----D---- C:\WINDOWS\ERDNT

2012-03-27 15:00:05 ----D---- C:\Program Files\ERUNT

2012-03-27 13:31:42 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

2012-03-27 11:18:49 ----A---- C:\WINDOWS\ntbtlog.txt

2012-03-27 10:44:20 ----A---- C:\WINDOWS\system32\rundll32.exe

2012-03-26 14:29:28 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys

2012-03-26 14:15:14 ----D---- C:\Documents and Settings\Administrator.FEVERSHAM_COLL\Application Data\Malwarebytes

2012-03-26 14:15:02 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2012-03-26 14:15:00 ----A---- C:\WINDOWS\system32\drivers\mbam.sys

2012-03-26 14:14:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2012-03-23 14:20:33 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys

2012-03-23 14:20:33 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys

2012-03-23 14:20:31 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys

2012-03-23 14:20:31 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys

2012-03-23 14:20:30 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys

2012-03-23 14:20:30 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys

2012-03-23 14:20:30 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys

2012-03-23 14:20:29 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys

2012-03-23 14:19:55 ----A---- C:\WINDOWS\avastSS.scr

2012-03-23 14:19:54 ----A---- C:\WINDOWS\system32\aswBoot.exe

2012-03-23 14:19:31 ----D---- C:\Program Files\AVAST Software

2012-03-23 14:19:31 ----D---- C:\Documents and Settings\All Users\Application Data\AVAST Software

2012-03-23 12:46:57 ----D---- C:\Documents and Settings\Administrator.FEVERSHAM_COLL\Application Data\Auslogics

2012-03-23 12:45:32 ----D---- C:\Program Files\Auslogics

2012-03-23 12:42:44 ----D---- C:\Program Files\SUPERAntiSpyware

2012-03-23 12:41:43 ----D---- C:\Documents and Settings\All Users\Application Data\TEMP

2012-03-23 12:41:39 ----D---- C:\Program Files\SpywareBlaster

2012-03-23 12:38:48 ----D---- C:\Program Files\Common Files\Java

2012-03-23 12:38:48 ----D---- C:\Documents and Settings\All Users\Application Data\Sun

2012-03-23 12:37:42 ----A---- C:\WINDOWS\system32\javaws.exe

2012-03-23 12:37:42 ----A---- C:\WINDOWS\system32\javaw.exe

2012-03-23 12:37:42 ----A---- C:\WINDOWS\system32\java.exe

2012-03-23 12:37:42 ----A---- C:\WINDOWS\system32\deployJava1.dll

2012-03-23 12:30:25 ----D---- C:\Program Files\Apple Software Update

2012-03-23 12:30:22 ----SHD---- C:\Config.Msi

2012-03-23 11:58:55 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

2012-03-23 11:58:55 ----D---- C:\Documents and Settings\Administrator.FEVERSHAM_COLL\Application Data\SUPERAntiSpyware.com

2012-03-23 11:57:33 ----D---- C:\ccleaner

2012-03-23 11:55:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2641653$

2012-03-23 11:48:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2621440$

2012-03-23 11:48:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2647518$

2012-03-23 10:59:08 ----D---- C:\Documents and Settings\Administrator.FEVERSHAM_COLL\Application Data\Apple Computer

======List of files/folders modified in the last 1 month======

2012-03-27 15:04:41 ----RD---- C:\Program Files

2012-03-27 15:00:52 ----D---- C:\WINDOWS

2012-03-27 14:57:44 ----D---- C:\WINDOWS\system32

2012-03-27 14:57:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2012-03-27 14:53:31 ----SHD---- C:\System Volume Information

2012-03-27 14:48:30 ----A---- C:\WINDOWS\SchedLgU.Txt

2012-03-27 14:48:29 ----D---- C:\WINDOWS\system32\CatRoot2

2012-03-27 14:03:51 ----D---- C:\WINDOWS\Prefetch

2012-03-27 14:00:37 ----D---- C:\WINDOWS\system32\Restore

2012-03-27 14:00:05 ----SD---- C:\WINDOWS\Tasks

2012-03-27 13:57:06 ----D---- C:\WINDOWS\Temp

2012-03-27 13:48:13 ----SH---- C:\boot.ini

2012-03-27 13:48:13 ----A---- C:\WINDOWS\win.ini

2012-03-27 13:48:13 ----A---- C:\WINDOWS\system.ini

2012-03-27 13:31:42 ----D---- C:\WINDOWS\system32\drivers

2012-03-27 11:54:19 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$

2012-03-27 11:05:50 ----SHD---- C:\WINDOWS\Installer

2012-03-27 10:49:03 ----D---- C:\WINDOWS\security

2012-03-27 10:47:16 ----D---- C:\WINDOWS\system32\inetsrv

2012-03-27 10:44:26 ----RSHD---- C:\WINDOWS\system32\dllcache

2012-03-27 10:18:09 ----SHD---- C:\WINDOWS\CSC

2012-03-26 15:42:27 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2012-03-26 14:16:10 ----SD---- C:\WINDOWS\Downloaded Program Files

2012-03-26 12:01:26 ----D---- C:\WINDOWS\Minidump

2012-03-23 15:42:07 ----D---- C:\WINDOWS\WinSxS

2012-03-23 13:15:03 ----D---- C:\WINDOWS\system32\config

2012-03-23 12:51:20 ----D---- C:\WINDOWS\system32\LogFiles

2012-03-23 12:38:48 ----D---- C:\Program Files\Common Files

2012-03-23 12:21:19 ----D---- C:\WINDOWS\system32\Adobe

2012-03-23 12:02:44 ----D---- C:\found.000

2012-03-23 12:00:31 ----D---- C:\WINDOWS\Debug

2012-03-23 11:55:50 ----HD---- C:\WINDOWS\inf

2012-03-23 11:55:27 ----HD---- C:\WINDOWS\$hf_mig$

2012-03-23 11:49:05 ----A---- C:\WINDOWS\system32\MRT.exe

2012-03-23 11:48:52 ----D---- C:\Program Files\Microsoft Office

2012-03-23 11:43:40 ----D---- C:\Program Files\Common Files\Symantec Shared

2012-03-23 11:42:16 ----D---- C:\Program Files\MSN Messenger

2012-03-23 11:38:41 ----D---- C:\WINDOWS\system32\CatRoot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Disk Filter Driver; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2006-07-24 17920]

R0 ohci1394;OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]

R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-02-23 25432]

R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]

R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]

R3 Accelerometer;Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2006-07-24 22016]

R3 b57w2k;Broadcom NetLink Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-27 160256]

R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2008-10-23 1391104]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]

R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 IFXTPM;IFXTPM; C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2006-09-19 36608]

R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2007-01-12 201856]

S1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-02-23 30680]

S1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-02 36864]

S1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-02-23 371544]

S1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-02-23 301528]

S1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-02-23 49240]

S1 eabfiltr;eabfiltr; C:\WINDOWS\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]

S1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []

S1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []

S2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-02-23 19544]

S2 aswMon2;aswMon2; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-02-23 102232]

S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\WINDOWS\system32\drivers\ADIHdAud.sys [2007-10-01 281600]

S3 AEAudio;AE Audio Service; C:\WINDOWS\system32\drivers\AEAudio.sys [2007-07-13 94976]

S3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2008-11-21 1204128]

S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

S3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2007-12-18 2849280]

S3 ATSWPDRV;(****DEBUG****) AuthenTec TruePrint USB Driver (SwipeSensor); C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys [2007-04-10 140808]

S3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2007-02-14 868298]

S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2007-02-14 67960]

S3 FsUsbExDisk;FsUsbExDisk; \??\C:\WINDOWS\system32\FsUsbExDisk.SYS []

S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

S3 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys []

S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []

S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]

S3 MQAC;Message Queuing access control; \??\C:\WINDOWS\system32\drivers\mqac.sys []

S3 Netaapl;Apple Mobile Device Ethernet Service; C:\WINDOWS\system32\DRIVERS\netaapl.sys [2010-04-19 18432]

S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]

S3 RMCAST;Reliable Multicast Protocol driver; \??\C:\WINDOWS\system32\drivers\RMCast.sys []

S3 SABProcEnum;SABProcEnum; \??\C:\Program Files\Internet Explorer\SABProcEnum.sys []

S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\WINDOWS\system32\DRIVERS\ss_bbus.sys [2009-03-20 90112]

S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys [2009-03-20 14976]

S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys [2009-03-20 121856]

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-04-19 41984]

S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-29 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-29 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2011-08-12 116608]

S2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2008-08-26 14336]

S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]

S2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2007-12-18 512000]

S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-02-23 42184]

S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]

S2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2007-02-06 266295]

S2 FsUsbExService;FsUsbExService; C:\WINDOWS\system32\FsUsbExService.Exe [2009-03-31 233472]

S2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]

S2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-04 112152]

S2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2012-03-23 153376]

S2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-04-19 75304]

S2 MSMQ;Message Queuing; C:\WINDOWS\system32\mqsvc.exe [2008-04-14 4608]

S2 MSMQTriggers;Message Queuing Triggers; C:\WINDOWS\system32\mqtgsvc.exe [2008-04-14 117248]

S2 PCA;PC Angel; C:\WINDOWS\SMINST\PCAngel.exe [2006-01-12 294912]

S2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2007-05-08 540448]

S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

S2 Symantec Core LC;Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2008-08-22 1251720]

S2 UPHClean;User Profile Hive Cleanup; C:\Program Files\UPHClean\uphclean.exe [2005-04-27 241725]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-07-21 540968]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]

S3 Smcinst;Symantec Auto-upgrade Agent; C:\Program Files\Symantec\Symantec Endpoint Protection\SmcLU\Setup\smcinst.exe []

S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe []

S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-19 913408]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.09 2012-03-27 15:05:08

======Uninstall list======

-->C:\Program Files\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly

-->C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu

-->MsiExec.exe /I{B61B6668-A674-4A06-8405-51944D5CCDDD}

-->MsiExec.exe /X{6815FCDD-401D-481E-BA88-31B4754C2B46}

ACDSee 3.1 (SR-1)-->MsiExec.exe /I{047882CA-975E-41FC-BE02-6D6396106C4E}

Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil11f_ActiveX.exe -maintain activex

Adobe Reader 8.1.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81000000003}

Adobe Shockwave Player 11.6-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe"

Advancing Physics AS+A2 Teacher Network Client-->MsiExec.exe /I{7272D78D-3178-4ACA-83A6-98C4EE8F983F}

Agere Systems HDA Modem-->C:\WINDOWS\agrsmdel

Apple Application Support-->MsiExec.exe /I{A83279FD-CA4B-4206-9535-90974DE76654}

Apple Mobile Device Support-->MsiExec.exe /I{85991ED2-010C-4930-96FA-52F43C2CE98A}

Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

Aslogics BoostSpeed-->"C:\Program Files\Auslogics\Auslogics BoostSpeed\unins000.exe"

avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup

Boardworks A2 Biology-->MsiExec.exe /X{5FFBB6DD-9A79-4B6E-98DA-2DA990ED8C05}

Boardworks AS Biology-->MsiExec.exe /X{1891F44C-A14B-4D41-B202-009C6CF544EC}

Boardworks AS Chemistry-->MsiExec.exe /X{615D761B-8957-468D-A9E8-A5ED6E5E8050}

Boardworks AS Physics-->MsiExec.exe /X{A8351E61-C85E-4D83-88C6-CC280FE7E1AA}

Boardworks GCSE Additional Science-->MsiExec.exe /X{0996C3E7-BCD0-4807-8F80-24B43C1E25FF}

Boardworks GCSE Science-->MsiExec.exe /X{5DBE48C5-5D6E-4EDC-AD88-B1DB6DD53F34}

Bonjour-->MsiExec.exe /X{0CB9668D-F979-4F31-B8B8-67FE90F929F8}

Catalyst Control Center - Branding-->MsiExec.exe /I{3F93B2BA-18EC-462B-9ACD-396599353EE1}

ccc-Branding-->MsiExec.exe /I{426C7CC1-5AC3-4758-A40C-6446F2CEA8C9}

Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}

ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"

e-Science-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\10\INTEL3~1\IDriver.exe /M{12149783-577C-4520-B582-4241A934A8E7}

Exampro AQA AS-A Chemistry-->C:\PROGRA~1\EXAMPR~1\UNWISE.EXE C:\PROGRA~1\EXAMPR~1\AA_CH.LOG

Exampro AQA AS-A Biology-->C:\PROGRA~1\EXAMPR~1\UNWISE.EXE C:\PROGRA~1\EXAMPR~1\AA_BIO.LOG

Exampro AQA AS-A Physics A-->C:\PROGRA~1\EXAMPR~1\UNWISE.EXE C:\PROGRA~1\EXAMPR~1\AA_PA.LOG

Exampro AQA GCSE Biology-->C:\PROGRA~1\EXAMPR~1\UNWISE.EXE C:\PROGRA~1\EXAMPR~1\AG_BIO.LOG

Exampro AQA GCSE Chemistry-->C:\PROGRA~1\EXAMPR~1\UNWISE.EXE C:\PROGRA~1\EXAMPR~1\AG_CHEM.LOG

Exampro AQA GCSE Physics-->C:\PROGRA~1\EXAMPR~1\UNWISE.EXE C:\PROGRA~1\EXAMPR~1\AG_PHYS.LOG

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2158563)-->"C:\WINDOWS\$NtUninstallKB2158563$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2443685)-->"C:\WINDOWS\$NtUninstallKB2443685$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2570791)-->"C:\WINDOWS\$NtUninstallKB2570791$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB2633952)-->"C:\WINDOWS\$NtUninstallKB2633952$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"

HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}

HP Integrated Module with Bluetooth wireless technology-->MsiExec.exe /X{84814E6B-2581-46EC-926A-823BD1C670F6}

HP Quick Launch Buttons 6.20 F2-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 -removeonly uninst

HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}

HP User Guide Bluetooth Addendum 0062-->MsiExec.exe /I{7FD8231E-3991-48D7-A2C8-2C42A7075FB1}

HP User Guides 0064-->MsiExec.exe /I{E25AA53F-6878-4C64-8130-EB8D678DF303}

HP Wireless Assistant-->MsiExec.exe /I{D32067CD-7409-4792-BFA0-1469BCD8F0C8}

InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL

iTunes-->MsiExec.exe /I{91F7F3F3-CE80-48C3-8327-7D24A0A5716A}

Java 6 Update 31-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216031FF}

K-Lite Mega Codec Pack 1.61-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

Malwarebytes Anti-Malware version 1.60.1.1000-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft .NET Framework 1.1 Security Update (KB2656353)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M2656353\M2656353Uninstall.msp"

Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"

Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9-->"C:\WINDOWS\$NtUninstallWdf01009$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}

Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

Microsoft Works 6-9 Converter-->MsiExec.exe /X{172423F9-522A-483A-AD65-03600CE4CA4F}

MSN Messenger 7.0-->MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600820}

MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

MSXML 6.0 Parser (KB927977)-->MsiExec.exe /I{5A710547-B58E-488B-828D-CA9A25A0533C}

Multimedia Science School 16-18 Edition-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E8EF88C7-0D9E-4AC2-8A07-90452DAF8B6D}

Multimedia Science School-->MsiExec.exe /X{B96C6380-4CF7-445F-8169-A82D39DE2CD8}

OGA Notifier 2.0.0048.0-->MsiExec.exe /I{B2544A03-10D0-4E5E-BA69-0362FFC20D18}

PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}

PDF Complete-->C:\Program Files\PDF Complete\pdfiutil.exe /UGUI

QuickTime-->MsiExec.exe /I{7BE15435-2D3E-4B58-867F-9C75BED0208C}

Ranger Outpost Remote Client-->C:\Program Files\Ranger Outpost Client\Setup\Rgrbatch.exe

SAMSUNG Mobile Composite Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6_old\SSBCUninstall.exe

Samsung Mobile Modem Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\7\SSECUninstall.exe

SAMSUNG Mobile Modem Driver Set-->C:\WINDOWS\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe

Samsung Mobile phone USB driver Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe

SAMSUNG Mobile USB Modem 1.0 Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe

SAMSUNG Mobile USB Modem Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe

Samsung New PC Studio-->"C:\Program Files\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -runfromtemp -l0x0809 -removeonly

Samsung New PC Studio-->MsiExec.exe /X{F193FC0E-9E18-40FC-A974-509A1BDD240A}

SAMSUNG USB Mobile Device Software-->C:\WINDOWS\system32\Samsung_USB_Drivers\6\SS_BUninstall.exe

SamsungConnectivityCableDriver-->MsiExec.exe /X{7E84FAC8-C518-40F9-9807-7455301D6D25}

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""

Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"

Security Update for Step By Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2183461)-->"C:\WINDOWS\ie7updates\KB2183461-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2360131)-->"C:\WINDOWS\ie7updates\KB2360131-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2416400)-->"C:\WINDOWS\ie7updates\KB2416400-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2482017)-->"C:\WINDOWS\ie7updates\KB2482017-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2530548)-->"C:\WINDOWS\ie7updates\KB2530548-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2544521)-->"C:\WINDOWS\ie7updates\KB2544521-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2559049)-->"C:\WINDOWS\ie7updates\KB2559049-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2618444)-->"C:\WINDOWS\ie7updates\KB2618444-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB2647516)-->"C:\WINDOWS\ie7updates\KB2647516-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB982381)-->"C:\WINDOWS\ie7updates\KB982381-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2618444)-->"C:\WINDOWS\ie8updates\KB2618444-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2647516)-->"C:\WINDOWS\ie8updates\KB2647516-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"

Security Update for Windows Media Player 9 (KB911565)-->"C:\WINDOWS\$NtUninstallKB911565$\spuninst\spuninst.exe"

Security Update for Windows Media Player 9 (KB917734)-->"C:\WINDOWS\$NtUninstallKB917734_WMP9$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2121546)-->"C:\WINDOWS\$NtUninstallKB2121546$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2259922)-->"C:\WINDOWS\$NtUninstallKB2259922$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2279986)-->"C:\WINDOWS\$NtUninstallKB2279986$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296199)-->"C:\WINDOWS\$NtUninstallKB2296199$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2412687)-->"C:\WINDOWS\$NtUninstallKB2412687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2436673)-->"C:\WINDOWS\$NtUninstallKB2436673$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476687)-->"C:\WINDOWS\$NtUninstallKB2476687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2479628)-->"C:\WINDOWS\$NtUninstallKB2479628$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485376)-->"C:\WINDOWS\$NtUninstallKB2485376$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2503658)-->"C:\WINDOWS\$NtUninstallKB2503658$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2503665)-->"C:\WINDOWS\$NtUninstallKB2503665$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507618)-->"C:\WINDOWS\$NtUninstallKB2507618$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508272)-->"C:\WINDOWS\$NtUninstallKB2508272$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2510581)-->"C:\WINDOWS\$NtUninstallKB2510581$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2511455)-->"C:\WINDOWS\$NtUninstallKB2511455$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2524375)-->"C:\WINDOWS\$NtUninstallKB2524375$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276)-->"C:\WINDOWS\$NtUninstallKB2536276$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893)-->"C:\WINDOWS\$NtUninstallKB2544893$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2555917)-->"C:\WINDOWS\$NtUninstallKB2555917$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2562937)-->"C:\WINDOWS\$NtUninstallKB2562937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2567680)-->"C:\WINDOWS\$NtUninstallKB2567680$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570222)-->"C:\WINDOWS\$NtUninstallKB2570222$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2621440)-->"C:\WINDOWS\$NtUninstallKB2621440$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2633171)-->"C:\WINDOWS\$NtUninstallKB2633171$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2639417)-->"C:\WINDOWS\$NtUninstallKB2639417$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2641653)-->"C:\WINDOWS\$NtUninstallKB2641653$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2647518)-->"C:\WINDOWS\$NtUninstallKB2647518$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2660465)-->"C:\WINDOWS\$NtUninstallKB2660465$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe"

Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"

Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"

Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"

Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"

Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981957)-->"C:\WINDOWS\$NtUninstallKB981957$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982802)-->"C:\WINDOWS\$NtUninstallKB982802$\spuninst\spuninst.exe"

Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}

SpywareBlaster 4.6-->"C:\Program Files\SpywareBlaster\unins000.exe"

SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe"

swMSM-->MsiExec.exe /I{612C34C7-5E90-47D8-9B5C-0F717DD82726}

Testbase Key Stage 3 Science-->C:\PROGRA~1\TESTBA~1\UNWISE.EXE C:\PROGRA~1\TESTBA~1\K3_SCI.LOG

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe"

Update for Windows Internet Explorer 7 (KB980182)-->"C:\WINDOWS\ie7updates\KB980182-IE7\spuninst\spuninst.exe"

Update for Windows Internet Explorer 8 (KB2598845)-->"C:\WINDOWS\ie8updates\KB2598845-IE8\spuninst\spuninst.exe"

Update for Windows XP (KB2141007)-->"C:\WINDOWS\$NtUninstallKB2141007$\spuninst\spuninst.exe"

Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"

Update for Windows XP (KB2467659)-->"C:\WINDOWS\$NtUninstallKB2467659$\spuninst\spuninst.exe"

Update for Windows XP (KB2541763)-->"C:\WINDOWS\$NtUninstallKB2541763$\spuninst\spuninst.exe"

Update for Windows XP (KB2616676)-->"C:\WINDOWS\$NtUninstallKB2616676$\spuninst\spuninst.exe"

Update for Windows XP (KB2616676-v2)-->"C:\WINDOWS\$NtUninstallKB2616676-v2$\spuninst\spuninst.exe"

Update for Windows XP (KB2641690)-->"C:\WINDOWS\$NtUninstallKB2641690$\spuninst\spuninst.exe"

Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"

Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"

Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"

Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"

Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"

Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"

Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"

Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"

User Profile Hive Cleanup Service-->MsiExec.exe /I{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}

Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u C:\WINDOWS\system32\DRVSTORE\amdk8_C074F64CC74B03BC354BB5DC973CCF768D5A7194\amdk8.inf

Windows Driver Package - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpacm_18A9B92ED8DEDC602E49E767FA4BE98A30525207\shpacm.inf

Windows Driver Package - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0)-->C:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /u C:\WINDOWS\system32\DRVSTORE\shpusb_558D416BCEB984F35885804D3E1A9C3773F1B17C\shpusb.inf

Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf

Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe"

Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}

Windows Live Sign-in Assistant-->MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00}

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Security center information======

AV: avast! Antivirus

======System event log======

Computer Name: FEVSW05

Event Code: 51

Message: An error was detected on device \Device\CdRom0 during a paging operation.

Record Number: 48042

Source Name: Cdrom

Time Written: 20120122160048.000000+000

Event Type: warning

User:

Computer Name: FEVSW05

Event Code: 51

Message: An error was detected on device \Device\CdRom0 during a paging operation.

Record Number: 48041

Source Name: Cdrom

Time Written: 20120122160048.000000+000

Event Type: warning

User:

Computer Name: FEVSW05

Event Code: 51

Message: An error was detected on device \Device\CdRom0 during a paging operation.

Record Number: 48040

Source Name: Cdrom

Time Written: 20120122160048.000000+000

Event Type: warning

User:

Computer Name: FEVSW05

Event Code: 51

Message: An error was detected on device \Device\CdRom0 during a paging operation.

Record Number: 48039

Source Name: Cdrom

Time Written: 20120122160048.000000+000

Event Type: warning

User:

Computer Name: FEVSW05

Event Code: 51

Message: An error was detected on device \Device\CdRom0 during a paging operation.

Record Number: 48038

Source Name: Cdrom

Time Written: 20120122160048.000000+000

Event Type: warning

User:

=====Application event log=====

Computer Name: FEVSW05

Event Code: 51

Message:

Record Number: 52456

Source Name: Symantec AntiVirus

Time Written: 20120308001733.000000+000

Event Type: error

User:

Computer Name: FEVSW05

Event Code: 51

Message:

Record Number: 52455

Source Name: Symantec AntiVirus

Time Written: 20120308001728.000000+000

Event Type: error

User:

Computer Name: FEVSW05

Event Code: 51

Message:

Record Number: 52454

Source Name: Symantec AntiVirus

Time Written: 20120308001723.000000+000

Event Type: error

User:

Computer Name: FEVSW05

Event Code: 51

Message:

Record Number: 52453

Source Name: Symantec AntiVirus

Time Written: 20120308001718.000000+000

Event Type: error

User:

Computer Name: FEVSW05

Event Code: 51

Message:

Record Number: 52452

Source Name: Symantec AntiVirus

Time Written: 20120308001714.000000+000

Event Type: error

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\K-Lite Codec Pack\QuickTime\QTSystem\

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 104 Stepping 1, AuthenticAMD

"PROCESSOR_REVISION"=6801

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"asl.log"=Destination=file;OnFirstLog=command,environment,parent

"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip

"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

"SAFEBOOT_OPTION"=NETWORK

-----------------EOF-----------------

Results of screen317's Security Check version 0.99.32

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!

Windows Firewall Enabled!

avast! Free Antivirus

Ranger Outpost Remote Client

Exampro AQA AS-A Biology

Exampro AQA GCSE Biology

Boardworks AS Biology

Boardworks A2 Biology

Antivirus up to date!

```````````````````````````````

Anti-malware/Other Utilities Check:

SpywareBlaster 4.6

SUPERAntiSpyware

Java 6 Update 31

Adobe Reader 8 Adobe Reader out of date!

````````````````````````````````

Process Check:

objlist.exe by Laurent

``````````End of Log````````````

[chcjcamo]

QuickScan 32-bit v0.9.9.113

---------------------------

Scan date: Tue Mar 27 15:09:45 2012

Machine ID: 20285DCA

No infection found.

-------------------

Processes

---------

Core Service 264 C:\Program Files\SUPERAntiSpyware\SASCore.exe

(verified) Microsoft® Windows® Operating System 1408 C:\WINDOWS\explorer.exe

(verified) Microsoft® Windows® Operating System 772 C:\WINDOWS\system32\csrss.exe

(verified) Microsoft® Windows® Operating System 644 C:\WINDOWS\system32\ctfmon.exe

(verified) Microsoft® Windows® Operating System 852 C:\WINDOWS\system32\lsass.exe

(verified) Microsoft® Windows® Operating System 840 C:\WINDOWS\system32\services.exe

(verified) Microsoft® Windows® Operating System 716 C:\WINDOWS\system32\smss.exe

(verified) Microsoft® Windows® Operating System 1008 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1092 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1324 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1336 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 1448 C:\WINDOWS\system32\svchost.exe

(verified) Microsoft® Windows® Operating System 796 C:\WINDOWS\system32\winlogon.exe

(verified) Windows® Internet Explorer 696 C:\Program Files\Internet Explorer\iexplore.exe

(verified) Windows® Internet Explorer 1476 C:\Program Files\Internet Explorer\iexplore.exe

Network activity

----------------

Process iexplore.exe (1476) connected on port 80 (HTTP) --> 173.194.41.169

Process iexplore.exe (1476) connected on port 80 (HTTP) --> 2.18.191.139

Process iexplore.exe (1476) connected on port 80 (HTTP) --> 23.65.22.8

Process iexplore.exe (1476) connected on port 80 (HTTP) --> 199.7.54.190

Process iexplore.exe (1476) connected on port 80 (HTTP) --> 199.7.59.190

Process iexplore.exe (1476) connected on port 80 (HTTP) --> 66.235.142.2

Process svchost.exe (1008) listens on ports: 3389 (Terminal Server)

Process svchost.exe (1092) listens on ports: 135 (RPC)

Autoruns and critical files

---------------------------

ATI External Event Utility for Windows C:\WINDOWS\system32\Ati2evxx.dll

avast! Antivirus C:\Program Files\AVAST Software\Avast\avastUI.exe

Microsoft Synchronization Manager C:\WINDOWS\system32\mobsync.exe

Microsoft® Windows® Operating System C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\cleanmgr.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\CRYPT32.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\cryptnet.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\CSCDLL.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\dimsntfy.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\dumprep.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\regsvr32.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\SHELL32.dll

Microsoft® Windows® Operating System c:\windows\system32\userinit.exe

Microsoft® Windows® Operating System C:\WINDOWS\system32\WlNotify.dll

Policy Central Enterprise C:\WINDOWS\system32\PCENT\PCClient.exe

SuperAntiSpyware C:\Program Files\SUPERAntiSpyware\SASSEH.DLL

SUPERAntiSpyware WinLogon Processor C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

Windows Disk Defragmenter C:\WINDOWS\system32\defrag.exe

XSS ShellvRTF E:\info.exe

(verified) Microsoft Genuine Advantage C:\WINDOWS\system32\WgaLogon.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\BROWSEUI.dll

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\ctfmon.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\logonui.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\system32\sclgntfy.dll

(verified) Microsoft® Windows® Operating System c:\windows\system32\stobject.dll

(verified) Microsoft® Windows® Operating System c:\windows\system32\wpdshserviceobj.dll

(verified) Windows® Internet Explorer C:\WINDOWS\system32\msfeedssync.exe

(verified) Windows® Internet Explorer c:\windows\system32\webcheck.dll

Browser plugins

---------------

AcroIEHelper Library c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll

Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll

avast! WebRep c:\program files\avast software\avast\aswwebrepie.dll

Bitdefender QuickScan C:\WINDOWS\Downloaded Program Files\qsax.dll

Bonjour C:\Program Files\Bonjour\mdnsNSP.dll

InstallShield Update Service C:\WINDOWS\Downloaded Program Files\isusweb.dll

Java Platform SE 6 U31 c:\program files\java\jre6\bin\jp2ssv.dll

Java Platform SE 6 U31 C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

Java Platform SE 6 U31 c:\program files\java\jre6\bin\ssv.dll

Java Platform SE 6 U31 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

Messenger C:\Program Files\Messenger\msmsgs.exe

Microsoft® Windows® Operating System C:\WINDOWS\System32\mswsock.dll

Microsoft® Windows® Operating System C:\WINDOWS\system32\rsvpsp.dll

Microsoft® Windows® Operating System C:\WINDOWS\System32\winrnr.dll

npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

Process Scanner C:\WINDOWS\Downloaded Program Files\sabspx.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll

QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll

RealPlayer Version Plugin C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

RealPlayer G2 LiveConnect-Enabled P C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

Shockwave for Director C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

Silverlight Plug-In c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

Windows Presentation Foundation c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

Windows® Internet Explorer C:\WINDOWS\system32\IEFRAME.dll

(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.dll

(verified) InstallShield Update Service C:\WINDOWS\Downloaded Program Files\dwusplay.exe

(verified) Microsoft® Windows® Operating System C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

Missing files

-------------

File not found: C:\WINDOWS\c32cs2.exe

--> HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\"CS32"

File not found: c:\windows\system32\fev.scr

--> HKCU\Control Panel\Desktop\"SCRNSAVE.EXE"

Scan

----

MD5: db64bcd0d4f6820793066a8b24c2dc98 C:\Program Files\AVAST Software\Avast\AhAScr.dll

MD5: 713590d7d3630f780560ca510f669b90 c:\program files\avast software\avast\aswwebrepie.dll

MD5: 2695e3e9497bf72abb44b5010ec5da16 C:\Program Files\AVAST Software\Avast\AvastSvc.exe

MD5: 2e9a1a6555c20424fc6dcc3af21f4d68 C:\Program Files\AVAST Software\Avast\avastUI.exe

MD5: c11f6a1f61481e24be3fdc06ea6f7d2a c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll

MD5: 213822072085b5bbad9af30ab577d817 C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

MD5: 31d8b705dcd5f2366186e731f87c7a71 C:\Program Files\Common Files\LightScribe\LSSrvc.exe

MD5: 04c1dcbb226c6ae647b794833ce3ceb6 C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

MD5: 630a79b805ce654edb42d27ed0269a0e C:\Program Files\Internet Explorer\ieproxy.dll

MD5: 04af8bc83a89d9b71f7e0bcaf9fdd768 C:\Program Files\Internet Explorer\plugins\nppdf32.dll

MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll

MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll

MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll

MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll

MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll

MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll

MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll

MD5: d99e62c440b4a0463baa47b1256ff0a7 C:\Program Files\Internet Explorer\xpshims.dll

MD5: a9770771b622a871643ea2a4a3983e95 c:\program files\java\jre6\bin\jp2ssv.dll

MD5: 0a5709543986843d37a92290b7838340 C:\Program Files\Java\jre6\bin\jqs.exe

MD5: 34e3709244736b8976820f730e5a8815 C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

MD5: 8e6c86726b67d3faa3144849b9aac06c c:\program files\java\jre6\bin\ssv.dll

MD5: 59b9f6abac6cbbc356e092c556ff8ea5 c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

MD5: f0b8c822a200250edf60049f07e4cc41 C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll

MD5: 30257426f6da31808c6698ec01de2d97 C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll

MD5: 9c9d3b7a05445b1ab2df4d0c4d6b77e8 C:\Program Files\LSI SoftModem\agrsmsvc.exe

MD5: 3e930c641079443d4de036167a69caa2 C:\Program Files\Messenger\msmsgs.exe

MD5: ed327201724ea05d509b7939abe49e98 c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll

MD5: 9d38320bb32230349379df5ddbbf7fce C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

MD5: b6d347c26f861ddd4ad4863f5a1596b9 C:\Program Files\PDF Complete\pdfsvc.exe

MD5: c0393eb99a6c72c6bef9bfc4a72b33a6 C:\Program Files\SUPERAntiSpyware\SASCore.exe

MD5: 39763504067962108505bff25f024345 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

MD5: 77b9fc20084b48408ad3e87570eb4a85 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

MD5: 2975c66459c426c20bc22d639df6b611 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL

MD5: 2ab3a3c80c935bc6c86f3880f8f34bcc C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

MD5: 3f9a3232e5f942874488981f3242c989 C:\Program Files\UPHClean\uphclean.exe

MD5: 0ece2b1910527ae85691151d56621891 C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

MD5: 94a85e956a065e23e0010a6a7826243b C:\Program Files\Windows Live\installer\WLSetupSvc.exe

MD5: 310c15fd8358b2c4cd7a5b98a112883f C:\WINDOWS\AppPatch\AcGenral.DLL

MD5: 5002991ada7920b35e46e7ea80c134fe C:\WINDOWS\Downloaded Program Files\isusweb.dll

MD5: ebc89d1526dc72917d4421551656c54e C:\WINDOWS\Downloaded Program Files\qsax.dll

MD5: 37823fcaffb40d7a3b3724a9b8250d6d C:\WINDOWS\Downloaded Program Files\sabspx.dll

MD5: ab87eeffd18f2baafc274e7075ea6c67 c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

MD5: a81135541c9d4ebce43efa8ad31395b4 C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe

MD5: 5eeb45f500e3e97153cb75723f8ca185 C:\WINDOWS\SMINST\PCAngel.exe

MD5: 4676a8e1ee37e71486717ecd1e61c17b C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

MD5: 30a0daaff1d5ef3c16b7c47d5a128fa5 C:\WINDOWS\system32\Ati2evxx.dll

MD5: 8afb4aff8837254e6d14338b1b11e690 C:\WINDOWS\system32\Ati2evxx.exe

MD5: 2c4e4027e418eb4f0ed1e3793a4834df C:\WINDOWS\system32\cleanmgr.exe

MD5: 93afb83fbc1f9443cac722fca63d73bf C:\WINDOWS\system32\comctl32.dll

MD5: 8fcf03e4d7be9b5587ccf11719959006 C:\WINDOWS\system32\corpol.dll

MD5: a90e118f12d355f9946dfb30a8f94609 C:\WINDOWS\system32\CRYPT32.dll

MD5: c14350fc0d47d806699c4f907fc6785b C:\WINDOWS\system32\cryptnet.dll

MD5: 515a7fae2070c2b0242b2353443e2f11 C:\WINDOWS\System32\CSCDLL.dll

MD5: dd40363abad230a84c5e2178b11efa88 C:\WINDOWS\system32\CSRSRV.dll

MD5: 0607cbc6fa20114cb491efe4b2f9efad C:\WINDOWS\system32\d3d9.dll

MD5: 56adb11f7d4d0816c0be1e701c1b5e52 C:\WINDOWS\system32\D3DIM700.DLL

MD5: 29d41e4ed94b2048f96583d18bc1950f C:\WINDOWS\system32\defrag.exe

MD5: e2092f0a1d7abc243f9c2362483d150d C:\WINDOWS\System32\dimsntfy.dll

MD5: 389496118b3b03c2328024af320132ac C:\WINDOWS\system32\DNSAPI.dll

MD5: 5f7e24fa9eab896051ffb87f840730d2 c:\windows\system32\dnsrslvr.dll

MD5: 558a0039f0ef634397e1f61055504478 C:\WINDOWS\system32\DRIVERS\Accelerometer.sys

MD5: 7356eff52ad50b8946d346002118ce62 C:\WINDOWS\system32\drivers\ADIHdAud.sys

MD5: fff87a9b1ab36ee4b7bec98a4cb01b79 C:\WINDOWS\system32\drivers\AEAudio.sys

MD5: 1e44bc1e83d8fd2305f8d452db109cf9 C:\WINDOWS\System32\drivers\afd.sys

MD5: 3712986cc3abf0dc656b43525b9d1279 C:\WINDOWS\system32\DRIVERS\AGRSM.sys

MD5: efbb0956baed786e137351b5ca272aef C:\WINDOWS\system32\DRIVERS\AmdK8.sys

MD5: d0c00ee032994b698b47837a3561717a C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

MD5: 293e8cc3c246a89f4cca75b024ad757f C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys

MD5: 74a65415dfaad20f06e7550fa9b6e012 C:\WINDOWS\system32\DRIVERS\b57xp32.sys

MD5: 37f385a93c620cbe0f89c17e45f697a1 C:\WINDOWS\system32\DRIVERS\bcmwl5.sys

MD5: ba57f31eab93dc597d772f6f5b9ed54f C:\WINDOWS\system32\DRIVERS\btkrnl.sys

MD5: 57e91e9925976bbc98984eebaaf1d84c C:\WINDOWS\System32\Drivers\btwusb.sys

MD5: de15777902a5d9121857d155873a1d1b C:\WINDOWS\system32\DRIVERS\cpqbttn.sys

MD5: e88b0cfcecf745211bba87f44f85d0dd C:\WINDOWS\system32\DRIVERS\eabfiltr.sys

MD5: 5953c0952e4dd2b25b9adef05ab0285c C:\WINDOWS\system32\DRIVERS\hpdskflt.sys

MD5: f67554da27d5b55efcb6c7cb4818fbfd C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS

MD5: 7ffd29fafcde7aaf89b689b6e156d5b0 C:\WINDOWS\system32\drivers\mbamchameleon.sys

MD5: 0db7527db188c7d967a37bb51bbf3963 C:\WINDOWS\system32\drivers\mbamswissarmy.sys

MD5: 70c14f5cca5cf73f8a645c73a01d8726 C:\WINDOWS\system32\drivers\mqac.sys

MD5: 7d304a5eb4344ebeeab53a2fe3ffb9f0 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

MD5: 0109c4f3850dfbab279542515386ae22 C:\WINDOWS\system32\DRIVERS\ndistapi.sys

MD5: 7afd0e39ab15cb355487b7cc19f4e2c5 C:\WINDOWS\system32\DRIVERS\netaapl.sys

MD5: 175cc28dcf819f78caa3fbd44ad9e52a C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

MD5: 96f7a9a7bf0c9c0440a967440065d33c C:\WINDOWS\system32\drivers\RMCast.sys

MD5: 47ddfc2f003f7f9f0592c6874962a2e7 C:\WINDOWS\system32\DRIVERS\srv.sys

MD5: 5876072999220ef2fba1ddec86d2b97e C:\WINDOWS\system32\DRIVERS\SynTP.sys

MD5: 8e16bf5600797e678ea97051cf93e6bf C:\WINDOWS\system32\dumprep.exe

MD5: 578ebb9ef96529b9aa398c2c646cb385 C:\WINDOWS\system32\duvdlmu.dll

MD5: f5b754cdea20bbb3a31e16a776ede6d6 c:\windows\system32\ESENT.dll

MD5: 790a4ca68f44be35967b3df61f3e4675 C:\WINDOWS\system32\FsUsbExDisk.SYS

MD5: d3f9205cc4cb07553f2f9472c767ea87 C:\WINDOWS\system32\FsUsbExService.Exe

MD5: 3cecda26586ca4db9be51241a6db7c3c C:\WINDOWS\system32\HPZipm12.dll

MD5: 2c849ef63c0086287e427bf65fc64d09 C:\WINDOWS\system32\IEFRAME.dll

MD5: b43140c2edc49c4b7c140f1f4e3f6877 C:\WINDOWS\system32\iepeers.dll

MD5: e236ecb439a9e824fab18c49d6526136 C:\WINDOWS\system32\iertutil.dll

MD5: 0689622e6484934eb6e5f4d3a96311f9 C:\WINDOWS\system32\jscript.dll

MD5: a525c96c51d55111fdf3bea9ffffc7ae C:\WINDOWS\system32\kerberos.dll

MD5: 20fa028cb6506591a99c51432a3c0174 C:\WINDOWS\system32\LangWrbk.dll

MD5: bd31dc6dbe9333c4fbd4bdf0899f2160 C:\WINDOWS\system32\LSASRV.dll

MD5: d2938c8085cb65a7c0c3448e673e8c39 C:\WINDOWS\system32\Macromed\Flash\Flash11f.ocx

MD5: 95786e866a54c7782e60855d2bae5410 C:\WINDOWS\system32\mobsync.exe

MD5: afb909b537aae1beae7bbdb6a36d40b0 C:\WINDOWS\system32\mqsvc.exe

MD5: 7f955ff3b1bb93376ebe75d5accdc6db C:\WINDOWS\system32\mqtgsvc.exe

MD5: a9259cd226283cd4f798c00909754a94 C:\WINDOWS\system32\mshtml.dll

MD5: d3f72d50de53f9f1f55240115af4d42e C:\WINDOWS\system32\msi.dll

MD5: 943337d786a56729263071623bbb9de5 C:\WINDOWS\System32\mswsock.dll

MD5: 062f837c1fbdb6a0a75f82efc2ee8e74 c:\windows\system32\netshell.dll

MD5: f8f0d25ca553e39dde485d8fc7fcce89 C:\WINDOWS\system32\ntdll.dll

MD5: 40b0f98bad16ad5def894e88c3ef8014 C:\WINDOWS\system32\ODBC32.dll

MD5: 6bad1bed9872e62049e487fb91ae2f3a C:\WINDOWS\system32\ole32.dll

MD5: 20200ee3cfe10e9f0c028d8653be11c6 C:\WINDOWS\system32\oleacc.dll

MD5: 1b2be5777f69a71778f52ffee1c798d6 C:\WINDOWS\system32\OLEAUT32.dll

MD5: a3a6ffc8673c6f75738a7f1a630b69f9 C:\WINDOWS\system32\PCENT\PCClient.exe

MD5: c7c84df7233f4834cd190f3dccaf50ca C:\WINDOWS\system32\rdpwsx.dll

MD5: fbdb9d0935b9907b809b381fddf1627f C:\WINDOWS\system32\regsvr32.exe

MD5: d4502f124289a31976130cccb014c9aa C:\WINDOWS\system32\RPCRT4.dll

MD5: 72451fd61ddbb0a1fb071b7c3cde5594 C:\WINDOWS\system32\rsvpsp.dll

MD5: a645a78fcdabad67067324d7e6cd9f79 C:\WINDOWS\system32\schannel.dll

MD5: 26cb10fa893f940ab09713ff46dcdade C:\WINDOWS\system32\SHDOCVW.dll

MD5: e86423aa9aa8c382af02b94a058dc2aa C:\WINDOWS\system32\SHELL32.dll

MD5: 99bc0b50f511924348be19c7c7313bbf C:\WINDOWS\system32\SHSVCS.dll

MD5: 60784f891563fb1b767f70117fc2428f C:\WINDOWS\system32\spoolsv.exe

MD5: 3a7c3cbe5d96b8ae96ce81f0b22fb527 c:\windows\system32\srvsvc.dll

MD5: 407bc2813b30bc2f8a341d5091828caa C:\WINDOWS\system32\urlmon.dll

MD5: a93aee1928a9d7ce3e16d24ec7380f89 c:\windows\system32\userinit.exe

MD5: 9e03dc5ab51cfd0190541ce2038d819d C:\WINDOWS\system32\USP10.dll

MD5: 684559a03cbc1d05ba120a18b0d8ba5d C:\WINDOWS\system32\WINHTTP.dll

MD5: f362d50fbdc6e34918df41bde1770e5c C:\WINDOWS\system32\WININET.dll

MD5: 4a953f13942867ba8fb41f141ec1b80c C:\WINDOWS\system32\WINMM.dll

MD5: d72b9ec3337b247a666f098f3d6b43de C:\WINDOWS\System32\winrnr.dll

MD5: 8c7dca4b158bf16894120786a7a5f366 C:\WINDOWS\system32\winsrv.dll

MD5: 2cc34e8bb667eef78899546e12649196 C:\WINDOWS\system32\WlNotify.dll

MD5: 16403217ab6fc5c30c14c6b12098ad4b C:\WINDOWS\system32\xpsp2res.dll

MD5: 736b12b725aeb2b07f0241a9f680cb10 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

MD5: 33d9b7bb7ba323bafe489df033dac824 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\gdiplus.dll

MD5: 6c487182578d1253831725a7cdc606c3 E:\info.exe

The following file(s) must be uploaded for server-side scanning:

C:\WINDOWS\system32\PCENT\PCClient.exe

Upload started - 1 file(s)

PCClient.exe (1015877)

Upload speed - 110 KB/s

Upload finished - 1 uploaded, 0 failed

The uploaded file(s) were found clean.

Scan finished - communication took 9 sec

Total traffic - 0.97 MB sent, 0.57 KB recvd

Scanned 491 files and modules - 31 seconds

==============================================================================

RogueKiller V7.3.2 [03/20/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Safe mode with network support

User: administrator [Admin rights]

Mode: Scan -- Date: 03/27/2012 15:13:23

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 4 ¤¤¤

[sUSP PATH] HKLM\[...]\RunServices : CS32 (C:\WINDOWS\c32cs2.exe) -> FOUND

[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (proxy.bradfordlearning.net:3128) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowRecentDocs (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [NOT LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST9120822AS +++++

--- User ---

[MBR] cd4bd12b28bbbf5081eca143a377821c

[bSP] 544f5a2395c1665ae5377f8043cc4c3d : HP tatooed MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 104218 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 213439590 | Size: 10252 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

[Maurice Naggar]

Step 1

Download aswMBR.exe ( 511KB ) to your desktop.

Double click on aswMBR.exe to start.

change the a-v scan to None.

uncheck trace disk IO calls

Click the "Scan" button to start scan

On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next reply

Step 2

Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
  
• Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
  If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
  
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  

Step 3

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

If you have a prior copy of Combofix, delete it now !

Have infinite patience during the run & scan by Combofix. It has many phases: some 50+ stages

It will display it's "stage" within the Command prompt window. Do NOT panic if it seems slow to change ! It has lots of work.

You may notice the desktop icons disappear. Do NOT panic, as that is expected behavior.

Combofix my take as little as 10 minutes and perhaps as much as 30-40 minutes. Time taken will depend on speed of your system and how much there is to scan & how much it needs to clean.

If this is on a notebook system, make sure first the notebook is connected to wall-power (AC power)

Download Combofix from any of the links below. You must rename it before saving it. Save it to your Desktop.

Link 1

Link 2

* IMPORTANT !!! SAVE AS Combo-Fix.exe to your Desktop

If your I.E. browser shows a warning message at the top, do a Right-Click on the bar and select Download, saving it to the Desktop.

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  
• Double click on Combo-Fix.exe & follow the prompts.
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

Please watch Combofix as it runs, as you may see messages which require your response, or the pressing of OK button.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

-------------------------------------------------------

A caution - Do not run Combofix more than once.

Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.

The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled.

If this occurs, please reboot to restore the desktop.

RE-Enable your AntiVirus and AntiSpyware applications.

Step 4

Copy & Paste the contents of aswMBR log

TDSSKILLER log

C:\Combofix.txt

and tell me, How is the system now ? :excl

There will be more to do later.

[chcjcamo]

Step 1 - the Fix button was not enabled. Results:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software

Run date: 2012-03-28 08:36:35

-----------------------------

08:36:35.469 OS Version: Windows 5.1.2600 Service Pack 3

08:36:35.469 Number of processors: 2 586 0x6801

08:36:35.469 ComputerName: FEVSW05 UserName:

08:36:36.266 Initialize success

08:36:36.688 AVAST engine defs: 12032800

08:37:12.919 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

08:37:12.934 Disk 0 Vendor: ST9120822AS 3.BHE Size: 114473MB BusType: 3

08:37:13.012 Disk 0 MBR read successfully

08:37:13.028 Disk 0 MBR scan

08:37:13.044 Disk 0 unknown MBR code

08:37:13.075 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 104218 MB offset 63

08:37:13.122 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10252 MB offset 213439590

08:37:13.169 Disk 0 scanning sectors +234436545

08:37:13.278 Disk 0 scanning C:\WINDOWS\system32\drivers

08:37:24.063 Service scanning

08:37:41.037 Modules scanning

08:37:53.885 Scan finished successfully

08:38:18.299 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator.FEVERSHAM_COLL\Desktop\MBR.dat"

08:38:18.346 The log file has been saved successfully to "C:\Documents and Settings\Administrator.FEVERSHAM_COLL\Desktop\aswMBR.txt"

Step 2 - no reboot was required.

08:41:30.0625 2808 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18

08:41:30.0719 2808 ============================================================

08:41:30.0719 2808 Current date / time: 2012/03/28 08:41:30.0719

08:41:30.0719 2808 SystemInfo:

08:41:30.0719 2808

08:41:30.0719 2808 OS Version: 5.1.2600 ServicePack: 3.0

08:41:30.0719 2808 Product type: Workstation

08:41:30.0719 2808 ComputerName: FEVSW05

08:41:30.0719 2808 UserName: administrator

08:41:30.0719 2808 Windows directory: C:\WINDOWS

08:41:30.0719 2808 System windows directory: C:\WINDOWS

08:41:30.0719 2808 Processor architecture: Intel x86

08:41:30.0719 2808 Number of processors: 2

08:41:30.0719 2808 Page size: 0x1000

08:41:30.0719 2808 Boot type: Normal boot

08:41:30.0719 2808 ============================================================

08:41:31.0688 2808 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

08:41:31.0688 2808 \Device\Harddisk0\DR0:

08:41:31.0688 2808 MBR used

08:41:31.0688 2808 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xCB8D427

08:41:31.0688 2808 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xCB8D466, BlocksNum 0x140635B

08:41:31.0766 2808 Initialize success

08:41:31.0766 2808 ============================================================

08:41:47.0408 2084 ============================================================

08:41:47.0408 2084 Scan started

08:41:47.0408 2084 Mode: Manual;

08:41:47.0408 2084 ============================================================

08:41:47.0815 2084 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

08:41:47.0815 2084 !SASCORE - ok

08:41:48.0034 2084 Aavmker4 (83631291adf2887cffc786d034d3fa15) C:\WINDOWS\system32\drivers\Aavmker4.sys

08:41:48.0034 2084 Aavmker4 - ok

08:41:48.0080 2084 Abiosdsk - ok

08:41:48.0159 2084 abp480n5 - ok

08:41:48.0221 2084 Accelerometer (558a0039f0ef634397e1f61055504478) C:\WINDOWS\system32\DRIVERS\Accelerometer.sys

08:41:48.0237 2084 Accelerometer - ok

08:41:48.0315 2084 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

08:41:48.0315 2084 ACPI - ok

08:41:48.0424 2084 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

08:41:48.0424 2084 ACPIEC - ok

08:41:48.0518 2084 ADIHdAudAddService (7356eff52ad50b8946d346002118ce62) C:\WINDOWS\system32\drivers\ADIHdAud.sys

08:41:48.0534 2084 ADIHdAudAddService - ok

08:41:48.0596 2084 adpu160m - ok

08:41:48.0627 2084 AEAudio (fff87a9b1ab36ee4b7bec98a4cb01b79) C:\WINDOWS\system32\drivers\AEAudio.sys

08:41:48.0627 2084 AEAudio - ok

08:41:48.0768 2084 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

08:41:48.0784 2084 aec - ok

08:41:48.0862 2084 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

08:41:48.0862 2084 AFD - ok

08:41:48.0940 2084 AgereModemAudio (9c9d3b7a05445b1ab2df4d0c4d6b77e8) C:\Program Files\LSI SoftModem\agrsmsvc.exe

08:41:48.0940 2084 AgereModemAudio - ok

08:41:49.0065 2084 AgereSoftModem (3712986cc3abf0dc656b43525b9d1279) C:\WINDOWS\system32\DRIVERS\AGRSM.sys

08:41:49.0127 2084 AgereSoftModem - ok

08:41:49.0174 2084 Aha154x - ok

08:41:49.0252 2084 aic78u2 - ok

08:41:49.0331 2084 aic78xx - ok

08:41:49.0440 2084 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

08:41:49.0440 2084 Alerter - ok

08:41:49.0487 2084 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

08:41:49.0487 2084 ALG - ok

08:41:49.0565 2084 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

08:41:49.0565 2084 AliIde - ok

08:41:49.0627 2084 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys

08:41:49.0627 2084 AmdK8 - ok

08:41:49.0674 2084 amsint - ok

08:41:49.0784 2084 Apple Mobile Device (2e3e53a6aef23e24f402c7855b9b1542) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

08:41:49.0784 2084 Apple Mobile Device - ok

08:41:49.0940 2084 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

08:41:49.0940 2084 AppMgmt - ok

08:41:50.0018 2084 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

08:41:50.0018 2084 Arp1394 - ok

08:41:50.0081 2084 asc - ok

08:41:50.0159 2084 asc3350p - ok

08:41:50.0237 2084 asc3550 - ok

08:41:50.0424 2084 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

08:41:50.0487 2084 aspnet_state - ok

08:41:50.0549 2084 aswFsBlk (1c2e6bb4fe8621b1b863855b02bc33eb) C:\WINDOWS\system32\drivers\aswFsBlk.sys

08:41:50.0549 2084 aswFsBlk - ok

08:41:50.0612 2084 aswMon2 (452d0ecd14fa02f9b061f42c8a30dd49) C:\WINDOWS\system32\drivers\aswMon2.sys

08:41:50.0612 2084 aswMon2 - ok

08:41:50.0674 2084 aswRdr (b6a9373619d851be80fb5f1b5eed0d4e) C:\WINDOWS\system32\drivers\aswRdr.sys

08:41:50.0674 2084 aswRdr - ok

08:41:50.0784 2084 aswSnx (9be41c1ae8bc481eb662d85c98d979c2) C:\WINDOWS\system32\drivers\aswSnx.sys

08:41:50.0784 2084 aswSnx - ok

08:41:50.0878 2084 aswSP (4b1a54ba2bc5873a774df6b70ab8b0b3) C:\WINDOWS\system32\drivers\aswSP.sys

08:41:50.0893 2084 aswSP - ok

08:41:50.0971 2084 aswTdi (c7f1cea32766184911293f4e1ee653f5) C:\WINDOWS\system32\drivers\aswTdi.sys

08:41:50.0971 2084 aswTdi - ok

08:41:51.0065 2084 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

08:41:51.0065 2084 AsyncMac - ok

08:41:51.0175 2084 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

08:41:51.0175 2084 atapi - ok

08:41:51.0221 2084 Atdisk - ok

08:41:51.0346 2084 Ati HotKey Poller (8afb4aff8837254e6d14338b1b11e690) C:\WINDOWS\system32\Ati2evxx.exe

08:41:51.0362 2084 Ati HotKey Poller - ok

08:41:51.0581 2084 ati2mtag (d0c00ee032994b698b47837a3561717a) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

08:41:51.0628 2084 ati2mtag - ok

08:41:51.0737 2084 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

08:41:51.0737 2084 Atmarpc - ok

08:41:51.0846 2084 ATSWPDRV (293e8cc3c246a89f4cca75b024ad757f) C:\WINDOWS\system32\DRIVERS\ATSwpDrv.sys

08:41:51.0846 2084 ATSWPDRV - ok

08:41:51.0909 2084 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

08:41:51.0909 2084 AudioSrv - ok

08:41:51.0971 2084 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

08:41:51.0987 2084 audstub - ok

08:41:52.0081 2084 avast! Antivirus (2695e3e9497bf72abb44b5010ec5da16) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

08:41:52.0081 2084 avast! Antivirus - ok

08:41:52.0175 2084 b57w2k (74a65415dfaad20f06e7550fa9b6e012) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

08:41:52.0175 2084 b57w2k - ok

08:41:52.0347 2084 BCM43XX (37f385a93c620cbe0f89c17e45f697a1) C:\WINDOWS\system32\DRIVERS\bcmwl5.sys

08:41:52.0378 2084 BCM43XX - ok

08:41:52.0487 2084 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

08:41:52.0487 2084 Beep - ok

08:41:52.0597 2084 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

08:41:52.0675 2084 BITS - ok

08:41:52.0768 2084 Bonjour Service (5ab58c337ac65837fe404462ad6265ab) C:\Program Files\Bonjour\mDNSResponder.exe

08:41:52.0768 2084 Bonjour Service - ok

08:41:52.0893 2084 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

08:41:52.0893 2084 Browser - ok

08:41:53.0065 2084 BTKRNL (ba57f31eab93dc597d772f6f5b9ed54f) C:\WINDOWS\system32\DRIVERS\btkrnl.sys

08:41:53.0081 2084 BTKRNL - ok

08:41:53.0159 2084 btwdins (0ece2b1910527ae85691151d56621891) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

08:41:53.0175 2084 btwdins - ok

08:41:53.0362 2084 BTWUSB (57e91e9925976bbc98984eebaaf1d84c) C:\WINDOWS\system32\Drivers\btwusb.sys

08:41:53.0362 2084 BTWUSB - ok

08:41:53.0440 2084 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

08:41:53.0440 2084 cbidf2k - ok

08:41:53.0456 2084 cd20xrnt - ok

08:41:53.0503 2084 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

08:41:53.0503 2084 Cdaudio - ok

08:41:53.0550 2084 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

08:41:53.0550 2084 Cdfs - ok

08:41:53.0581 2084 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

08:41:53.0581 2084 Cdrom - ok

08:41:53.0597 2084 Changer - ok

08:41:53.0659 2084 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

08:41:53.0659 2084 CiSvc - ok

08:41:53.0690 2084 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

08:41:53.0690 2084 ClipSrv - ok

08:41:53.0769 2084 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

08:41:53.0956 2084 clr_optimization_v2.0.50727_32 - ok

08:41:54.0065 2084 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

08:41:54.0065 2084 CmBatt - ok

08:41:54.0112 2084 CmdIde - ok

08:41:54.0144 2084 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

08:41:54.0159 2084 Compbatt - ok

08:41:54.0191 2084 COMSysApp - ok

08:41:54.0284 2084 Cpqarray - ok

08:41:54.0409 2084 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

08:41:54.0409 2084 CryptSvc - ok

08:41:54.0456 2084 dac2w2k - ok

08:41:54.0519 2084 dac960nt - ok

08:41:54.0612 2084 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

08:41:54.0644 2084 DcomLaunch - ok

08:41:54.0722 2084 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

08:41:54.0722 2084 Dhcp - ok

08:41:54.0816 2084 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

08:41:54.0816 2084 Disk - ok

08:41:54.0862 2084 dmadmin - ok

08:41:55.0003 2084 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

08:41:55.0034 2084 dmboot - ok

08:41:55.0112 2084 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

08:41:55.0128 2084 dmio - ok

08:41:55.0191 2084 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

08:41:55.0206 2084 dmload - ok

08:41:55.0300 2084 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

08:41:55.0300 2084 dmserver - ok

08:41:55.0378 2084 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

08:41:55.0394 2084 DMusic - ok

08:41:55.0472 2084 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

08:41:55.0472 2084 Dnscache - ok

08:41:55.0566 2084 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

08:41:55.0581 2084 Dot3svc - ok

08:41:55.0675 2084 dpti2o - ok

08:41:55.0753 2084 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

08:41:55.0769 2084 drmkaud - ok

08:41:55.0847 2084 eabfiltr (e88b0cfcecf745211bba87f44f85d0dd) C:\WINDOWS\system32\DRIVERS\eabfiltr.sys

08:41:55.0847 2084 eabfiltr - ok

08:41:55.0925 2084 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

08:41:55.0941 2084 EapHost - ok

08:41:56.0003 2084 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

08:41:56.0003 2084 ERSvc - ok

08:41:56.0066 2084 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

08:41:56.0081 2084 Eventlog - ok

08:41:56.0144 2084 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

08:41:56.0159 2084 EventSystem - ok

08:41:56.0253 2084 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

08:41:56.0253 2084 Fastfat - ok

08:41:56.0316 2084 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

08:41:56.0331 2084 FastUserSwitchingCompatibility - ok

08:41:56.0378 2084 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

08:41:56.0378 2084 Fdc - ok

08:41:56.0425 2084 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

08:41:56.0425 2084 Fips - ok

08:41:56.0456 2084 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

08:41:56.0456 2084 Flpydisk - ok

08:41:56.0519 2084 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

08:41:56.0519 2084 FltMgr - ok

08:41:56.0660 2084 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

08:41:56.0660 2084 FontCache3.0.0.0 - ok

08:41:56.0769 2084 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS

08:41:56.0769 2084 FsUsbExDisk - ok

08:41:56.0831 2084 FsUsbExService (d3f9205cc4cb07553f2f9472c767ea87) C:\WINDOWS\system32\FsUsbExService.Exe

08:41:56.0847 2084 FsUsbExService - ok

08:41:56.0988 2084 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

08:41:56.0988 2084 Fs_Rec - ok

08:41:57.0050 2084 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

08:41:57.0050 2084 Ftdisk - ok

08:41:57.0128 2084 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

08:41:57.0128 2084 GEARAspiWDM - ok

08:41:57.0206 2084 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

08:41:57.0206 2084 Gpc - ok

08:41:57.0285 2084 HBtnKey (de15777902a5d9121857d155873a1d1b) C:\WINDOWS\system32\DRIVERS\cpqbttn.sys

08:41:57.0285 2084 HBtnKey - ok

08:41:57.0363 2084 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

08:41:57.0363 2084 HDAudBus - ok

08:41:57.0503 2084 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

08:41:57.0519 2084 helpsvc - ok

08:41:57.0519 2084 Suspicious service (NoAccess): hgnxf

08:41:57.0550 2084 hgnxf ( LockedService.Multi.Generic ) - warning

08:41:57.0550 2084 hgnxf - detected LockedService.Multi.Generic (1)

08:41:57.0644 2084 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll

08:41:57.0644 2084 HidServ - ok

08:41:57.0785 2084 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

08:41:57.0800 2084 HidUsb - ok

08:41:57.0878 2084 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

08:41:57.0894 2084 hkmsvc - ok

08:41:57.0988 2084 hpdskflt (5953c0952e4dd2b25b9adef05ab0285c) C:\WINDOWS\system32\DRIVERS\hpdskflt.sys

08:41:57.0988 2084 hpdskflt - ok

08:41:58.0035 2084 hpn - ok

08:41:58.0207 2084 hpqwmiex (04c1dcbb226c6ae647b794833ce3ceb6) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

08:41:58.0207 2084 hpqwmiex - ok

08:41:58.0300 2084 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

08:41:58.0300 2084 HTTP - ok

08:41:58.0394 2084 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

08:41:58.0394 2084 HTTPFilter - ok

08:41:58.0441 2084 i2omgmt - ok

08:41:58.0488 2084 i2omp - ok

08:41:58.0550 2084 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

08:41:58.0566 2084 i8042prt - ok

08:41:58.0691 2084 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

08:41:58.0691 2084 IDriverT - ok

08:41:58.0910 2084 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

08:41:58.0957 2084 idsvc - ok

08:41:59.0129 2084 IFXTPM (f67554da27d5b55efcb6c7cb4818fbfd) C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS

08:41:59.0129 2084 IFXTPM - ok

08:41:59.0222 2084 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

08:41:59.0222 2084 Imapi - ok

08:41:59.0285 2084 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

08:41:59.0300 2084 ImapiService - ok

08:41:59.0379 2084 ini910u - ok

08:41:59.0472 2084 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

08:41:59.0488 2084 IntelIde - ok

08:41:59.0566 2084 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

08:41:59.0566 2084 Ip6Fw - ok

08:41:59.0676 2084 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

08:41:59.0676 2084 IpFilterDriver - ok

08:41:59.0722 2084 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

08:41:59.0722 2084 IpInIp - ok

08:41:59.0769 2084 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

08:41:59.0785 2084 IpNat - ok

08:41:59.0879 2084 iPod Service (630d74599070824af3dc63a894adcdfc) C:\Program Files\iPod\bin\iPodService.exe

08:41:59.0941 2084 iPod Service - ok

08:42:00.0097 2084 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

08:42:00.0097 2084 IPSec - ok

08:42:00.0160 2084 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

08:42:00.0160 2084 IRENUM - ok

08:42:00.0238 2084 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

08:42:00.0238 2084 isapnp - ok

08:42:00.0347 2084 IviRegMgr (213822072085b5bbad9af30ab577d817) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

08:42:00.0347 2084 IviRegMgr - ok

08:42:00.0426 2084 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe

08:42:00.0426 2084 JavaQuickStarterService - ok

08:42:00.0582 2084 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

08:42:00.0597 2084 Kbdclass - ok

08:42:00.0644 2084 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

08:42:00.0644 2084 kbdhid - ok

08:42:00.0707 2084 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

08:42:00.0723 2084 kmixer - ok

08:42:00.0801 2084 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

08:42:00.0801 2084 KSecDD - ok

08:42:00.0863 2084 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

08:42:00.0879 2084 lanmanserver - ok

08:42:00.0957 2084 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

08:42:00.0988 2084 lanmanworkstation - ok

08:42:01.0035 2084 lbrtfdc - ok

08:42:01.0207 2084 LightScribeService (31d8b705dcd5f2366186e731f87c7a71) C:\Program Files\Common Files\LightScribe\LSSrvc.exe

08:42:01.0207 2084 LightScribeService - ok

08:42:01.0285 2084 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

08:42:01.0301 2084 LmHosts - ok

08:42:01.0394 2084 mbamchameleon (7ffd29fafcde7aaf89b689b6e156d5b0) C:\WINDOWS\system32\drivers\mbamchameleon.sys

08:42:01.0394 2084 mbamchameleon - ok

08:42:01.0504 2084 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys

08:42:01.0504 2084 MBAMSwissArmy - ok

08:42:01.0598 2084 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

08:42:01.0598 2084 Messenger - ok

08:42:01.0707 2084 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

08:42:01.0707 2084 mnmdd - ok

08:42:01.0754 2084 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

08:42:01.0754 2084 mnmsrvc - ok

08:42:01.0801 2084 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

08:42:01.0801 2084 Modem - ok

08:42:01.0816 2084 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

08:42:01.0816 2084 Mouclass - ok

08:42:01.0895 2084 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

08:42:01.0895 2084 mouhid - ok

08:42:01.0941 2084 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

08:42:01.0941 2084 MountMgr - ok

08:42:02.0020 2084 MQAC (70c14f5cca5cf73f8a645c73a01d8726) C:\WINDOWS\system32\drivers\mqac.sys

08:42:02.0020 2084 MQAC - ok

08:42:02.0035 2084 mraid35x - ok

08:42:02.0082 2084 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

08:42:02.0098 2084 MRxDAV - ok

08:42:02.0191 2084 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

08:42:02.0207 2084 MRxSmb - ok

08:42:02.0301 2084 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

08:42:02.0301 2084 MSDTC - ok

08:42:02.0379 2084 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

08:42:02.0379 2084 Msfs - ok

08:42:02.0426 2084 MSIServer - ok

08:42:02.0504 2084 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

08:42:02.0504 2084 MSKSSRV - ok

08:42:02.0598 2084 MSMQ (afb909b537aae1beae7bbdb6a36d40b0) C:\WINDOWS\system32\mqsvc.exe

08:42:02.0598 2084 MSMQ - ok

08:42:02.0660 2084 MSMQTriggers (7f955ff3b1bb93376ebe75d5accdc6db) C:\WINDOWS\system32\mqtgsvc.exe

08:42:02.0676 2084 MSMQTriggers - ok

08:42:02.0770 2084 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

08:42:02.0785 2084 MSPCLOCK - ok

08:42:02.0863 2084 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

08:42:02.0863 2084 MSPQM - ok

08:42:02.0926 2084 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

08:42:02.0926 2084 mssmbios - ok

08:42:02.0973 2084 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

08:42:02.0988 2084 Mup - ok

08:42:03.0067 2084 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

08:42:03.0082 2084 napagent - ok

08:42:03.0160 2084 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

08:42:03.0160 2084 NDIS - ok

08:42:03.0223 2084 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

08:42:03.0223 2084 NdisTapi - ok

08:42:03.0254 2084 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

08:42:03.0270 2084 Ndisuio - ok

08:42:03.0317 2084 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

08:42:03.0317 2084 NdisWan - ok

08:42:03.0395 2084 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

08:42:03.0395 2084 NDProxy - ok

08:42:03.0473 2084 Netaapl (7afd0e39ab15cb355487b7cc19f4e2c5) C:\WINDOWS\system32\DRIVERS\netaapl.sys

08:42:03.0473 2084 Netaapl - ok

08:42:03.0535 2084 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

08:42:03.0535 2084 NetBIOS - ok

08:42:03.0598 2084 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

08:42:03.0598 2084 NetBT - ok

08:42:03.0676 2084 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

08:42:03.0692 2084 NetDDE - ok

08:42:03.0707 2084 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

08:42:03.0723 2084 NetDDEdsdm - ok

08:42:03.0770 2084 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

08:42:03.0770 2084 Netlogon - ok

08:42:03.0801 2084 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

08:42:03.0817 2084 Netman - ok

08:42:03.0957 2084 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

08:42:03.0957 2084 NetTcpPortSharing - ok

08:42:04.0114 2084 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

08:42:04.0114 2084 NIC1394 - ok

08:42:04.0207 2084 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

08:42:04.0223 2084 Nla - ok

08:42:04.0270 2084 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

08:42:04.0270 2084 Npfs - ok

08:42:04.0348 2084 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

08:42:04.0364 2084 Ntfs - ok

08:42:04.0426 2084 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

08:42:04.0426 2084 NtLmSsp - ok

08:42:04.0520 2084 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

08:42:04.0551 2084 NtmsSvc - ok

08:42:04.0629 2084 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

08:42:04.0645 2084 Null - ok

08:42:04.0707 2084 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

08:42:04.0707 2084 NwlnkFlt - ok

08:42:04.0785 2084 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

08:42:04.0785 2084 NwlnkFwd - ok

08:42:04.0879 2084 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

08:42:04.0879 2084 ohci1394 - ok

08:42:05.0004 2084 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

08:42:05.0020 2084 ose - ok

08:42:05.0067 2084 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

08:42:05.0082 2084 Parport - ok

08:42:05.0129 2084 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

08:42:05.0129 2084 PartMgr - ok

08:42:05.0207 2084 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

08:42:05.0207 2084 ParVdm - ok

08:42:05.0317 2084 PCA (5eeb45f500e3e97153cb75723f8ca185) C:\WINDOWS\SMINST\PCAngel.exe

08:42:05.0317 2084 PCA - ok

08:42:05.0411 2084 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

08:42:05.0426 2084 pccsmcfd - ok

08:42:05.0489 2084 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

08:42:05.0504 2084 PCI - ok

08:42:05.0536 2084 PCIDump - ok

08:42:05.0598 2084 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

08:42:05.0598 2084 PCIIde - ok

08:42:05.0629 2084 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

08:42:05.0629 2084 Pcmcia - ok

08:42:05.0676 2084 PDCOMP - ok

08:42:05.0754 2084 pdfcDispatcher - ok

08:42:05.0801 2084 PDFRAME - ok

08:42:05.0832 2084 PDRELI - ok

08:42:05.0879 2084 PDRFRAME - ok

08:42:05.0911 2084 perc2 - ok

08:42:05.0957 2084 perc2hib - ok

08:42:06.0082 2084 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

08:42:06.0098 2084 PlugPlay - ok

08:42:06.0192 2084 Pml Driver HPZ12 (3cecda26586ca4db9be51241a6db7c3c) C:\WINDOWS\system32\HPZipm12.dll

08:42:06.0208 2084 Pml Driver HPZ12 - ok

08:42:06.0254 2084 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

08:42:06.0254 2084 PolicyAgent - ok

08:42:06.0379 2084 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

08:42:06.0379 2084 PptpMiniport - ok

08:42:06.0442 2084 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys

08:42:06.0442 2084 Processor - ok

08:42:06.0489 2084 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

08:42:06.0504 2084 ProtectedStorage - ok

08:42:06.0551 2084 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

08:42:06.0551 2084 PSched - ok

08:42:06.0645 2084 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

08:42:06.0645 2084 Ptilink - ok

08:42:06.0708 2084 ql1080 - ok

08:42:06.0770 2084 Ql10wnt - ok

08:42:06.0817 2084 ql12160 - ok

08:42:06.0879 2084 ql1240 - ok

08:42:06.0942 2084 ql1280 - ok

08:42:07.0004 2084 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

08:42:07.0004 2084 RasAcd - ok

08:42:07.0098 2084 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

08:42:07.0114 2084 RasAuto - ok

08:42:07.0192 2084 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

08:42:07.0208 2084 Rasl2tp - ok

08:42:07.0270 2084 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

08:42:07.0286 2084 RasMan - ok

08:42:07.0333 2084 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

08:42:07.0333 2084 RasPppoe - ok

08:42:07.0395 2084 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

08:42:07.0395 2084 Raspti - ok

08:42:07.0458 2084 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

08:42:07.0473 2084 Rdbss - ok

08:42:07.0520 2084 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

08:42:07.0536 2084 RDPCDD - ok

08:42:07.0598 2084 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

08:42:07.0598 2084 rdpdr - ok

08:42:07.0739 2084 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

08:42:07.0739 2084 RDPWD - ok

08:42:07.0817 2084 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

08:42:07.0833 2084 RDSessMgr - ok

08:42:07.0895 2084 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

08:42:07.0911 2084 redbook - ok

08:42:07.0989 2084 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

08:42:08.0005 2084 RemoteAccess - ok

08:42:08.0098 2084 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

08:42:08.0114 2084 RemoteRegistry - ok

08:42:08.0192 2084 RMCAST (96f7a9a7bf0c9c0440a967440065d33c) C:\WINDOWS\system32\drivers\RMCast.sys

08:42:08.0208 2084 RMCAST - ok

08:42:08.0317 2084 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

08:42:08.0333 2084 RpcLocator - ok

08:42:08.0427 2084 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

08:42:08.0442 2084 RpcSs - ok

08:42:08.0505 2084 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

08:42:08.0536 2084 RSVP - ok

08:42:08.0598 2084 SABProcEnum - ok

08:42:08.0661 2084 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

08:42:08.0677 2084 SamSs - ok

08:42:08.0708 2084 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

08:42:08.0723 2084 SASDIFSV - ok

08:42:08.0739 2084 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

08:42:08.0755 2084 SASKUTIL - ok

08:42:08.0848 2084 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

08:42:08.0864 2084 SCardSvr - ok

08:42:08.0927 2084 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

08:42:08.0942 2084 Schedule - ok

08:42:09.0036 2084 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

08:42:09.0036 2084 Secdrv - ok

08:42:09.0098 2084 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

08:42:09.0114 2084 seclogon - ok

08:42:09.0177 2084 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

08:42:09.0192 2084 SENS - ok

08:42:09.0239 2084 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

08:42:09.0239 2084 Serial - ok

08:42:09.0380 2084 ServiceLayer (9d38320bb32230349379df5ddbbf7fce) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

08:42:09.0395 2084 ServiceLayer - ok

08:42:09.0614 2084 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

08:42:09.0614 2084 Sfloppy - ok

08:42:09.0724 2084 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

08:42:09.0739 2084 SharedAccess - ok

08:42:09.0864 2084 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

08:42:09.0880 2084 ShellHWDetection - ok

08:42:10.0005 2084 Simbad - ok

08:42:10.0067 2084 Smcinst - ok

08:42:10.0145 2084 Sparrow - ok

08:42:10.0192 2084 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

08:42:10.0192 2084 splitter - ok

08:42:10.0239 2084 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

08:42:10.0255 2084 Spooler - ok

08:42:10.0286 2084 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

08:42:10.0286 2084 sr - ok

08:42:10.0380 2084 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

08:42:10.0395 2084 srservice - ok

08:42:10.0474 2084 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

08:42:10.0489 2084 Srv - ok

08:42:10.0536 2084 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

08:42:10.0552 2084 SSDPSRV - ok

08:42:10.0614 2084 ss_bbus (eaa66218cd39f5bb1b4853a78c67c787) C:\WINDOWS\system32\DRIVERS\ss_bbus.sys

08:42:10.0630 2084 ss_bbus - ok

08:42:10.0677 2084 ss_bmdfl (91765f99914ed8693d8bc76524f21581) C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys

08:42:10.0692 2084 ss_bmdfl - ok

08:42:10.0739 2084 ss_bmdm (840e7b738b03c10ee91d9b7d3d6eff15) C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys

08:42:10.0739 2084 ss_bmdm - ok

08:42:10.0849 2084 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

08:42:10.0864 2084 stisvc - ok

08:42:10.0927 2084 stllssvr - ok

08:42:11.0021 2084 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

08:42:11.0021 2084 swenum - ok

08:42:11.0083 2084 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

08:42:11.0083 2084 swmidi - ok

08:42:11.0099 2084 SwPrv - ok

08:42:11.0302 2084 Symantec Core LC (fa2f6a8849219b16460bf44f9d1f3aa7) C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe

08:42:11.0317 2084 Symantec Core LC - ok

08:42:11.0458 2084 symc810 - ok

08:42:11.0521 2084 symc8xx - ok

08:42:11.0614 2084 sym_hi - ok

08:42:11.0693 2084 sym_u3 - ok

08:42:11.0849 2084 SynTP (5876072999220ef2fba1ddec86d2b97e) C:\WINDOWS\system32\DRIVERS\SynTP.sys

08:42:11.0864 2084 SynTP - ok

08:42:11.0943 2084 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

08:42:11.0943 2084 sysaudio - ok

08:42:12.0036 2084 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

08:42:12.0052 2084 SysmonLog - ok

08:42:12.0099 2084 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

08:42:12.0130 2084 TapiSrv - ok

08:42:12.0239 2084 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

08:42:12.0255 2084 Tcpip - ok

08:42:12.0349 2084 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

08:42:12.0349 2084 TDPIPE - ok

08:42:12.0396 2084 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

08:42:12.0396 2084 TDTCP - ok

08:42:12.0427 2084 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

08:42:12.0443 2084 TermDD - ok

08:42:12.0489 2084 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

08:42:12.0521 2084 TermService - ok

08:42:12.0568 2084 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

08:42:12.0583 2084 Themes - ok

08:42:12.0661 2084 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe

08:42:12.0677 2084 TlntSvr - ok

08:42:12.0786 2084 TosIde - ok

08:42:12.0849 2084 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

08:42:12.0865 2084 TrkWks - ok

08:42:12.0943 2084 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

08:42:12.0943 2084 Udfs - ok

08:42:13.0005 2084 ultra - ok

08:42:13.0099 2084 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

08:42:13.0115 2084 Update - ok

08:42:13.0224 2084 UPHClean (3f9a3232e5f942874488981f3242c989) C:\Program Files\UPHClean\uphclean.exe

08:42:13.0224 2084 UPHClean - ok

08:42:13.0318 2084 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

08:42:13.0333 2084 upnphost - ok

08:42:13.0380 2084 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

08:42:13.0396 2084 UPS - ok

08:42:13.0521 2084 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys

08:42:13.0521 2084 USBAAPL - ok

08:42:13.0599 2084 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

08:42:13.0599 2084 usbccgp - ok

08:42:13.0661 2084 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

08:42:13.0661 2084 usbehci - ok

08:42:13.0740 2084 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

08:42:13.0740 2084 usbhub - ok

08:42:13.0787 2084 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

08:42:13.0787 2084 usbohci - ok

08:42:13.0865 2084 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

08:42:13.0865 2084 usbscan - ok

08:42:13.0958 2084 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

08:42:13.0974 2084 usbstor - ok

08:42:14.0052 2084 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

08:42:14.0068 2084 usbuhci - ok

08:42:14.0130 2084 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

08:42:14.0130 2084 VgaSave - ok

08:42:14.0193 2084 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

08:42:14.0193 2084 ViaIde - ok

08:42:14.0255 2084 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

08:42:14.0255 2084 VolSnap - ok

08:42:14.0380 2084 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

08:42:14.0412 2084 VSS - ok

08:42:14.0458 2084 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

08:42:14.0474 2084 W32Time - ok

08:42:14.0583 2084 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

08:42:14.0599 2084 Wanarp - ok

08:42:14.0693 2084 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys

08:42:14.0724 2084 Wdf01000 - ok

08:42:14.0755 2084 WDICA - ok

08:42:14.0818 2084 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

08:42:14.0818 2084 wdmaud - ok

08:42:14.0865 2084 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

08:42:14.0896 2084 WebClient - ok

08:42:15.0052 2084 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

08:42:15.0052 2084 winmgmt - ok

08:42:15.0177 2084 WLSetupSvc (94a85e956a065e23e0010a6a7826243b) C:\Program Files\Windows Live\installer\WLSetupSvc.exe

08:42:15.0193 2084 WLSetupSvc - ok

08:42:15.0271 2084 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

08:42:15.0287 2084 WmdmPmSN - ok

08:42:15.0365 2084 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll

08:42:15.0412 2084 Wmi - ok

08:42:15.0505 2084 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

08:42:15.0505 2084 WmiAcpi - ok

08:42:15.0646 2084 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

08:42:15.0646 2084 WmiApSrv - ok

08:42:15.0802 2084 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe

08:42:15.0849 2084 WMPNetworkSvc - ok

08:42:16.0006 2084 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

08:42:16.0021 2084 wscsvc - ok

08:42:16.0084 2084 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

08:42:16.0099 2084 wuauserv - ok

08:42:16.0240 2084 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

08:42:16.0240 2084 WudfPf - ok

08:42:16.0318 2084 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

08:42:16.0334 2084 WudfRd - ok

08:42:16.0443 2084 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

08:42:16.0459 2084 WudfSvc - ok

08:42:16.0568 2084 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

08:42:16.0615 2084 WZCSVC - ok

08:42:16.0709 2084 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

08:42:16.0724 2084 xmlprov - ok

08:42:16.0787 2084 MBR (0x1B8) (4f02a8d4048a138c450ed7f867eb0144) \Device\Harddisk0\DR0

08:42:16.0974 2084 \Device\Harddisk0\DR0 - ok

08:42:16.0990 2084 Boot (0x1200) (ff9ed2e24855c68fe4e66028a5499c69) \Device\Harddisk0\DR0\Partition0

08:42:16.0990 2084 \Device\Harddisk0\DR0\Partition0 - ok

08:42:17.0006 2084 Boot (0x1200) (8e48ea3f42216c6ecc3dfa28209eb5dd) \Device\Harddisk0\DR0\Partition1

08:42:17.0006 2084 \Device\Harddisk0\DR0\Partition1 - ok

08:42:17.0021 2084 ============================================================

08:42:17.0021 2084 Scan finished

08:42:17.0021 2084 ============================================================

08:42:17.0053 2216 Detected object count: 1

08:42:17.0053 2216 Actual detected object count: 1

08:42:29.0992 2216 hgnxf ( LockedService.Multi.Generic ) - skipped by user

08:42:29.0992 2216 hgnxf ( LockedService.Multi.Generic ) - User select action: Skip

Step 3 - I ran combofix and answered the questions as they appeared. Unfortunately I had to leave the room and when I returned it had restarted and was back at the login. I cannot find the log anywhere. I've done a search but can't seem to find it. Sorry.

[chcjcamo]

Hi. The laptop seems ok. But I tried super antispyware and malwarebytes as a test and they both crashed a few minutes into the scans.

Thanks again.

[Maurice Naggar]

Your logs show you installed Avast on March the 23, after removing Removed Symantec Endpoint Protection.

Sometimes Norton/Symantec (other vendors too) do not fully un-install all their components.

What other antivirus products have been on this system? What was provided when you first bought this system?

Is this a home system?

Close and save any open documents you have, and exit any programs you started.

Download, Save, then run the Norton/Symantec removal tool

http://solutions.symantec.com/sdccommon/asp/symcu_defcontent_view.asp?ssfromlink=true&sprt_cid=6963b863-9269-4ec4-8a44-4e8803bcb0dc&docid=20070816103157EN

Once it finishes, Logoff and Restart the system fresh.

Step 2

Disable CD-ROM Emulation Software:

Please download the following tool DeFogger to your desktop.

◦Double click DeFogger to run the tool.

◦The application window will appear

◦Click the Disable button to disable your CD Emulation drivers.

◦Click Yes to continue

◦A 'Finished!' message will appear

◦Click OK

◦DeFogger will now ask to reboot the machine - click OK

◦IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

◦Do not re-enable these drivers until otherwise instructed.

Step 3

Leave aside S**r Antimalware. I do not need for you to run it.

Kindly only do the steps I outline.

Step 4

Be sure you are logged in to Windows with an administrator-rights account.

Since you have Avast antivirus, let's make sure to set trust exclusions in bot Avast & MBAM

See section K of the Frequently Asked Questions on MBAM

http://forums.malwarebytes.org/index.php?act=findpost&pid=417798

Do the trust settings in Avast

Do the trust settings in MBAM

Step 4

Turn OFF your Avast antivirus.

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.

• 
  

Link 2
Link 3
Link 4
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

Step 5

1. Click on START>All Programs>Malwarebytes' Anti-Malware>Tools>Malwarebytes Anti-Malware Chameleon
   
2. Once the Help file opens, click on a Chameleon button (starting with #1) until you see a black DOS/command prompt window that remains open and says
   MBAM-chameleon ver. 1.60.2 at the top
   
3. Press any key to continue as it says in the window {space-bar will do}
   
4. Have infinite patience during this process
   
5. Malwarebytes Chameleon will proceed to update Malwarebytes Anti-Malware, so ensure that you are connected to the internet if possible
   
6. Once the update completes and it says your database is updated, click on OK
   
7. Malwarebytes Chameleon will then terminate any threats running in memory, which may take a while, so please be patient.
   
8. Upon completion, Malwarebytes Anti-Malware will open automatically and perform a Quick scan
   
9. A quick scan will take a few minutes, possibly 5 or so minutes. Have infinite patience.
   
10. Once the scan is complete, click on Show Results and remove any threats that are found by clicking Remove Selected
    
11. If prompted to restart your computer to complete the removal process, click Yes
    
12. If no threats are found, press EXIT to end MBAM.
    
13. After your computer restarts, open Malwarebytes Anti-Malware and perform one last Quick scan to verify that there are no remaining threats
    

Step 6

Re-Enable your antivirus program

Reply with copy of the MBAM scan log for review

and tell me, How is your system now ? 

Edited March 28, 2012 by Maurice Naggar

[chcjcamo]

Hi. As far as I know there has only been Norton on this but unfortunately the license ran out a while back (I am looking at this laptop as a favour for a friend).

No error or log for DeFogger. No problems with RKill.

Malware Bytes has finally finished. It kept crashing at a spot in \administrator\Local Settings\Temporary Internet Files\Content.IE5 so I ended up deleting everything in the folder and it finished normally. I restared

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Database version: v2012.03.29.04

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

administrator :: FEVSW05 [administrator]

29/03/2012 14:10:55

mbam-log-2012-03-29 (14-10-55).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | PUP | PUM

Scan options disabled: Heuristics/Shuriken | P2P

Objects scanned: 218420

Time elapsed: 6 minute(s), 11 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Everything seems ok now. Thank you.

[Maurice Naggar]

Good run of MBAM !

I see that you are clear of your original issues.

If you have a problem with these steps, or something does not quite work here, do let me know.

The following few steps will remove tools we used.

Download OTC to your desktop and run it

• Click Yes to beginning the Cleanup process and remove these components, including this application.
  
• You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
  

Download TFC by OldTimer to your desktop

• Please double-click TFC.exe to run it. (Note: If you are running on Vista or Windows 7, right-click on the file and choose Run As Administrator).
  
• It will close all programs when run, so make sure you have saved all your work before you begin.
  
• Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  
• IF prompted to Reboot, reply "Yes".
  

To re-enable CD Emulation programs using DeFogger please perform these steps:

Please download >> DeFogger <<and save it to your desktop.

• Once downloaded, double-click on the DeFogger icon to start the tool.
  
• The application window will appear.
  
• You should now click on the Enable button to re-enable your CD Emulation drivers.
  
• When it prompts you whether or not you want to continue, please click on the Yes button to continue.
  
• When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
  
• If CD Emulation programs are present and have been enabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button.
  

ERUNT you may keep & use on a regular basis to backup the Windows registry.

Delete the following tools, if still present:

RKILL

RogueKiller.exe

aswMBR.exe

TDSSKILLER.exe

Insecure utilities:

Older versions of Adobe Reader pose a potential security risk.

De-install your Adobe Reader: Use Control Panel's Add-Remove programs, Remove Adobe Reader.

Get latest Adobe Reader version

http://get.adobe.com/reader/

Be sure to un-check the box for Free McAfee Security Scan or any "toolbar" (if offered )

You need to remove older versions of Java runtime. Do this:

Download & Save to your Desktop or a new folder Javara.zip

Extract the contents of the zip file. Then double click Javara.exe to run it.

JavaRa is a simple tool that does a simple job: it removes old and redundant versions of the Java Runtime Environment (JRE).

• Configure your Antivirus software to check for updates daily, at a time in which you are sure the computer will be on.
  
• Check in at Windows Update and install any Critical Updates offered.
  
• Make certain that Automatic Updates is enabled.
  How to configure and use Automatic Updates in Windows
  http://support.microsoft.com/kb/306525
  
• Check on other update issues as well, visit Secunia Online Software Inspector (OSI)
  See How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector
  
• Download, install, and keep updated Spyware Blaster (free): http://www.javacools...areblaster.html (all Protections should be enabled at all times)
  
• I'd recommend that you get and use MVP Mike Burgess' custom hosts file http://mvps.org/winhelp2002/hosts.htm
  See the FAQ page http://mvps.org/winh...02/hostsfaq.htm
  That would help to keep your browser away from known spyware/malware sites.
  
• Make regular backups of your system to removable media: DVD, USB external hard drive, etc.
  Having a total image backup of your system stored on DVD/CD is highly important.
  Get and make use of imaging-backup utilities and save them to offline media. That way you have something to fall back to if another disaster hits.
  Examples of image backup software: Acronis True Image, or the free (for personal use) Macrium Reflect http://www.macrium.com/reflectfree.asp
  or Paragon Backup & Recovery http://www.paragon-s...e/download.html
  On some regular schedule, it is a good idea to do an online scan for viruses and malware. Here is a very short list of sites where this may be done:
  ESET Online Scanner
  Panda ActiveScan
  Trend Micro Housecall
  F-Secure Online Scanner
  
• See Six tips to help you stay safer online
  
• Never, ever download free games, free tools, videos, mutli-media files or anything free unless you can be absolutely sure the source is safe !
  Consider using Web of Trust WOT add-on for your browser(s)
  http://www.mywot.com/en/download
  http://www.mywot.com/en/faq/add-on
  

We are finished here. Best regards.

[chcjcamo]

I have followed all your suggestions. Thank you very much for your time on this. It is very much appreciated.

Chrystal

[Maurice Naggar]

Chrystal,

You're quite welcome. I am glad to have helped. It is a pleasure to have worked with you. Best to you.

I am now closing this topic.