Help

[shiannte]

Every time I start my computer, ads play in the background somewhere. No programs are open but something is running behind the scenes as I hear all kinds of commercials/ads through the speakers.

dds.txt

attach.txt

[shiannte]

When I noticed the problem, I downloaded MalwareBytes and Spybot. I removed what I could however the problem still persists. Malwarebytes keep notifying me that it has blocked access to a potentially malicious website 206.161.121.3 (type: outgoing). This is driving me nuts because I cannot locate the program or process that is doing this. Please help

[Maniac]

Hello shiannte and ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.

I don't see SpyBot in your log file, which means that the log file is not the latest. Please, generate fresh new DDS log files and not make changes without my instructions.

[shiannte]

Ok thank you! I would really appreciate your help with this issue.

Here is my new DDS log file and Attach File.

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_33

Run by Laptop User at 23:43:01 on 2012-07-02

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.579 [GMT -10:00]

.

AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}

AV: VirusScan Enterprise + AntiSpyware Enterprise *Enabled/Outdated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

FW: Norton 360 *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\IBM\Lotus\Notes\nsd.exe

C:\Program Files\IBM\Lotus\Notes\nslsvice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\IBM\Lotus\Notes\ntmulti.exe

C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

C:\Program Files\Symantec\Ghost\ngctw32.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe

C:\Program Files\SMART Technologies\SMART Product Drivers\UCService.exe

C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\umonit.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Symantec\Ghost\ngtray.exe

C:\Program Files\Network Associates\Common Framework\UdaterUI.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Network Associates\Common Framework\McTray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Epson Software\Event Manager\EEventManager.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe

C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe

C:\Program Files\WebEx\Productivity Tools\PTIM.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\SetPoint\SetPoint.exe

C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

C:\Program Files\WebEx\Productivity Tools\ptSrv.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\SMART Technologies\SMART Product Drivers\Aware.exe

C:\Program Files\SMART Technologies\SMART Product Drivers\Marker.exe

.

============== Pseudo HJT Report ===============

.

BHO: HelperObject Class: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 8\SnagItBHO.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: DWABrowserHlprObj Class: {2709d830-b643-4e72-9a1e-701cfffcf30c} - c:\windows\system32\dwabho.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy 2\SDHelper.dll

BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\6.2.1.5\coIEPlg.dll

BHO: CIEDownload Object: {67bcf957-85fc-4036-8dc4-d4d80e00a77b} - c:\program files\smart technologies\smart notebook\NotebookPlugin.dll

BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\6.2.1.5\ips\IPSBHO.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptcl.dll

BHO: WebEx Productivity Tools: {90e2ba2e-dd1b-4cde-9134-7a8b86d33ca7} - c:\program files\webex\productivity tools\ptonecli.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 8\SnagItIEAddin.dll

TB: WebEx Productivity Tools: {90e2ba2e-dd1b-4cde-9134-7a8b86d33ca7} - c:\program files\webex\productivity tools\ptonecli.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\6.2.1.5\coIEPlg.dll

TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File

uRun: [PTIM.exe] c:\program files\webex\productivity tools\PTIM.exe

uRun: [Epson Stylus NX330(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatihaa.exe /fu "c:\docume~1\laptop~1\locals~1\temp\E_S24F.tmp" /EF "HKCU"

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [uMonit] c:\windows\system32\umonit.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe

mRun: [shStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [NGTray] "c:\program files\symantec\ghost\ngtray.exe"

mRun: [McAfeeUpdaterUI] "c:\program files\network associates\common framework\UdaterUI.exe" /StartedFromRunKey

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [LTCM Client] c:\program files\ltcm client\ltcmClient.exe /startup

mRun: [Logitech Hardware Abstraction Layer] "c:\program files\common files\logitech\khalshared\KHALMNPR.EXE"

mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [intelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"

mRun: [intelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"

mRun: [Adobe_ID0ENQBO] c:\progra~1\common~1\adobe\adobev~2\server\bin\VERSIO~2.EXE

mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"

mRun: [sDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"

dRun: [Adobe] rundll32.exe "c:\documents and settings\laptop user\local settings\application data\apple computer\adobe\xdlqzl.dll",DllRegisterServer

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\setpoint.lnk - c:\program files\setpoint\SetPoint.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\smartb~1.lnk - c:\program files\smart technologies\smart product drivers\SMARTBoardTools.exe

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} - hxxp://165.248.233.217/iNotes6W.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1231532123176

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF}

DPF: {CAFECAFE-0013-0001-0030-ABCDEFABCDEF}

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxp://165.248.233.217/dwa7W.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP28EP2-12243/webex/ieatgpc.cab

Notify: igfxcui - igfxdev.dll

Notify: SDWinLogon - SDWinLogon.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

mASetup: Neat ADF Scanner 2008 - reg copy "HKLM\Software\The Neat Company\Neat ADF Scanner 2008" "HKCU\Software\The Neat Company\Neat ADF Scanner 2008" /s /f

Hosts: 165.248.100.142 makala1

Hosts: 165.248.101.190 manoa1

Hosts: 165.248.101.62 manana1

Hosts: 165.248.102.38 mauka1

Hosts: 165.248.103.61 mckin1

.

Note: multiple HOSTS entries found. Please refer to Attach.txt

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\laptop user\application data\mozilla\firefox\profiles\165tp9u2.default\

FF - prefs.js: browser.startup.homepage - hxxp://165.248.233.217/mail/skeough.nsf

FF - plugin: c:\program files\adobe\acrobat 9.0\acrobat\air\nppdf32.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPJinit13128.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPJinit13130.dll

FF - plugin: c:\program files\netscape\communicator\program\plugins\npaudio.dll

FF - plugin: c:\program files\netscape\communicator\program\plugins\npavi32.dll

FF - plugin: c:\program files\netscape\communicator\program\plugins\npnul32.dll

FF - plugin: c:\program files\netscape\communicator\program\plugins\NPQTW32.DLL

FF - plugin: c:\program files\zwinky_5qei\installr\1.bin\NP5qEISb.dll

FF - plugin: c:\windows\system32\npdeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

FF - plugin: c:\windows\system32\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0602010.005\SymDS.sys [2012-6-27 340088]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0602010.005\SymEFA.sys [2012-6-27 905336]

R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.1.5\definitions\bashdefs\20120619.001\BHDrvx86.sys [2012-6-19 821920]

R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\n360\0602010.005\ccSetx86.sys [2012-6-27 132744]

R1 mferkdk;VSCore mferkdk;c:\program files\mcafee\virusscan enterprise\mferkdk.sys [2006-11-29 31944]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0602010.005\Ironx86.sys [2012-6-27 149624]

R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\epsoncustomerparticipation\EPCP.exe [2011-6-9 521600]

R2 Lotus Notes Diagnostics;Lotus Notes Diagnostics;c:\program files\ibm\lotus\notes\nsd.exe [2009-9-29 3397000]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-6-30 654408]

R2 McAfeeFramework;McAfee Framework Service;c:\program files\network associates\common framework\FrameworkService.exe [2008-7-28 103744]

R2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\Mcshield.exe [2006-11-29 144960]

R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2006-11-29 54872]

R2 N360;Norton 360;c:\program files\norton 360\engine\6.2.1.5\ccSvcHst.exe [2012-6-27 138232]

R2 NGCLIENT;Symantec Ghost Client Agent;c:\program files\symantec\ghost\ngctw32.exe [2007-4-19 632456]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2012-7-1 1122296]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2012-7-1 838136]

R2 SMART Display Controller;SMART Display Controller;c:\program files\smart technologies\smart product drivers\UCService.exe [2010-11-19 846192]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-6-28 106656]

R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.1.5\definitions\ipsdefs\20120702.001\IDSXpx86.sys [2012-7-2 369632]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-6-30 22344]

R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2009-12-15 72264]

R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2009-12-15 34152]

R3 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2009-12-15 168776]

R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.1.5\definitions\virusdefs\20120702.002\NAVENG.SYS [2012-7-2 87928]

R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.1.5\definitions\virusdefs\20120702.002\NAVEX15.SYS [2012-7-2 1589752]

S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 288112]

S3 fixustor;fixustor;c:\windows\system32\drivers\fixustor.sys [2012-2-6 6016]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-26 113120]

S3 SMART SNMP Agent Service;SMART SNMP Agent Service;c:\program files\smart technologies\smart product drivers\SMARTSNMPAgent.exe [2010-11-19 1664368]

.

=============== File Associations ===============

.

.txt=

.

=============== Created Last 30 ================

.

2012-07-03 09:39:15 1324 ----a-w- c:\windows\system32\d3d9caps.tmp

2012-07-02 02:25:45 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy

2012-07-02 02:24:45 15224 ----a-w- c:\windows\system32\sdnclean.exe

2012-07-02 02:24:41 -------- d-----w- c:\program files\Spybot - Search & Destroy 2

2012-06-30 10:41:06 -------- d-----w- c:\documents and settings\laptop user\application data\Malwarebytes

2012-06-30 10:40:34 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-06-30 10:40:33 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-30 10:40:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-06-30 09:36:00 -------- d-----w- c:\documents and settings\laptop user\application data\DriverCure

2012-06-30 09:35:59 -------- d-----w- c:\documents and settings\laptop user\application data\SpeedMaxPc

2012-06-30 09:35:26 -------- d-----w- c:\documents and settings\all users\application data\SpeedMaxPc

2012-06-29 20:44:31 -------- d-----w- c:\windows\pss

2012-06-29 20:14:06 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll

2012-06-28 06:05:23 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL

2012-06-28 06:05:23 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2012-06-28 06:05:03 905336 ----a-r- c:\windows\system32\drivers\n360\0602010.005\SymEFA.sys

2012-06-28 06:05:03 388216 ----a-r- c:\windows\system32\drivers\n360\0602010.005\symtdi.sys

2012-06-28 06:05:03 345208 ----a-r- c:\windows\system32\drivers\n360\0602010.005\symtdiv.sys

2012-06-28 06:05:03 340088 ----a-r- c:\windows\system32\drivers\n360\0602010.005\SymDS.sys

2012-06-28 06:05:03 32888 ----a-r- c:\windows\system32\drivers\n360\0602010.005\srtspx.sys

2012-06-28 06:05:03 318584 ----a-r- c:\windows\system32\drivers\n360\0602010.005\symnets.sys

2012-06-28 06:05:02 574072 ----a-r- c:\windows\system32\drivers\n360\0602010.005\srtsp.sys

2012-06-28 06:05:02 149624 ----a-r- c:\windows\system32\drivers\n360\0602010.005\Ironx86.sys

2012-06-28 06:05:02 132744 ----a-r- c:\windows\system32\drivers\n360\0602010.005\ccSetx86.sys

2012-06-28 06:04:42 4782 ----a-r- c:\windows\system32\drivers\n360\0602010.005\SymVTcer.dat

2012-06-28 06:04:41 -------- d-----w- c:\windows\system32\drivers\n360\0602010.005

2012-06-28 06:04:41 -------- d-----w- c:\windows\system32\drivers\N360

2012-06-28 06:04:40 -------- d-----w- c:\program files\Norton 360

2012-06-28 06:02:35 -------- d-----w- c:\program files\NortonInstaller

2012-06-28 06:02:35 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller

2012-06-28 01:56:43 -------- d-----w- c:\documents and settings\all users\application data\F4D55F3E0405F6ED00096165D151FC4E

2012-06-26 22:25:04 73 ----a-w- c:\windows\system32\ssprs.dll

2012-06-26 22:25:04 205 ----a-w- c:\windows\system32\lsprst7.dll

2012-06-26 22:25:04 1025 ----a-w- c:\windows\system32\sysprs7.dll

2012-06-26 22:25:04 1025 ----a-w- c:\windows\system32\clauth2.dll

2012-06-26 22:25:04 1025 ----a-w- c:\windows\system32\clauth1.dll

2012-06-26 22:25:04 -------- d-----w- c:\documents and settings\all users\application data\Minnetonka Audio Software

2012-06-26 22:19:12 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys

2012-06-26 22:19:03 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys

2012-06-26 22:18:57 16384 ----a-w- c:\windows\system32\ipsink.ax

2012-06-26 22:18:57 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys

2012-06-26 22:18:50 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys

2012-06-26 22:18:42 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS

2012-06-26 22:18:31 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys

2012-06-26 22:18:16 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys

2012-06-26 21:55:49 53760 ----a-w- c:\windows\system32\vfwwdm32.dll

2012-06-26 21:55:48 51200 ----a-w- c:\windows\system32\drivers\msdv.sys

2012-06-26 21:55:48 43008 ----a-w- c:\windows\system32\ksxbar.ax

2012-06-26 21:55:47 91136 ----a-w- c:\windows\system32\kswdmcap.ax

2012-06-26 21:55:47 61952 ----a-w- c:\windows\system32\kstvtune.ax

2012-06-26 21:55:24 38912 ----a-w- c:\windows\system32\drivers\avc.sys

2012-06-26 21:54:58 48128 ----a-w- c:\windows\system32\drivers\61883.sys

2012-06-23 23:57:19 -------- d-----w- c:\documents and settings\laptop user\local settings\application data\IBM

2012-06-23 20:54:29 81920 ----a-w- c:\windows\system32\ieencode.dll

2012-06-23 20:54:29 81920 ----a-w- c:\windows\system32\dllcache\ieencode.dll

2012-06-23 07:09:15 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll

2012-06-23 07:09:15 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll

2012-06-22 05:43:54 476936 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-06-22 05:43:54 472840 ----a-w- c:\windows\system32\deployJava1.dll

2012-06-12 10:18:36 -------- d-----w- c:\documents and settings\laptop user\application data\Leader Technologies

2012-06-12 07:19:13 -------- d-----w- c:\program files\LTCM Client

2012-06-12 07:09:08 77824 ----a-w- c:\windows\system32\EBAPI.dll

2012-06-12 07:09:08 65536 ----a-w- c:\windows\system32\EEBUtil.dll

2012-06-12 07:09:08 55808 ----a-w- c:\windows\system32\EEBSDKIF.dll

2012-06-12 07:09:08 135168 ----a-w- c:\windows\system32\EEBAPI.dll

2012-06-12 07:09:08 110592 ----a-w- c:\windows\system32\EEBDSCVR.dll

2012-06-12 07:05:32 475496 ----a-w- c:\windows\system32\ensppmon.dll

2012-06-12 07:05:32 475496 ----a-w- c:\windows\system32\enppmon.dll

2012-06-12 07:05:32 457780 ----a-w- c:\windows\system32\ensppui.dll

2012-06-12 07:05:32 457780 ----a-w- c:\windows\system32\enppui.dll

2012-06-12 07:05:32 249344 ----a-w- c:\windows\system32\enspres.dll

2012-06-12 07:05:32 249344 ----a-w- c:\windows\system32\enpres.dll

2012-06-12 07:05:32 -------- d-----w- c:\program files\EpsonNet

2012-06-12 07:05:13 -------- d-----w- c:\program files\common files\EPSON

2012-06-12 07:05:00 -------- d-----w- c:\program files\Epson America Inc

2012-06-12 07:04:24 93696 ----a-w- c:\windows\system32\E_FLBHAA.DLL

2012-06-12 07:04:24 63488 ----a-w- c:\windows\system32\E_FD4BHAA.DLL

2012-06-12 07:04:01 -------- d-----w- c:\documents and settings\all users\application data\EPSON

2012-06-12 07:03:12 -------- d-----w- c:\program files\Epson Software

2012-06-12 07:02:32 342016 ----a-w- c:\windows\system32\eswiaud.dll

2012-06-12 07:02:32 132560 ----a-w- c:\windows\system32\esdevapp.exe

2012-06-12 07:02:32 12800 ----a-w- c:\windows\system32\escdev.dll

2012-06-12 07:02:21 -------- d-----w- c:\program files\epson

2012-06-12 01:59:27 -------- d-----w- c:\program files\common files\The Neat Company

2012-06-12 01:53:35 -------- d-----w- c:\program files\Microsoft Synchronization Services

2012-06-12 01:53:34 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2012-06-12 01:34:43 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll

2012-06-12 01:34:43 87040 ----a-w- c:\windows\system32\wiafbdrv.dll

2012-06-12 01:31:20 -------- d-----w- c:\documents and settings\laptop user\local settings\application data\IsolatedStorage

2012-06-12 01:30:23 45056 ----a-w- c:\windows\system32\midrv74P.dll

2012-06-12 01:29:08 -------- d-----w- c:\program files\common files\Intuit

2012-06-12 01:29:01 -------- d-----w- c:\program files\common files\NeatReceipts

2012-06-12 01:28:36 -------- d-----w- c:\documents and settings\all users\application data\The Neat Company

2012-06-12 01:27:50 -------- d-----w- c:\program files\NeatWorks

2012-06-06 09:35:52 83424 ----a-w- c:\windows\system32\dwabho.dll

2012-06-03 23:05:02 -------- d-----w- c:\windows\system32\wbem\repository\FS

2012-06-03 23:05:02 -------- d-----w- c:\windows\system32\wbem\Repository

.

==================== Find3M ====================

.

2012-06-28 20:22:30 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-28 20:22:30 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-22 05:43:37 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-04-11 13:14:41 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-04-11 13:12:06 1862272 ----a-w- c:\windows\system32\win32k.sys

2012-04-11 12:35:51 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe

2005-06-16 22:19:22 2482176 ----a-w- c:\program files\TCTrill.dll

2005-06-11 01:12:16 847872 ----a-w- c:\program files\TCTrillS.dll

2005-06-03 18:59:54 61440 ----a-w- c:\program files\TCReports.dll

2004-02-12 04:11:40 7659520 ----a-w- c:\program files\Geo CS Test Gen Management.exe

2004-02-12 03:59:34 4009984 ----a-w- c:\program files\Geo CS Test Gen Student.exe

2004-01-27 02:04:08 49152 ----a-w- c:\program files\TCAlerts.dll

2003-11-04 22:21:00 983040 ----a-w- c:\program files\stuffit5.engine-5.1.dll

2003-11-04 22:21:00 561152 ----a-w- c:\program files\xp32_207.dll

2003-11-04 22:21:00 21776 ----a-w- c:\program files\shfolder.dll

2003-11-04 22:20:00 479232 ----a-w- c:\program files\rp32_207.dll

2003-11-04 22:20:00 217088 ----a-w- c:\program files\sa32_207.dll

2003-11-04 22:19:00 725032 ----a-w- c:\program files\kSAdg.dll

2003-11-04 22:19:00 692264 ----a-w- c:\program files\kCPdg.dll

2003-11-04 22:19:00 413736 ----a-w- c:\program files\kGRdg.dll

2003-11-04 22:19:00 401462 ----a-w- c:\program files\msvcp60.dll

2003-11-04 22:19:00 290869 ----a-w- c:\program files\msvcrt.dll

2003-11-04 22:19:00 2744361 ----a-w- c:\program files\kFDMdg.dll

2003-11-04 22:19:00 1982504 ----a-w- c:\program files\kFDdg.dll

2003-11-04 22:19:00 1937448 ----a-w- c:\program files\kXPdg.dll

2003-11-04 22:19:00 1794088 ----a-w- c:\program files\kRPdg.dll

2003-11-04 22:19:00 1597480 ----a-w- c:\program files\kDBdg.dll

2003-11-04 22:19:00 1486848 ----a-w- c:\program files\owl609v.dll

2003-11-04 22:18:00 638976 ----a-w- c:\program files\fd32_207.dll

2003-11-04 22:18:00 401728 ----a-w- c:\program files\EQNEDIT.EXE

2003-11-04 22:18:00 352256 ----a-w- c:\program files\db32_207.dll

2003-11-04 22:18:00 212992 ----a-w- c:\program files\cp32_207.dll

2003-11-04 22:18:00 131072 ----a-w- c:\program files\gr32_207.dll

2003-11-04 22:18:00 1122304 ----a-w- c:\program files\fm32_207.dll

2003-11-04 22:17:00 311296 ----a-w- c:\program files\APE24EXT_MT.dll

.

=================== ROOTKIT ====================

.

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Windows 5.1.2600 Disk: Hitachi_HTS722080K9A300 rev.DCBOCA1H -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e

.

device: opened successfully

user: MBR read successfully

.

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8A2434B1]<<

_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x8a24a93c]; MOV EAX, [0x8a24aab0]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }

1 ntkrnlpa!IofCallDriver[0x804EF1B0] -> \Device\Harddisk0\DR0[0x8A67AAB8]

3 CLASSPNP[0xBA108FD7] -> ntkrnlpa!IofCallDriver[0x804EF1B0] -> [0x8A555030]

\Driver\atapi[0x8A621C80] -> IRP_MJ_CREATE -> 0x8A2434B1

error: Read A device attached to the system is not functioning.

kernel: MBR read successfully

_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [bP+0x0], CH; JL 0x2e; JNZ 0x3a; }

detected disk devices:

detected hooks:

\Driver\atapi DriverStartIo -> 0x8A2432E2

user & kernel MBR OK

Warning: possible TDL3 rootkit infection !

.

============= FINISH: 23:44:32.43 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 7/24/2008 1:44:09 PM

System Uptime: 7/2/2012 11:33:01 PM (0 hours ago)

.

Motherboard: Dell Inc. | |

Processor: Intel® Core2 Duo CPU T7250 @ 2.00GHz | Microprocessor | 1994/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 74 GiB total, 23.964 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Hosts File Hijack ======================

.

Hosts: 165.248.100.142 makala1

Hosts: 165.248.101.190 manoa1

Hosts: 165.248.101.62 manana1

Hosts: 165.248.102.38 mauka1

Hosts: 165.248.103.61 mckin1

Hosts: 165.248.105.228 milh1

Hosts: 165.248.106.150 milike1

Hosts: 165.248.106.10 milmka

Hosts: 165.248.107.136 miluka1

Hosts: 165.248.108.209 moanae1

Hosts: 165.248.108.37 milwaena

Hosts: 165.248.109.187 moahs1

Hosts: 165.248.10.9 isped2

Hosts: 165.248.10.11 sra5

Hosts: 165.248.10.12 sra4

Hosts: 165.248.10.13 darkwing

Hosts: 165.248.10.134 isped14

Hosts: 165.248.10.136 isped15

Hosts: 165.248.10.144 lilinote

Hosts: 165.248.10.145 rep1

Hosts: 165.248.10.146 mta1

Hosts: 165.248.10.147 route1

Hosts: 165.248.10.148 maui1

Hosts: 165.248.10.149 maui2

Hosts: 165.248.10.15 sraserv2

Hosts: 165.248.10.151 rep2

Hosts: 165.248.10.158 isped2icm

Hosts: 165.248.10.159 isped3icm

Hosts: 165.248.10.160 isped6

Hosts: 165.248.10.162 isped7

Hosts: 165.248.10.169 isped5

Hosts: 165.248.10.17 sraserv3

Hosts: 165.248.10.170 app1

Hosts: 165.248.10.173 isped3

Hosts: 165.248.10.18 test1

Hosts: 165.248.10.19 sraserv1

Hosts: 165.248.10.190 srasun

Hosts: 165.248.10.21 sra1

Hosts: 165.248.10.22 sra2

Hosts: 165.248.10.24 beta2

Hosts: 165.248.10.25 r5

Hosts: 165.248.10.254 irmb1

Hosts: 165.248.10.26 sugar

Hosts: 165.248.10.26 isped4

Hosts: 165.248.10.28 sametime

Hosts: 165.248.10.29 diis

Hosts: 165.248.10.30 049sphere

Hosts: 165.248.10.35 isped8

Hosts: 165.248.10.43 isped12

Hosts: 165.248.10.53 isped9

Hosts: 165.248.10.56 isped1

Hosts: 165.248.10.58 isped10

Hosts: 165.248.10.59 isped10pn

Hosts: 165.248.10.7 decs1

Hosts: 165.248.10.84 npump1

Hosts: 165.248.111.126 moanai1

Hosts: 165.248.112.158 mokulele1

Hosts: 165.248.113.14 momil1

Hosts: 165.248.113.190 nanaika1

Hosts: 165.248.114.147 nanak1

Hosts: 165.248.115.50 nanakhi1

Hosts: 165.248.117.235 noelani

Hosts: 165.248.117.62 niuv1

Hosts: 165.248.118.190 nuuanu1

Hosts: 165.248.119.67 palolo1

Hosts: 165.248.11.11 hondo1

Hosts: 165.248.11.138 cendo2

Hosts: 165.248.11.151 cendo1

Hosts: 165.248.120.122 pauoa1

Hosts: 165.248.121.126 pccomp1

Hosts: 165.248.123.190 pearlh1

Hosts: 165.248.124.22 pearlhk1

Hosts: 165.248.124.210 pridge1

Hosts: 165.248.125.190 pohakea1

Hosts: 165.248.127.143 radford

Hosts: 165.248.127.62 puuhale1

Hosts: 165.248.129.6 redhill1

Hosts: 165.248.12.205 kahukuhi

Hosts: 165.248.12.206 kalaheo

Hosts: 165.248.12.207 king

Hosts: 165.248.12.208 maunawili

Hosts: 165.248.12.222 windo1

Hosts: 165.248.130.62 rsvlt1

Hosts: 165.248.131.190 slake1

Hosts: 165.248.131.62 royal1

Hosts: 165.248.132.79 ascott1

Hosts: 165.248.133.17 shafter1

Hosts: 165.248.133.217 solomon1

Hosts: 165.248.134.190 stvson1

Hosts: 165.248.136.254 wahiawai1

Hosts: 165.248.136.62 wahiawa1

Hosts: 165.248.138.16 waialae1

Hosts: 165.248.138.141 waialuae1

Hosts: 165.248.13.190 hawsped1

Hosts: 165.248.13.80 hawdo1

Hosts: 165.248.140.126 waianae1

Hosts: 165.248.141.62 waianah1

Hosts: 165.248.142.143 waianai1

Hosts: 165.248.143.147 waiau1

Hosts: 165.248.144.62 waikiki1

Hosts: 165.248.145.126 waimalu1

Hosts: 165.248.145.220 waiman1

Hosts: 165.248.146.190 waipel1

Hosts: 165.248.149.25 waipin1

Hosts: 165.248.149.33 waipc1

Hosts: 165.248.14.11 mauido1

Hosts: 165.248.14.190 mlsc1

Hosts: 165.248.14.203 kauaido1

Hosts: 165.248.150.15 washint1

Hosts: 165.248.151.126 webling1

Hosts: 165.248.152.100 wheelm1

Hosts: 165.248.151.146 wheele1

Hosts: 165.248.153.190 wilson1

Hosts: 165.248.154.60 anuenue1

Hosts: 165.248.155.16 holomua

Hosts: 165.248.158.94 waikele1

Hosts: 165.248.160.16 milmid1

Hosts: 165.248.164.158 haaheo1

Hosts: 165.248.165.100 hiloh1

Hosts: 165.248.167.190 hilou1

Hosts: 165.248.168.144 honau1

Hosts: 165.248.169.62 honokh1

Hosts: 165.248.170.126 hookena

Hosts: 165.248.171.126 kahakai1

Hosts: 165.248.171.189 kalania1

Hosts: 165.248.173.207 keaaum1

Hosts: 165.248.174.126 keaau1

Hosts: 165.248.174.254 kealake1

Hosts: 165.248.175.140 kealaki1

Hosts: 165.248.176.190 keauk1

Hosts: 165.248.176.254 keone1

Hosts: 165.248.177.79 kohalah1

Hosts: 165.248.178.126 konaw1

Hosts: 165.248.179.62 konawh1

Hosts: 165.248.180.201 laupah1

Hosts: 165.248.181.207 naalehu1

Hosts: 165.248.181.79 mtview1

Hosts: 165.248.182.126 paauilo1

Hosts: 165.248.182.254 pahoae1

Hosts: 165.248.184.126 waiakeae1

Hosts: 165.248.185.100 waiakeah1

Hosts: 165.248.186.185 waiakeai1

Hosts: 165.248.187.190 waiakeaw1

Hosts: 165.248.187.30 kapoleih1

Hosts: 165.248.189.249 waikolo1

Hosts: 165.248.189.62 waimeae1

Hosts: 165.248.190.62 konawm1

Hosts: 165.248.191.126 honoke1

Hosts: 165.248.191.190 kohalae1

Hosts: 165.248.192.15 kohalam1

Hosts: 165.248.192.165 hiloi1

Hosts: 165.248.193.60 kealakh1

Hosts: 165.248.195.190 pahoah1

Hosts: 165.248.198.60 keaauh2

Hosts: 165.248.198.62 keaauh1

Hosts: 165.248.199.126 baldwin1

Hosts: 165.248.1.173 lili1

Hosts: 165.248.200.190 haiku1

Hosts: 165.248.201.146 iao1

Hosts: 165.248.201.62 hana1

Hosts: 165.248.202.190 kahului

Hosts: 165.248.203.16 kalama1

Hosts: 165.248.203.221 jarret1

Hosts: 165.248.204.62 kamiii

Hosts: 165.248.205.126 kihei1

Hosts: 165.248.206.126 kula

Hosts: 165.248.207.62 lahaina1

Hosts: 165.248.207.126 lahainal1

Hosts: 165.248.208.254 lokela1

Hosts: 165.248.208.62 lihikai1

Hosts: 165.248.209.190 makawao1

Hosts: 165.248.210.84 mauihs1

Hosts: 165.248.211.203 mauiw1

Hosts: 165.248.212.140 nahiena1

Hosts: 165.248.213.190 pukala1

Hosts: 165.248.213.62 paia1

Hosts: 165.248.214.190 wailuku1

Hosts: 165.248.214.62 waihee

Hosts: 165.248.215.100 kklike

Hosts: 165.248.215.99 kklike2

Hosts: 165.248.216.62 kamalii1

Hosts: 165.248.219.61 kapomid1

Hosts: 165.248.225.190 kiloh1

Hosts: 165.248.225.26 kaunaka1

Hosts: 165.248.226.190 maunal1

Hosts: 165.248.226.62 kualapuu

Hosts: 165.248.227.62 molokah1

Hosts: 165.248.229.16 lanai1

Hosts: 165.248.231.139 hanalei1

Hosts: 165.248.232.62 kalahe1

Hosts: 165.248.233.17 kapaa1

Hosts: 165.248.233.217 kapaah1

Hosts: 165.248.236.232 kaumu1

Hosts: 165.248.236.62 kauaihi1

Hosts: 165.248.238.126 kilauea1

Hosts: 165.248.238.159 koloa1

Hosts: 165.248.239.114 waimeac1

Hosts: 165.248.240.83 waimeah1

Hosts: 165.248.241.22 wilcox

Hosts: 165.248.241.82 eleele1

Hosts: 165.248.242.11 kapaam1

Hosts: 165.248.243.126 kekaha1

Hosts: 165.248.244.251 kamaka1

Hosts: 165.248.24.89 leedo1

Hosts: 165.248.89.21 kokoh1

Hosts: 165.248.2.125 telesch1

Hosts: 165.248.2.20 atr1

Hosts: 165.248.2.55 hcps1

Hosts: 165.248.2.56 cai1

Hosts: 165.248.31.253 mcsa

Hosts: 165.248.33.254 jeffers1

Hosts: 165.248.34.62 olomana1

Hosts: 165.248.36.20 ahuim1

Hosts: 165.248.36.190 aieael1

Hosts: 165.248.38.62 aieah1

Hosts: 165.248.39.145 ainaha1

Hosts: 165.248.3.11 ois3

Hosts: 165.248.3.126 felix1

Hosts: 165.248.3.144 eval1

Hosts: 165.248.40.254 aliame1

Hosts: 165.248.40.62 alawai1

Hosts: 165.248.41.126 aliami1

Hosts: 165.248.42.126 alii1

Hosts: 165.248.43.78 august1

Hosts: 165.248.44.20 campb1

Hosts: 165.248.45.151 castle1

Hosts: 165.248.47.62 central1

Hosts: 165.248.48.3 dole2

Hosts: 165.248.48.4 dole3

Hosts: 165.248.49.144 ewa1

Hosts: 165.248.49.62 ewab1

Hosts: 165.248.10.6 facil1

Hosts: 165.248.50.62 farrin1

Hosts: 165.248.51.150 fern1

Hosts: 165.248.52.16 hahaione

Hosts: 165.248.53.170 haleiwa1

Hosts: 165.248.55.126 helemano

Hosts: 165.248.55.18 heeia1

Hosts: 165.248.56.196 highl1

Hosts: 165.248.55.230 hickam1

Hosts: 165.248.58.62 honowai1

Hosts: 165.248.59.95 ilima1

Hosts: 165.248.5.208 foodsrv

Hosts: 165.248.60.184 iroq1

Hosts: 165.248.62.13 jeffers2

Hosts: 165.248.63.62 kmanu1

Hosts: 165.248.63.76 kaala1

Hosts: 165.248.64.126 kaewai1

Hosts: 165.248.64.209 kahala

Hosts: 165.248.68.62 kailuae1

Hosts: 165.248.70.80 kaimiloa

Hosts: 165.248.71.16 kaimuh1

Hosts: 165.248.72.123 kaimum1

Hosts: 165.248.73.254 kaiser1

Hosts: 165.248.74.210 kaiula1

Hosts: 165.248.76.90 kalaka1

Hosts: 165.248.77.15 kalanih1

Hosts: 165.248.78.207 kalihi

Hosts: 165.248.78.62 kalei1

Hosts: 165.248.79.76 kalkai1

Hosts: 165.248.7.80 nssb1

Hosts: 165.248.80.189 kalihiw1

Hosts: 165.248.80.62 kaluka1

Hosts: 165.248.81.16 kamaile

Hosts: 165.248.82.120 kaneohe1

Hosts: 165.248.82.62 kamilo1

Hosts: 165.248.83.145 kapalama

Hosts: 165.248.83.62 kanoela1

Hosts: 165.248.84.78 leedo2

Hosts: 165.248.84.79 kapolei

Hosts: 165.248.85.253 kauluw1

Hosts: 165.248.85.80 kapuna1

Hosts: 165.248.86.80 kawana1

Hosts: 165.248.88.190 kipapa1

Hosts: 165.248.8.254 spms1

Hosts: 165.248.90.207 lanak1

Hosts: 165.248.90.25 laie1

Hosts: 165.248.91.254 lehua1

Hosts: 165.248.92.190 leihoku1

Hosts: 165.248.93.21 leilehua1

Hosts: 165.248.93.73 wahcsa1

Hosts: 165.248.35.16 rise1

Hosts: 165.248.95.93 likel1

Hosts: 165.248.96.190 lincoln1

Hosts: 165.248.96.62 linapu1

Hosts: 165.248.97.144 maemae

Hosts: 165.248.97.51 lunal1

Hosts: 165.248.98.80 maili1

Hosts: 165.248.99.254 mkilo1

Hosts: 165.248.99.59 makaha1

Hosts: 165.248.147.151 waipah1

Hosts: 165.248.10.146 smtp1

Hosts: 165.248.116.85 nimitz1

Hosts: 165.248.118.207 pces1

Hosts: 165.248.139.27 waialuah1

Hosts: 165.248.126.55 pope1

Hosts: 165.248.145.239 waiman2

Hosts: 165.248.43.157 barbers1

Hosts: 165.248.14.203 kauaido1

Hosts: 165.248.10.96 mushroom

.

==== Installed Programs ======================

.

Acrobat.com

Adobe Acrobat 4.0

Adobe Acrobat 9 Pro - English, Français, Deutsch

Adobe Acrobat 9.5.1 - CPSID_83708

Adobe After Effects CS4

Adobe After Effects CS4 Presets

Adobe After Effects CS4 Template Projects & Footage

Adobe After Effects CS4 Third Party Content

Adobe AIR

Adobe Anchor Service CS4

Adobe Asset Services CS4

Adobe Bridge CS4

Adobe CMaps CS4

Adobe Color - Photoshop Specific CS4

Adobe Color EU Extra Settings CS4

Adobe Color JA Extra Settings CS4

Adobe Color NA Recommended Settings CS4

Adobe Color Video Profiles AE CS4

Adobe Color Video Profiles CS CS4

Adobe Contribute CS4

Adobe Creative Suite 4 Master Collection

Adobe CS4 American English Speech Analysis Models

Adobe CS4 French Speech Analysis Models

Adobe CS4 German Speech Analysis Models

Adobe CS4 International English Speech Analysis Models

Adobe CS4 Italian Speech Analysis Models

Adobe CS4 Japanese Speech Analysis Models

Adobe CS4 Korean Speech Analysis Models

Adobe CS4 Spanish Speech Analysis Models

Adobe CSI CS4

Adobe Default Language CS4

Adobe Device Central CS4

Adobe Dreamweaver CS4

Adobe Drive CS4

Adobe Dynamiclink Support

Adobe Encore CS4

Adobe Encore CS4 Codecs

Adobe Encore CS4 Library

Adobe ExtendScript Toolkit CS4

Adobe Extension Manager CS4

Adobe Fireworks CS4

Adobe Flash CS4

Adobe Flash CS4 Extension - Flash Lite STI en

Adobe Flash CS4 STI-en

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Fonts All

Adobe Illustrator CS4

Adobe InDesign CS4

Adobe InDesign CS4 Application Feature Set Files (Roman)

Adobe InDesign CS4 Common Base Files

Adobe InDesign CS4 Icon Handler

Adobe Linguistics CS4

Adobe Media Encoder CS4

Adobe Media Encoder CS4 Additional Exporter

Adobe Media Encoder CS4 Dolby

Adobe Media Encoder CS4 Exporter

Adobe Media Encoder CS4 Importer

Adobe Media Player

Adobe MotionPicture Color Files CS4

Adobe OnLocation CS4

Adobe Output Module

Adobe PDF Library Files CS4

Adobe Photoshop CS4

Adobe Photoshop CS4 Support

Adobe Premiere Pro CS4

Adobe Premiere Pro CS4 Functional Content

Adobe Premiere Pro CS4 Third Party Content

Adobe Reader X (10.1.0)

Adobe Search for Help

Adobe Service Manager Extension

Adobe Setup

Adobe SGM CS4

Adobe SING CS4

Adobe Soundbooth CS4

Adobe Soundbooth CS4 Codecs

Adobe Type Support CS4

Adobe Update Manager CS4

Adobe Version Cue CS4 Server

Adobe WinSoft Linguistics Plugin

Adobe XMP Panels CS4

AdobeColorCommonSetCMYK

AdobeColorCommonSetRGB

AiO_Scan_CDA

AiOSoftwareNPI

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ArcSoft Media Card Companion

Bluetooth Stack for Windows by Toshiba

Bonjour

Broadcom Gigabit Integrated Controller

BufferChm

Camtasia Studio 3

CDDRV_Installer

Cisco WebEx Meetings

Conexant HDA D330 MDC V.92 Modem

Connect

Critical Update for Windows Media Player 11 (KB959772)

CustomerResearchQFolder

Dell Resource CD

Destinations

DeviceManagementQFolder

DocProc

DocProcQFolder

Epson Connect

Epson Customer Participation

Epson Event Manager

EPSON NX330 Series Printer Uninstall

EPSON Scan

EpsonNet Print

eSupportQFolder

Fax_CDA

Generic color icon driver

Genesys USB Mass Storage Device

Geo CS Test Gen

getPlus® for Adobe

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Customer Participation Program 7.0

HP Imaging Device Functions 7.0

HP Photosmart Essential

HP Photosmart, Officejet and Deskjet 7.0.A

HP Software Update

HP Solution Center 7.0

HPPhotoSmartExpress

HPProductAssistant

InstantShareDevicesMFC

Intel® Graphics Media Accelerator Driver

Intel® PROSet/Wireless Software

iTunes

Java Auto Updater

Java 6 Update 33

Java 6 Update 7

Jing

KhalSetup

kuler

Lotus Notes 8.5.1

LTCM Client

Malwarebytes Anti-Malware version 1.61.0.1400

MarketResearch

McAfee AntiSpyware Enterprise Module

mCore

mDriver

mDrWiFi

mHlpDell

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Plus 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

mIWA

mLogView

mMHouse

Mozilla Firefox 13.0.1 (x86 en-US)

Mozilla Maintenance Service

mPfMgr

mPfWiz

mProSafe

mSCfg

mSSO

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6.0 Parser

mWlsSafe

mWMI

mZConfig

Neat ADF Scanner Driver

Neat Mobile Scanner (Silver) Driver

Neat Mobile Scanner 2008 Driver

Neat Mobile Scanner Driver

NeatWorks

NeatWorks Core Files

Netscape Navigator 4.08

Network Stumbler 0.4.0 (remove only)

NewCopy_CDA

Norton 360

OCR Software by I.R.I.S 7.0

Oracle JInitiator 1.3.1.28

Oracle JInitiator 1.3.1.30

Oz776 SCR Driver V1.1.4.2

PanoStandAlone

PDF Settings CS4

Photoshop Camera Raw

Pixel Bender Toolkit

ProductContextNPI

QuickTime

Readme

Roxio Activation Module

Roxio Creator Audio

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE

Roxio Creator Tools

Roxio Drag-to-Disc

Roxio Express Labeler 3

Roxio Update Manager

Safari

Scan

ScannerCopy

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2482017)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2497640)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2530548)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544521)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2559049)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2586448)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618444)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950759)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953838)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958215)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960714)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371-v2)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB963027)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969897)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB976325)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982381)

Security Update for Windows XP (KB982665)

SetPoint

SigmaTel Audio

SMART Notebook

SMART Product Drivers

SMART Product Update

SnagIt 8

SolutionCenter

Sonic CinePlayer Decoder Pack

Spelling Dictionaries Support For Adobe Reader 9

Spybot - Search & Destroy

Status

Suite Shared Configuration CS4

Symantec Ghost Console Client

Toolbox

TrayApp

Unload

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687267) 32-Bit Edition

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB942763)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update for Windows XP (KB978207)

Update for Windows XP (KB980182)

WebEx Productivity Tools

WebFldrs XP

WebReg

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Service Pack 3

ZipGenius 6 (6.0.3.1140)

.

==== Event Viewer Messages From Past Week ========

.

6/29/2012 12:44:42 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.

.

==== End Of File ===========================

[Maniac]

Step 1

Anti-Virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash. If you choose to install more than one Anti-Virus program on your computer, then only one of them should be active in memory at a time. You can choose one between McAfee AntiSpyware Enterprise Module and Norton 360, then uninstall the other one. Finally, reboot your PC.

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
   
   
2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
   
   
3. Click the Start Scan button.
   
   
4. If a suspicious object is detected, the default action will be Skip, click on Continue.
   
   
5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
   
6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
   
   
7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
   

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

• Launch Malwarebytes' Anti-Malware
  
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  
• Go to Scanner tab and select Perform Quick Scan, then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

• TDSSKiller log
  
• Malwarebytes' Anti-Malware log
  
• a new fresh DDS log file

[screen317]

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

[Maurice Naggar]

Re-opened per OP request.

@shiannte

Be sure to be prompt in doing the steps outlined by Maniac.

IF in future you think you will be delayed, do make sure to let your helper know.

Good luck.

[shiannte]

After following your instructions, I notice that the adware/malware is not playing in the background any more. Thank you!!!

1. I was unable to delete/uninstall one of my anti-virus software programs. I went to control panel and looked to uninstall the McAfee AntiSpyware Enterprise Module, deleted that but not able to delete the entire McAfee itself.

2. Here is my TDSSKiller Log:

01:47:56.0203 4204 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35

01:47:57.0296 4204 ============================================================

01:47:57.0296 4204 Current date / time: 2012/07/12 01:47:57.0296

01:47:57.0296 4204 SystemInfo:

01:47:57.0296 4204

01:47:57.0296 4204 OS Version: 5.1.2600 ServicePack: 3.0

01:47:57.0296 4204 Product type: Workstation

01:47:57.0296 4204 ComputerName: E0460871

01:47:57.0296 4204 UserName: Admin

01:47:57.0296 4204 Windows directory: C:\WINDOWS

01:47:57.0296 4204 System windows directory: C:\WINDOWS

01:47:57.0296 4204 Processor architecture: Intel x86

01:47:57.0296 4204 Number of processors: 2

01:47:57.0296 4204 Page size: 0x1000

01:47:57.0296 4204 Boot type: Normal boot

01:47:57.0296 4204 ============================================================

01:48:00.0515 4204 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

01:48:00.0531 4204 ============================================================

01:48:00.0531 4204 \Device\Harddisk0\DR0:

01:48:00.0531 4204 MBR partitions:

01:48:00.0531 4204 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32FCD, BlocksNum 0x94DB4F4

01:48:00.0531 4204 ============================================================

01:48:00.0562 4204 C: <-> \Device\Harddisk0\DR0\Partition0

01:48:00.0562 4204 ============================================================

01:48:00.0562 4204 Initialize success

01:48:00.0562 4204 ============================================================

01:48:31.0890 1628 ============================================================

01:48:31.0890 1628 Scan started

01:48:31.0890 1628 Mode: Manual; SigCheck; TDLFS;

01:48:31.0890 1628 ============================================================

01:48:33.0687 1628 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys

01:49:07.0531 1628 61883 - ok

01:49:07.0531 1628 Abiosdsk - ok

01:49:07.0531 1628 abp480n5 - ok

01:49:07.0593 1628 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

01:49:07.0906 1628 ACPI - ok

01:49:07.0937 1628 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

01:49:08.0203 1628 ACPIEC - ok

01:49:08.0234 1628 adfs (73685e15ef8b0bd9c30f1af413f13d49) C:\WINDOWS\system32\drivers\adfs.sys

01:49:08.0265 1628 adfs - ok

01:49:08.0359 1628 Adobe Version Cue CS4 (9444a3530c2e88b7ed96a566ff9ccc13) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe

01:49:08.0375 1628 Adobe Version Cue CS4 - ok

01:49:08.0390 1628 adpu160m - ok

01:49:08.0421 1628 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

01:49:08.0921 1628 aec - ok

01:49:08.0953 1628 AegisP (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys

01:49:09.0218 1628 AegisP - ok

01:49:09.0687 1628 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

01:49:10.0078 1628 AFD - ok

01:49:10.0140 1628 Aha154x - ok

01:49:10.0140 1628 aic78u2 - ok

01:49:10.0140 1628 aic78xx - ok

01:49:10.0187 1628 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

01:49:10.0421 1628 Alerter - ok

01:49:10.0437 1628 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

01:49:10.0812 1628 ALG - ok

01:49:10.0812 1628 AliIde - ok

01:49:10.0812 1628 amsint - ok

01:49:10.0875 1628 Apple Mobile Device (4b5ae15e5c73eb4dc8dbec2788230d41) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

01:49:10.0890 1628 Apple Mobile Device - ok

01:49:10.0937 1628 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

01:49:11.0171 1628 AppMgmt - ok

01:49:11.0187 1628 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

01:49:11.0390 1628 Arp1394 - ok

01:49:11.0390 1628 asc - ok

01:49:11.0390 1628 asc3350p - ok

01:49:11.0406 1628 asc3550 - ok

01:49:11.0468 1628 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

01:49:11.0500 1628 aspnet_state - ok

01:49:11.0515 1628 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

01:49:11.0687 1628 AsyncMac - ok

01:49:11.0718 1628 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

01:49:12.0015 1628 atapi - ok

01:49:12.0015 1628 Atdisk - ok

01:49:12.0031 1628 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

01:49:12.0328 1628 Atmarpc - ok

01:49:12.0359 1628 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

01:49:12.0578 1628 AudioSrv - ok

01:49:12.0609 1628 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

01:49:12.0875 1628 audstub - ok

01:49:12.0906 1628 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys

01:49:13.0140 1628 Avc - ok

01:49:13.0171 1628 b57w2k (f96038aa1ec4013a93d2420fc689d1e9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

01:49:13.0296 1628 b57w2k - ok

01:49:13.0328 1628 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

01:49:13.0531 1628 Beep - ok

01:49:13.0656 1628 BHDrvx86 (a9e111a358ac5f7eba7ac61e43fc6725) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120711.002\BHDrvx86.sys

01:49:13.0703 1628 BHDrvx86 - ok

01:49:13.0750 1628 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

01:49:14.0000 1628 BITS - ok

01:49:14.0062 1628 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe

01:49:14.0109 1628 Bonjour Service - ok

01:49:14.0125 1628 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

01:49:14.0390 1628 Browser - ok

01:49:14.0437 1628 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

01:49:14.0687 1628 cbidf2k - ok

01:49:14.0718 1628 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

01:49:14.0984 1628 CCDECODE - ok

01:49:15.0015 1628 ccSet_N360 (599e7f6259a127c174c49938d2aa6a60) C:\WINDOWS\system32\drivers\N360\0602010.005\ccSetx86.sys

01:49:15.0046 1628 ccSet_N360 - ok

01:49:15.0046 1628 cd20xrnt - ok

01:49:15.0093 1628 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

01:49:15.0359 1628 Cdaudio - ok

01:49:15.0390 1628 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

01:49:15.0671 1628 Cdfs - ok

01:49:15.0687 1628 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

01:49:15.0921 1628 Cdrom - ok

01:49:15.0921 1628 Changer - ok

01:49:15.0953 1628 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

01:49:16.0296 1628 CiSvc - ok

01:49:16.0343 1628 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

01:49:16.0671 1628 ClipSrv - ok

01:49:16.0750 1628 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

01:49:16.0765 1628 clr_optimization_v2.0.50727_32 - ok

01:49:16.0765 1628 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

01:49:17.0125 1628 CmBatt - ok

01:49:17.0125 1628 CmdIde - ok

01:49:17.0125 1628 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

01:49:17.0453 1628 Compbatt - ok

01:49:17.0453 1628 COMSysApp - ok

01:49:17.0468 1628 Cpqarray - ok

01:49:17.0484 1628 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

01:49:17.0718 1628 CryptSvc - ok

01:49:17.0765 1628 CSRBC (8e1945984e147562f9f08e1d344a69cc) C:\WINDOWS\system32\Drivers\csrbcxp.sys

01:49:17.0906 1628 CSRBC ( UnsignedFile.Multi.Generic ) - warning

01:49:17.0906 1628 CSRBC - detected UnsignedFile.Multi.Generic (1)

01:49:17.0906 1628 dac2w2k - ok

01:49:17.0906 1628 dac960nt - ok

01:49:17.0953 1628 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

01:49:18.0140 1628 DcomLaunch - ok

01:49:18.0171 1628 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

01:49:18.0359 1628 Dhcp - ok

01:49:18.0500 1628 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

01:49:18.0812 1628 Disk - ok

01:49:18.0828 1628 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS

01:49:18.0843 1628 DLABMFSM - ok

01:49:18.0859 1628 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS

01:49:18.0875 1628 DLABOIOM - ok

01:49:18.0875 1628 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

01:49:18.0890 1628 DLACDBHM - ok

01:49:18.0890 1628 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS

01:49:18.0906 1628 DLADResM - ok

01:49:18.0921 1628 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS

01:49:18.0937 1628 DLAIFS_M - ok

01:49:18.0953 1628 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS

01:49:18.0968 1628 DLAOPIOM - ok

01:49:18.0968 1628 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS

01:49:18.0984 1628 DLAPoolM - ok

01:49:18.0984 1628 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS

01:49:19.0015 1628 DLARTL_M - ok

01:49:19.0046 1628 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS

01:49:19.0078 1628 DLAUDFAM - ok

01:49:19.0078 1628 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS

01:49:19.0093 1628 DLAUDF_M - ok

01:49:19.0109 1628 dmadmin - ok

01:49:19.0187 1628 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

01:49:19.0593 1628 dmboot - ok

01:49:19.0640 1628 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

01:49:19.0968 1628 dmio - ok

01:49:20.0000 1628 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

01:49:20.0390 1628 dmload - ok

01:49:20.0421 1628 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

01:49:20.0765 1628 dmserver - ok

01:49:20.0796 1628 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

01:49:20.0984 1628 DMusic - ok

01:49:21.0031 1628 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

01:49:21.0281 1628 Dnscache - ok

01:49:21.0390 1628 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

01:49:21.0781 1628 Dot3svc - ok

01:49:21.0781 1628 dpti2o - ok

01:49:21.0781 1628 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

01:49:22.0093 1628 drmkaud - ok

01:49:22.0109 1628 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

01:49:22.0125 1628 DRVMCDB - ok

01:49:22.0156 1628 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

01:49:22.0171 1628 DRVNDDM - ok

01:49:22.0203 1628 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

01:49:22.0390 1628 EapHost - ok

01:49:22.0484 1628 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

01:49:22.0515 1628 eeCtrl - ok

01:49:22.0562 1628 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe

01:49:22.0656 1628 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning

01:49:22.0656 1628 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)

01:49:22.0718 1628 EpsonCustomerParticipation (b78436ca173ff723a1eace5cd4900375) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

01:49:22.0750 1628 EpsonCustomerParticipation - ok

01:49:22.0781 1628 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

01:49:22.0796 1628 EraserUtilRebootDrv - ok

01:49:22.0828 1628 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

01:49:23.0093 1628 ERSvc - ok

01:49:23.0140 1628 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

01:49:23.0343 1628 Eventlog - ok

01:49:23.0375 1628 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

01:49:23.0718 1628 EventSystem - ok

01:49:23.0781 1628 EvtEng (e71b03ff6b819ae1a286aa27e956d523) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

01:49:23.0921 1628 EvtEng ( UnsignedFile.Multi.Generic ) - warning

01:49:23.0921 1628 EvtEng - detected UnsignedFile.Multi.Generic (1)

01:49:24.0000 1628 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

01:49:24.0265 1628 Fastfat - ok

01:49:24.0312 1628 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

01:49:24.0453 1628 FastUserSwitchingCompatibility - ok

01:49:24.0453 1628 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

01:49:24.0671 1628 Fdc - ok

01:49:24.0703 1628 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

01:49:24.0968 1628 Fips - ok

01:49:25.0000 1628 fixustor (cdb568db5e8985dcc623da808ac61042) C:\WINDOWS\system32\drivers\fixustor.sys

01:49:25.0203 1628 fixustor ( UnsignedFile.Multi.Generic ) - warning

01:49:25.0203 1628 fixustor - detected UnsignedFile.Multi.Generic (1)

01:49:25.0296 1628 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

01:49:25.0328 1628 FLEXnet Licensing Service - ok

01:49:25.0328 1628 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

01:49:25.0859 1628 Flpydisk - ok

01:49:25.0875 1628 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

01:49:26.0312 1628 FltMgr - ok

01:49:26.0390 1628 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

01:49:26.0421 1628 FontCache3.0.0.0 - ok

01:49:26.0437 1628 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

01:49:26.0921 1628 Fs_Rec - ok

01:49:26.0921 1628 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

01:49:27.0171 1628 Ftdisk - ok

01:49:27.0187 1628 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

01:49:27.0203 1628 GEARAspiWDM - ok

01:49:27.0234 1628 getPlus® Helper (7bec703f31e1d441db16886c9aa4cba9) C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

01:49:27.0250 1628 getPlus® Helper - ok

01:49:27.0281 1628 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

01:49:27.0593 1628 Gpc - ok

01:49:27.0625 1628 guardian2 (7031a936832967a93b0e5d5f1c76745a) C:\WINDOWS\system32\Drivers\oz776.sys

01:49:27.0890 1628 guardian2 - ok

01:49:27.0890 1628 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

01:49:28.0203 1628 HDAudBus - ok

01:49:28.0234 1628 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

01:49:28.0609 1628 helpsvc - ok

01:49:28.0625 1628 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll

01:49:28.0984 1628 HidServ - ok

01:49:29.0062 1628 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

01:49:29.0390 1628 HidUsb - ok

01:49:29.0421 1628 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

01:49:29.0625 1628 hkmsvc - ok

01:49:29.0625 1628 hpn - ok

01:49:29.0671 1628 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

01:49:30.0046 1628 HPZid412 - ok

01:49:30.0046 1628 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

01:49:30.0656 1628 HPZipr12 - ok

01:49:30.0656 1628 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

01:49:30.0843 1628 HPZius12 - ok

01:49:30.0921 1628 HSFHWAZL (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys

01:49:31.0250 1628 HSFHWAZL - ok

01:49:31.0312 1628 HSF_DPV (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

01:49:31.0468 1628 HSF_DPV - ok

01:49:31.0515 1628 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

01:49:31.0718 1628 HTTP - ok

01:49:31.0765 1628 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

01:49:32.0078 1628 HTTPFilter - ok

01:49:32.0078 1628 i2omgmt - ok

01:49:32.0093 1628 i2omp - ok

01:49:32.0140 1628 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

01:49:32.0437 1628 i8042prt - ok

01:49:32.0843 1628 ialm (200cca76cd0e0f7eec78fa56c29b4d67) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

01:49:33.0437 1628 ialm - ok

01:49:33.0625 1628 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

01:49:33.0656 1628 idsvc - ok

01:49:33.0765 1628 IDSxpx86 (eeebf3616db90124c1c57019d39aa9a2) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120711.001\IDSxpx86.sys

01:49:33.0796 1628 IDSxpx86 - ok

01:49:33.0890 1628 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

01:49:34.0140 1628 Imapi - ok

01:49:34.0171 1628 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

01:49:34.0375 1628 ImapiService - ok

01:49:34.0375 1628 ini910u - ok

01:49:34.0390 1628 IntelIde - ok

01:49:34.0390 1628 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

01:49:34.0609 1628 intelppm - ok

01:49:34.0625 1628 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

01:49:34.0828 1628 Ip6Fw - ok

01:49:34.0859 1628 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

01:49:35.0203 1628 IpFilterDriver - ok

01:49:35.0218 1628 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

01:49:35.0453 1628 IpInIp - ok

01:49:35.0484 1628 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

01:49:35.0843 1628 IpNat - ok

01:49:35.0921 1628 iPod Service (7a3611564fce7c8be50b03f58cb3eb7d) C:\Program Files\iPod\bin\iPodService.exe

01:49:35.0953 1628 iPod Service - ok

01:49:35.0968 1628 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

01:49:36.0187 1628 IPSec - ok

01:49:36.0203 1628 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

01:49:36.0656 1628 IRENUM - ok

01:49:36.0703 1628 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

01:49:36.0968 1628 isapnp - ok

01:49:37.0015 1628 JavaQuickStarterService (de5d05fd449798ef88cc34ad4b1e7f85) C:\Program Files\Java\jre6\bin\jqs.exe

01:49:37.0031 1628 JavaQuickStarterService - ok

01:49:37.0062 1628 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

01:49:37.0296 1628 Kbdclass - ok

01:49:37.0734 1628 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

01:49:38.0015 1628 kbdhid - ok

01:49:38.0062 1628 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

01:49:38.0328 1628 kmixer - ok

01:49:38.0343 1628 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

01:49:38.0593 1628 KSecDD - ok

01:49:38.0625 1628 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

01:49:38.0906 1628 lanmanserver - ok

01:49:38.0937 1628 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

01:49:39.0156 1628 lanmanworkstation - ok

01:49:39.0156 1628 lbrtfdc - ok

01:49:39.0171 1628 LHidFilt (ea57f9a93042d53256db4e2222b93b37) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys

01:49:39.0203 1628 LHidFilt - ok

01:49:39.0234 1628 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

01:49:39.0609 1628 LmHosts - ok

01:49:39.0625 1628 LMouFilt (8bd61e1f686d352b318b025524542128) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys

01:49:39.0640 1628 LMouFilt - ok

01:49:39.0890 1628 Lotus Notes Diagnostics (986e0f3be701b232b8913de59c7adc7c) C:\Program Files\IBM\Lotus\Notes\nsd.exe

01:49:40.0000 1628 Lotus Notes Diagnostics - ok

01:49:40.0125 1628 Lotus Notes Single Logon (71f607abe2355fabea9fb13e057ac050) C:\Program Files\IBM\Lotus\Notes\nslsvice.exe

01:49:40.0140 1628 Lotus Notes Single Logon - ok

01:49:40.0250 1628 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys

01:49:40.0265 1628 MBAMProtector - ok

01:49:40.0343 1628 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

01:49:40.0375 1628 MBAMService - ok

01:49:40.0421 1628 McAfeeFramework (447d4617b99ac0a4ba056713dfe02279) C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

01:49:40.0437 1628 McAfeeFramework - ok

01:49:40.0484 1628 McShield (12bef73e0281ac793865be1a331c67fc) C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

01:49:40.0500 1628 McShield - ok

01:49:40.0531 1628 McTaskManager (d0f500bc9f114c99d32df4dc4c857c94) C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

01:49:40.0546 1628 McTaskManager - ok

01:49:40.0593 1628 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

01:49:40.0625 1628 MDM - ok

01:49:40.0718 1628 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

01:49:41.0031 1628 mdmxsdk - ok

01:49:41.0062 1628 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

01:49:41.0328 1628 Messenger - ok

01:49:41.0343 1628 mfeapfk (1f334eb2a13816df45671ebb98896da7) C:\WINDOWS\system32\drivers\mfeapfk.sys

01:49:41.0359 1628 mfeapfk - ok

01:49:41.0375 1628 mfeavfk (8a1dedbbdad33587f6fad780ce4b34b5) C:\WINDOWS\system32\drivers\mfeavfk.sys

01:49:41.0390 1628 mfeavfk - ok

01:49:41.0406 1628 mfebopk (d800e31a019a6979698eef0507baa746) C:\WINDOWS\system32\drivers\mfebopk.sys

01:49:41.0421 1628 mfebopk - ok

01:49:41.0468 1628 mfehidk (0ae14fab8e25c258c6ebf3827c649273) C:\WINDOWS\system32\drivers\mfehidk.sys

01:49:41.0484 1628 mfehidk - ok

01:49:41.0500 1628 mferkdk (e72afc5056f6804c616e7dc32a38945f) C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys

01:49:41.0515 1628 mferkdk - ok

01:49:41.0531 1628 mfetdik (a47f0f63e92730de15d41624ab998c5c) C:\WINDOWS\system32\drivers\mfetdik.sys

01:49:41.0546 1628 mfetdik - ok

01:49:41.0562 1628 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

01:49:41.0781 1628 mnmdd - ok

01:49:41.0828 1628 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

01:49:42.0046 1628 mnmsrvc - ok

01:49:42.0078 1628 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

01:49:42.0328 1628 Modem - ok

01:49:42.0343 1628 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

01:49:42.0609 1628 Mouclass - ok

01:49:42.0625 1628 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

01:49:42.0875 1628 mouhid - ok

01:49:42.0906 1628 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

01:49:43.0125 1628 MountMgr - ok

01:49:43.0171 1628 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

01:49:43.0187 1628 MozillaMaintenance - ok

01:49:43.0203 1628 mraid35x - ok

01:49:43.0218 1628 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

01:49:43.0453 1628 MRxDAV - ok

01:49:43.0500 1628 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

01:49:43.0703 1628 MRxSmb - ok

01:49:43.0734 1628 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

01:49:43.0953 1628 MSDTC - ok

01:49:43.0984 1628 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys

01:49:44.0203 1628 MSDV - ok

01:49:44.0218 1628 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

01:49:44.0375 1628 Msfs - ok

01:49:44.0375 1628 MSIServer - ok

01:49:44.0390 1628 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

01:49:44.0593 1628 MSKSSRV - ok

01:49:44.0593 1628 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

01:49:44.0812 1628 MSPCLOCK - ok

01:49:44.0812 1628 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

01:49:45.0031 1628 MSPQM - ok

01:49:45.0046 1628 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

01:49:45.0234 1628 mssmbios - ok

01:49:45.0265 1628 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

01:49:45.0531 1628 MSTEE - ok

01:49:45.0562 1628 Multi-user Cleanup Service (218d58976c01c60657818ed0eac81602) C:\Program Files\IBM\Lotus\Notes\ntmulti.exe

01:49:45.0609 1628 Multi-user Cleanup Service - ok

01:49:45.0640 1628 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

01:49:45.0796 1628 Mup - ok

01:49:45.0843 1628 N360 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

01:49:45.0875 1628 N360 - ok

01:49:45.0906 1628 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

01:49:46.0125 1628 NABTSFEC - ok

01:49:46.0171 1628 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

01:49:46.0343 1628 napagent - ok

01:49:46.0421 1628 NAVENG (f11033730b38260b6892e837c457fb4b) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120711.018\NAVENG.SYS

01:49:46.0453 1628 NAVENG - ok

01:49:46.0578 1628 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120711.018\NAVEX15.SYS

01:49:46.0625 1628 NAVEX15 - ok

01:49:46.0734 1628 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

01:49:47.0015 1628 NDIS - ok

01:49:47.0031 1628 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

01:49:47.0359 1628 NdisIP - ok

01:49:47.0390 1628 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

01:49:47.0796 1628 NdisTapi - ok

01:49:47.0812 1628 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

01:49:48.0093 1628 Ndisuio - ok

01:49:48.0109 1628 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

01:49:48.0281 1628 NdisWan - ok

01:49:48.0312 1628 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

01:49:48.0640 1628 NDProxy - ok

01:49:48.0671 1628 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

01:49:48.0984 1628 NetBIOS - ok

01:49:49.0015 1628 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

01:49:49.0234 1628 NetBT - ok

01:49:49.0281 1628 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

01:49:49.0531 1628 NetDDE - ok

01:49:49.0687 1628 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

01:49:49.0968 1628 NetDDEdsdm - ok

01:49:50.0046 1628 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

01:49:50.0281 1628 Netlogon - ok

01:49:50.0312 1628 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

01:49:50.0609 1628 Netman - ok

01:49:50.0703 1628 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

01:49:50.0734 1628 NetTcpPortSharing - ok

01:49:50.0906 1628 NETw4x32 (b5ab1108b377b5f3d37409fabda01453) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys

01:49:51.0187 1628 NETw4x32 - ok

01:49:51.0296 1628 NGCLIENT (174692e8a5eb4df16d44c1b44f978d3f) C:\Program Files\Symantec\Ghost\ngctw32.exe

01:49:51.0328 1628 NGCLIENT - ok

01:49:51.0468 1628 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

01:49:51.0796 1628 NIC1394 - ok

01:49:51.0859 1628 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

01:49:52.0015 1628 Nla - ok

01:49:52.0031 1628 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

01:49:52.0234 1628 Npfs - ok

01:49:52.0265 1628 NSNDIS5 (53f7546e8daefb3a0813f5e19c4613c9) C:\WINDOWS\system32\NSNDIS5.SYS

01:49:52.0562 1628 NSNDIS5 ( UnsignedFile.Multi.Generic ) - warning

01:49:52.0562 1628 NSNDIS5 - detected UnsignedFile.Multi.Generic (1)

01:49:52.0609 1628 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

01:49:52.0906 1628 Ntfs - ok

01:49:52.0937 1628 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

01:49:53.0140 1628 NtLmSsp - ok

01:49:53.0187 1628 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

01:49:53.0375 1628 NtmsSvc - ok

01:49:53.0406 1628 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

01:49:53.0593 1628 Null - ok

01:49:53.0609 1628 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

01:49:53.0828 1628 NwlnkFlt - ok

01:49:53.0828 1628 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

01:49:54.0109 1628 NwlnkFwd - ok

01:49:54.0234 1628 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

01:49:54.0265 1628 odserv - ok

01:49:54.0281 1628 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

01:49:54.0500 1628 ohci1394 - ok

01:49:54.0531 1628 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

01:49:54.0562 1628 ose - ok

01:49:54.0578 1628 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

01:49:54.0812 1628 Parport - ok

01:49:54.0812 1628 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

01:49:55.0062 1628 PartMgr - ok

01:49:55.0078 1628 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

01:49:55.0296 1628 ParVdm - ok

01:49:55.0312 1628 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

01:49:55.0593 1628 PCI - ok

01:49:55.0593 1628 PCIDump - ok

01:49:55.0593 1628 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

01:49:56.0078 1628 PCIIde - ok

01:49:56.0093 1628 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

01:49:56.0343 1628 Pcmcia - ok

01:49:56.0343 1628 PDCOMP - ok

01:49:56.0343 1628 PDFRAME - ok

01:49:56.0359 1628 PDRELI - ok

01:49:56.0359 1628 PDRFRAME - ok

01:49:56.0359 1628 perc2 - ok

01:49:56.0375 1628 perc2hib - ok

01:49:56.0406 1628 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

01:49:56.0484 1628 PlugPlay - ok

01:49:56.0500 1628 Pml Driver HPZ12 (d31f88c5f19eefa366a415d6bc5f2abc) C:\WINDOWS\system32\HPZipm12.exe

01:49:56.0703 1628 Pml Driver HPZ12 - ok

01:49:56.0718 1628 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

01:49:56.0890 1628 PolicyAgent - ok

01:49:56.0921 1628 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

01:49:57.0187 1628 PptpMiniport - ok

01:49:57.0187 1628 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

01:49:57.0437 1628 ProtectedStorage - ok

01:49:57.0453 1628 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

01:49:57.0640 1628 PSched - ok

01:49:57.0750 1628 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

01:49:58.0078 1628 Ptilink - ok

01:49:58.0093 1628 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys

01:49:58.0109 1628 PxHelp20 - ok

01:49:58.0125 1628 ql1080 - ok

01:49:58.0125 1628 Ql10wnt - ok

01:49:58.0140 1628 ql12160 - ok

01:49:58.0140 1628 ql1240 - ok

01:49:58.0140 1628 ql1280 - ok

01:49:58.0156 1628 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

01:49:58.0421 1628 RasAcd - ok

01:49:58.0609 1628 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

01:49:58.0843 1628 RasAuto - ok

01:49:58.0859 1628 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

01:49:59.0093 1628 Rasl2tp - ok

01:49:59.0125 1628 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

01:49:59.0359 1628 RasMan - ok

01:49:59.0359 1628 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

01:49:59.0640 1628 RasPppoe - ok

01:49:59.0640 1628 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

01:49:59.0875 1628 Raspti - ok

01:49:59.0921 1628 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

01:50:00.0156 1628 Rdbss - ok

01:50:00.0218 1628 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

01:50:00.0468 1628 RDPCDD - ok

01:50:00.0500 1628 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

01:50:00.0765 1628 rdpdr - ok

01:50:00.0796 1628 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

01:50:00.0968 1628 RDPWD - ok

01:50:01.0000 1628 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

01:50:01.0234 1628 RDSessMgr - ok

01:50:01.0250 1628 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

01:50:01.0437 1628 redbook - ok

01:50:01.0515 1628 RegSrvc (2cf574d0965f58e514a2dc94114d7eca) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

01:50:01.0625 1628 RegSrvc ( UnsignedFile.Multi.Generic ) - warning

01:50:01.0625 1628 RegSrvc - detected UnsignedFile.Multi.Generic (1)

01:50:01.0656 1628 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

01:50:02.0000 1628 RemoteAccess - ok

01:50:02.0015 1628 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

01:50:02.0343 1628 RemoteRegistry - ok

01:50:02.0375 1628 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

01:50:02.0625 1628 RpcLocator - ok

01:50:02.0687 1628 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

01:50:02.0812 1628 RpcSs - ok

01:50:02.0843 1628 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

01:50:03.0125 1628 RSVP - ok

01:50:03.0203 1628 S24EventMonitor (874173edbd4f2fe711f245855a2ffa23) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

01:50:03.0328 1628 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning

01:50:03.0328 1628 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)

01:50:03.0359 1628 s24trans (eadfb87f911a7a75d1b80617f92901e8) C:\WINDOWS\system32\DRIVERS\s24trans.sys

01:50:03.0515 1628 s24trans ( UnsignedFile.Multi.Generic ) - warning

01:50:03.0515 1628 s24trans - detected UnsignedFile.Multi.Generic (1)

01:50:03.0546 1628 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

01:50:03.0765 1628 SamSs - ok

01:50:03.0796 1628 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

01:50:03.0984 1628 SCardSvr - ok

01:50:04.0015 1628 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

01:50:04.0218 1628 Schedule - ok

01:50:04.0375 1628 SDScannerService (e1f35f902b825c7b18236271f398dda2) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe

01:50:04.0421 1628 SDScannerService - ok

01:50:04.0546 1628 SDUpdateService (2db434f4ce96b3fb65d44b3ad5a4de3e) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

01:50:04.0578 1628 SDUpdateService - ok

01:50:04.0734 1628 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

01:50:04.0937 1628 Secdrv - ok

01:50:04.0968 1628 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

01:50:05.0203 1628 seclogon - ok

01:50:05.0250 1628 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

01:50:05.0453 1628 SENS - ok

01:50:05.0546 1628 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

01:50:05.0859 1628 serenum - ok

01:50:05.0906 1628 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

01:50:06.0125 1628 Serial - ok

01:50:06.0156 1628 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

01:50:06.0359 1628 Sfloppy - ok

01:50:06.0421 1628 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

01:50:06.0828 1628 SharedAccess - ok

01:50:06.0890 1628 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

01:50:07.0328 1628 ShellHWDetection - ok

01:50:07.0343 1628 Simbad - ok

01:50:07.0359 1628 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

01:50:08.0046 1628 SLIP - ok

01:50:08.0609 1628 SMART Board Service (6dac3f90ef7b3ac349890e4eebacb260) C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe

01:50:08.0812 1628 SMART Board Service - ok

01:50:08.0968 1628 SMART Display Controller (63beb15cc3e249bf51134e85dd56535d) C:\Program Files\SMART Technologies\SMART Product Drivers\UCService.exe

01:50:09.0000 1628 SMART Display Controller - ok

01:50:09.0140 1628 SMART SNMP Agent Service (3bcb934ae0a0fca1c3aa7a3a8088bc68) C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe

01:50:09.0187 1628 SMART SNMP Agent Service - ok

01:50:09.0437 1628 Sparrow - ok

01:50:09.0453 1628 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

01:50:09.0671 1628 splitter - ok

01:50:09.0687 1628 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

01:50:09.0812 1628 Spooler - ok

01:50:09.0843 1628 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

01:50:10.0156 1628 sr - ok

01:50:10.0203 1628 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

01:50:10.0421 1628 srservice - ok

01:50:10.0562 1628 SRTSP (9dd258ee034afd36259cb7357e19d0b1) C:\WINDOWS\system32\drivers\N360\0602010.005\SRTSP.SYS

01:50:10.0593 1628 SRTSP - ok

01:50:10.0609 1628 SRTSPX (0cc3a10f363436c7b478419eb73f8d91) C:\WINDOWS\system32\drivers\N360\0602010.005\SRTSPX.SYS

01:50:10.0640 1628 SRTSPX - ok

01:50:10.0687 1628 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

01:50:10.0828 1628 Srv - ok

01:50:10.0843 1628 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

01:50:11.0156 1628 SSDPSRV - ok

01:50:11.0218 1628 STacSV (6f855b5625a47f3ac731a262fdc379a6) C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe

01:50:11.0421 1628 STacSV - ok

01:50:11.0578 1628 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys

01:50:11.0859 1628 STHDA - ok

01:50:11.0906 1628 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

01:50:12.0140 1628 stisvc - ok

01:50:12.0203 1628 stllssvr (de3e7a2345ebaa3ce8e6957dfb55fb15) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

01:50:12.0359 1628 stllssvr ( UnsignedFile.Multi.Generic ) - warning

01:50:12.0359 1628 stllssvr - detected UnsignedFile.Multi.Generic (1)

01:50:12.0406 1628 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

01:50:12.0921 1628 streamip - ok

01:50:12.0953 1628 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

01:50:13.0406 1628 swenum - ok

01:50:13.0453 1628 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

01:50:13.0921 1628 swmidi - ok

01:50:13.0921 1628 SwPrv - ok

01:50:13.0937 1628 symc810 - ok

01:50:13.0937 1628 symc8xx - ok

01:50:14.0000 1628 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\N360\0602010.005\SYMDS.SYS

01:50:14.0171 1628 SymDS - ok

01:50:14.0265 1628 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\WINDOWS\system32\drivers\N360\0602010.005\SYMEFA.SYS

01:50:14.0312 1628 SymEFA - ok

01:50:14.0359 1628 SymEvent (74e2521e96176a4449570e50be91954d) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

01:50:14.0375 1628 SymEvent - ok

01:50:14.0390 1628 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\WINDOWS\system32\drivers\N360\0602010.005\Ironx86.SYS

01:50:14.0406 1628 SymIRON - ok

01:50:14.0437 1628 SYMTDI (508bd882040f9cb12319e3a4fc78edb9) C:\WINDOWS\system32\drivers\N360\0602010.005\SYMTDI.SYS

01:50:14.0468 1628 SYMTDI - ok

01:50:14.0468 1628 sym_hi - ok

01:50:14.0468 1628 sym_u3 - ok

01:50:14.0500 1628 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

01:50:14.0703 1628 sysaudio - ok

01:50:14.0765 1628 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

01:50:15.0062 1628 SysmonLog - ok

01:50:15.0093 1628 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

01:50:15.0265 1628 TapiSrv - ok

01:50:15.0312 1628 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

01:50:15.0421 1628 Tcpip - ok

01:50:15.0468 1628 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

01:50:15.0781 1628 TDPIPE - ok

01:50:15.0796 1628 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

01:50:15.0968 1628 TDTCP - ok

01:50:16.0000 1628 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

01:50:16.0234 1628 TermDD - ok

01:50:16.0265 1628 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

01:50:16.0468 1628 TermService - ok

01:50:16.0546 1628 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

01:50:16.0671 1628 Themes - ok

01:50:16.0703 1628 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe

01:50:16.0921 1628 TlntSvr - ok

01:50:16.0937 1628 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys

01:50:17.0109 1628 toshidpt - ok

01:50:17.0140 1628 TosIde - ok

01:50:17.0171 1628 tosporte (8d624d3bd1f2d78bd1c01a2d4e954b4e) C:\WINDOWS\system32\DRIVERS\tosporte.sys

01:50:17.0265 1628 tosporte - ok

01:50:17.0281 1628 tosrfbd (435ac6cc2abed508ac5a495658cbaf0f) C:\WINDOWS\system32\DRIVERS\tosrfbd.sys

01:50:17.0453 1628 tosrfbd - ok

01:50:17.0484 1628 tosrfbnp (90c8525bc578aaffe87c2d0ed4379e9e) C:\WINDOWS\system32\Drivers\tosrfbnp.sys

01:50:17.0609 1628 tosrfbnp - ok

01:50:17.0843 1628 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys

01:50:18.0000 1628 Tosrfcom - ok

01:50:18.0000 1628 Tosrfhid (28099a4e52148319afa685d93a2244d0) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys

01:50:18.0125 1628 Tosrfhid - ok

01:50:18.0125 1628 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys

01:50:18.0250 1628 tosrfnds - ok

01:50:18.0265 1628 Tosrfusb (6bc529c5eca0c7654943fd6fab21c5fa) C:\WINDOWS\system32\DRIVERS\tosrfusb.sys

01:50:18.0437 1628 Tosrfusb - ok

01:50:18.0468 1628 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

01:50:18.0703 1628 TrkWks - ok

01:50:18.0734 1628 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

01:50:19.0000 1628 Udfs - ok

01:50:19.0000 1628 ultra - ok

01:50:19.0062 1628 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

01:50:19.0234 1628 Update - ok

01:50:19.0265 1628 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

01:50:19.0484 1628 upnphost - ok

01:50:19.0515 1628 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

01:50:19.0718 1628 UPS - ok

01:50:19.0750 1628 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys

01:50:20.0109 1628 USBAAPL - ok

01:50:20.0140 1628 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

01:50:20.0421 1628 usbaudio - ok

01:50:20.0437 1628 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

01:50:20.0687 1628 usbccgp - ok

01:50:20.0703 1628 USBCCID (2825e0e294686a26506690059e1f437a) C:\WINDOWS\system32\DRIVERS\usbccid.sys

01:50:20.0859 1628 USBCCID - ok

01:50:20.0890 1628 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

01:50:21.0125 1628 usbehci - ok

01:50:21.0140 1628 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

01:50:21.0359 1628 usbhub - ok

01:50:21.0390 1628 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

01:50:21.0859 1628 usbprint - ok

01:50:21.0906 1628 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

01:50:22.0125 1628 usbscan - ok

01:50:22.0156 1628 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

01:50:22.0437 1628 USBSTOR - ok

01:50:22.0484 1628 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

01:50:22.0718 1628 usbuhci - ok

01:50:22.0765 1628 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

01:50:23.0093 1628 VgaSave - ok

01:50:23.0093 1628 ViaIde - ok

01:50:23.0125 1628 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

01:50:23.0296 1628 VolSnap - ok

01:50:23.0359 1628 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

01:50:23.0593 1628 VSS - ok

01:50:23.0625 1628 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

01:50:23.0953 1628 W32Time - ok

01:50:23.0984 1628 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

01:50:24.0250 1628 Wanarp - ok

01:50:24.0296 1628 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

01:50:24.0328 1628 Wdf01000 - ok

01:50:24.0328 1628 WDICA - ok

01:50:24.0359 1628 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

01:50:24.0625 1628 wdmaud - ok

01:50:24.0703 1628 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

01:50:24.0937 1628 WebClient - ok

01:50:25.0031 1628 winachsf (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

01:50:25.0171 1628 winachsf - ok

01:50:25.0234 1628 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

01:50:25.0453 1628 winmgmt - ok

01:50:25.0546 1628 WLANKEEPER (4307641ca3389a210295fdffd2a73dee) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

01:50:25.0687 1628 WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning

01:50:25.0687 1628 WLANKEEPER - detected UnsignedFile.Multi.Generic (1)

01:50:25.0718 1628 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

01:50:25.0906 1628 WmdmPmSN - ok

01:50:25.0968 1628 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll

01:50:26.0078 1628 Wmi - ok

01:50:26.0109 1628 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

01:50:26.0281 1628 WmiAcpi - ok

01:50:26.0328 1628 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

01:50:26.0515 1628 WmiApSrv - ok

01:50:26.0625 1628 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe

01:50:26.0765 1628 WMPNetworkSvc - ok

01:50:26.0812 1628 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

01:50:27.0062 1628 wscsvc - ok

01:50:27.0109 1628 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

01:50:27.0296 1628 WSTCODEC - ok

01:50:27.0296 1628 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

01:50:27.0531 1628 wuauserv - ok

01:50:27.0609 1628 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

01:50:27.0765 1628 WudfPf - ok

01:50:27.0765 1628 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

01:50:27.0890 1628 WudfRd - ok

01:50:27.0906 1628 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

01:50:28.0046 1628 WudfSvc - ok

01:50:28.0109 1628 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

01:50:28.0390 1628 WZCSVC - ok

01:50:28.0671 1628 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

01:50:29.0000 1628 xmlprov - ok

01:50:29.0031 1628 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

01:50:29.0031 1628 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected

01:50:29.0031 1628 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)

01:50:29.0062 1628 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

01:50:29.0062 1628 \Device\Harddisk0\DR0 - detected TDSS File System (1)

01:50:29.0078 1628 Boot (0x1200) (6a8375b063e3f895c13c123b5305a0f1) \Device\Harddisk0\DR0\Partition0

01:50:29.0078 1628 \Device\Harddisk0\DR0\Partition0 - ok

01:50:29.0078 1628 ============================================================

01:50:29.0078 1628 Scan finished

01:50:29.0078 1628 ============================================================

01:50:29.0187 3772 Detected object count: 12

01:50:29.0187 3772 Actual detected object count: 12

01:50:55.0625 3772 CSRBC ( UnsignedFile.Multi.Generic ) - skipped by user

01:50:55.0625 3772 CSRBC ( UnsignedFile.Multi.Generic ) - User select action: Skip

01:50:55.0625 3772 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user

01:50:55.0625 3772 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip

01:50:55.0625 3772 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user

01:50:55.0625 3772 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip

01:50:55.0640 3772 fixustor ( UnsignedFile.Multi.Generic ) - skipped by user

01:50:55.0640 3772 fixustor ( UnsignedFile.Multi.Generic ) - User select action: Skip

01:50:55.0640 3772 NSNDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user

01:50:55.0640 3772 NSNDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip

01:50:55.0640 3772 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user

01:50:55.0640 3772 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

01:50:55.0640 3772 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user

01:50:55.0640 3772 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip

01:50:55.0640 3772 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user

01:50:55.0640 3772 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip

01:50:55.0640 3772 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user

01:50:55.0640 3772 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip

01:50:55.0640 3772 WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user

01:50:55.0640 3772 WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip

01:50:56.0390 3772 \Device\Harddisk0\DR0\# - copied to quarantine

01:50:56.0390 3772 \Device\Harddisk0\DR0 - copied to quarantine

01:50:56.0421 3772 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine

01:50:56.0437 3772 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

01:50:56.0453 3772 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

01:50:56.0484 3772 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

01:50:56.0500 3772 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

01:50:56.0515 3772 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine

01:50:56.0531 3772 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine

01:50:56.0531 3772 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

01:50:56.0546 3772 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

01:50:56.0562 3772 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

01:50:56.0562 3772 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine

01:50:56.0578 3772 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine

01:50:56.0593 3772 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

01:50:56.0625 3772 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot

01:50:56.0625 3772 \Device\Harddisk0\DR0 - ok

01:50:56.0625 3772 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure

01:50:56.0625 3772 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

01:50:56.0625 3772 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

01:51:36.0406 5732 Deinitialize success

3. Here is my Malwarebytes' Anti-Malware Log (Nothing to remove):

Malwarebytes Anti-Malware (Trial) 1.62.0.1300

www.malwarebytes.org

Database version: v2012.07.12.07

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 6.0.2900.5512

Admin :: E0460871 [administrator]

Protection: Enabled

7/12/2012 2:07:40 AM

mbam-log-2012-07-12 (02-07-40).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 270709

Time elapsed: 14 minute(s), 3 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

4. Here is my dds log:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_33

Run by Admin at 2:25:18 on 2012-07-12

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1086 [GMT -10:00]

.

AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}

AV: McAfee VirusScan Enterprise *Enabled/Outdated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

FW: Norton 360 *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\IBM\Lotus\Notes\nsd.exe

C:\Program Files\IBM\Lotus\Notes\nslsvice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\IBM\Lotus\Notes\ntmulti.exe

C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

C:\Program Files\Symantec\Ghost\ngctw32.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe

C:\Program Files\SMART Technologies\SMART Product Drivers\UCService.exe

C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\WINDOWS\system32\umonit.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Symantec\Ghost\ngtray.exe

C:\Program Files\Network Associates\Common Framework\UdaterUI.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Network Associates\Common Framework\McTray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\Epson Software\Event Manager\EEventManager.exe

C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe

C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\SetPoint\SetPoint.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtBty.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe

C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe

C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe

C:\Program Files\SMART Technologies\SMART Product Drivers\Aware.exe

C:\Program Files\SMART Technologies\SMART Product Drivers\Marker.exe

.

============== Pseudo HJT Report ===============

.

uWindow Title = Internet Explorer, optimized for Bing and MSN

uInternet Settings,ProxyOverride = *.local

BHO: HelperObject Class: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 8\SnagItBHO.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: DWABrowserHlprObj Class: {2709d830-b643-4e72-9a1e-701cfffcf30c} - c:\windows\system32\dwabho.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy 2\SDHelper.dll

BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\6.2.1.5\coIEPlg.dll

BHO: CIEDownload Object: {67bcf957-85fc-4036-8dc4-d4d80e00a77b} - c:\program files\smart technologies\smart notebook\NotebookPlugin.dll

BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\6.2.1.5\ips\IPSBHO.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan enterprise\scriptcl.dll

BHO: WebEx Productivity Tools: {90e2ba2e-dd1b-4cde-9134-7a8b86d33ca7} - c:\program files\webex\productivity tools\ptonecli.dll

BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll

TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 8\SnagItIEAddin.dll

TB: WebEx Productivity Tools: {90e2ba2e-dd1b-4cde-9134-7a8b86d33ca7} - c:\program files\webex\productivity tools\ptonecli.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\6.2.1.5\coIEPlg.dll

TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [iSUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler

mRun: [uMonit] c:\windows\system32\umonit.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe

mRun: [shStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [NGTray] "c:\program files\symantec\ghost\ngtray.exe"

mRun: [McAfeeUpdaterUI] "c:\program files\network associates\common framework\UdaterUI.exe" /StartedFromRunKey

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [LTCM Client] c:\program files\ltcm client\ltcmClient.exe /startup

mRun: [Logitech Hardware Abstraction Layer] "c:\program files\common files\logitech\khalshared\KHALMNPR.EXE"

mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [intelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"

mRun: [intelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"

mRun: [Adobe_ID0ENQBO] c:\progra~1\common~1\adobe\adobev~2\server\bin\VERSIO~2.EXE

mRun: [AdobeCS4ServiceManager] "c:\program files\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"

mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"

mRun: [sDTray] "c:\program files\spybot - search & destroy 2\SDTray.exe"

dRun: [Adobe] rundll32.exe "c:\documents and settings\laptop user\local settings\application data\apple computer\adobe\xdlqzl.dll",DllRegisterServer

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\setpoint.lnk - c:\program files\setpoint\SetPoint.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\smartb~1.lnk - c:\program files\smart technologies\smart product drivers\SMARTBoardTools.exe

IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} - hxxp://165.248.233.217/iNotes6W.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1231532123176

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF}

DPF: {CAFECAFE-0013-0001-0030-ABCDEFABCDEF}

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab

DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} - hxxp://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {E008A543-CEFB-4559-912F-C27C2B89F13B} - hxxp://165.248.233.217/dwa7W.cab

DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://akamaicdn.webex.com/client/WBXclient-T27L10NSP28EP2-12243/webex/ieatgpc.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{3357F480-C801-4B6D-B320-86F0E362BC60} : DhcpNameServer = 192.168.1.1

Notify: igfxcui - igfxdev.dll

Notify: SDWinLogon - SDWinLogon.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

mASetup: Neat ADF Scanner 2008 - reg copy "HKLM\Software\The Neat Company\Neat ADF Scanner 2008" "HKCU\Software\The Neat Company\Neat ADF Scanner 2008" /s /f

Hosts: 165.248.100.142 makala1

Hosts: 165.248.101.190 manoa1

Hosts: 165.248.101.62 manana1

Hosts: 165.248.102.38 mauka1

Hosts: 165.248.103.61 mckin1

.

Note: multiple HOSTS entries found. Please refer to Attach.txt

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\admin\application data\mozilla\firefox\profiles\7wgst86i.default\

FF - plugin: c:\program files\adobe\acrobat 9.0\acrobat\air\nppdf32.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPJinit13128.dll

FF - plugin: c:\program files\mozilla firefox\plugins\NPJinit13130.dll

FF - plugin: c:\program files\zwinky_5qei\installr\1.bin\NP5qEISb.dll

FF - plugin: c:\windows\system32\npdeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

FF - plugin: c:\windows\system32\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0602010.005\SymDS.sys [2012-6-27 340088]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0602010.005\SymEFA.sys [2012-6-27 905336]

R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.1.5\definitions\bashdefs\20120711.002\BHDrvx86.sys [2012-7-12 821920]

R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\n360\0602010.005\ccSetx86.sys [2012-6-27 132744]

R1 mferkdk;VSCore mferkdk;c:\program files\mcafee\virusscan enterprise\mferkdk.sys [2006-11-29 31944]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0602010.005\Ironx86.sys [2012-6-27 149624]

R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\epsoncustomerparticipation\EPCP.exe [2011-6-9 521600]

R2 Lotus Notes Diagnostics;Lotus Notes Diagnostics;c:\program files\ibm\lotus\notes\nsd.exe [2009-9-29 3397000]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-6-30 655944]

R2 McAfeeFramework;McAfee Framework Service;c:\program files\network associates\common framework\FrameworkService.exe [2008-7-28 103744]

R2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\Mcshield.exe [2006-11-29 144960]

R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2006-11-29 54872]

R2 N360;Norton 360;c:\program files\norton 360\engine\6.2.1.5\ccSvcHst.exe [2012-6-27 138232]

R2 NGCLIENT;Symantec Ghost Client Agent;c:\program files\symantec\ghost\ngctw32.exe [2007-4-19 632456]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2012-7-1 1122296]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2012-7-1 838136]

R2 SMART Display Controller;SMART Display Controller;c:\program files\smart technologies\smart product drivers\UCService.exe [2010-11-19 846192]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-6-28 106656]

R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.1.5\definitions\ipsdefs\20120711.001\IDSXpx86.sys [2012-7-12 369632]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-6-30 22344]

R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2009-12-15 72264]

R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2009-12-15 34152]

R3 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2009-12-15 168776]

R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.1.5\definitions\virusdefs\20120711.018\NAVENG.SYS [2012-7-12 87928]

R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_6.2.1.5\definitions\virusdefs\20120711.018\NAVEX15.SYS [2012-7-12 1589752]

S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 288112]

S3 fixustor;fixustor;c:\windows\system32\drivers\fixustor.sys [2012-2-6 6016]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-26 113120]

S3 SMART SNMP Agent Service;SMART SNMP Agent Service;c:\program files\smart technologies\smart product drivers\SMARTSNMPAgent.exe [2010-11-19 1664368]

.

=============== File Associations ===============

.

.txt=

.

=============== Created Last 30 ================

.

2012-07-12 11:57:10 711240 ----a-w- c:\windows\isRS-000.tmp

2012-07-12 11:55:29 -------- d-----w- c:\documents and settings\admin\application data\Malwarebytes

2012-07-12 11:50:55 -------- d-----w- C:\TDSSKiller_Quarantine

2012-07-12 11:23:24 -------- d-----w- c:\documents and settings\admin\application data\Leader Technologies

2012-07-03 09:48:26 0 ----a-w- C:\LOG2F.tmp

2012-07-02 02:25:45 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy

2012-07-02 02:24:45 15224 ----a-w- c:\windows\system32\sdnclean.exe

2012-07-02 02:24:41 -------- d-----w- c:\program files\Spybot - Search & Destroy 2

2012-06-30 10:40:34 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-06-30 10:40:33 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-30 10:40:32 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-06-30 09:35:26 -------- d-----w- c:\documents and settings\all users\application data\SpeedMaxPc

2012-06-29 20:44:31 -------- d-----w- c:\windows\pss

2012-06-29 20:14:06 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll

2012-06-28 06:05:23 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL

2012-06-28 06:05:23 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2012-06-28 06:05:03 905336 ----a-r- c:\windows\system32\drivers\n360\0602010.005\SymEFA.sys

2012-06-28 06:05:03 388216 ----a-r- c:\windows\system32\drivers\n360\0602010.005\symtdi.sys

2012-06-28 06:05:03 345208 ----a-r- c:\windows\system32\drivers\n360\0602010.005\symtdiv.sys

2012-06-28 06:05:03 340088 ----a-r- c:\windows\system32\drivers\n360\0602010.005\SymDS.sys

2012-06-28 06:05:03 32888 ----a-r- c:\windows\system32\drivers\n360\0602010.005\srtspx.sys

2012-06-28 06:05:03 318584 ----a-r- c:\windows\system32\drivers\n360\0602010.005\symnets.sys

2012-06-28 06:05:02 574072 ----a-r- c:\windows\system32\drivers\n360\0602010.005\srtsp.sys

2012-06-28 06:05:02 149624 ----a-r- c:\windows\system32\drivers\n360\0602010.005\Ironx86.sys

2012-06-28 06:05:02 132744 ----a-r- c:\windows\system32\drivers\n360\0602010.005\ccSetx86.sys

2012-06-28 06:04:42 4782 ----a-r- c:\windows\system32\drivers\n360\0602010.005\SymVTcer.dat

2012-06-28 06:04:41 -------- d-----w- c:\windows\system32\drivers\n360\0602010.005

2012-06-28 06:04:41 -------- d-----w- c:\windows\system32\drivers\N360

2012-06-28 06:04:40 -------- d-----w- c:\program files\Norton 360

2012-06-28 06:02:35 -------- d-----w- c:\program files\NortonInstaller

2012-06-28 06:02:35 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller

2012-06-28 01:56:43 -------- d-----w- c:\documents and settings\all users\application data\F4D55F3E0405F6ED00096165D151FC4E

2012-06-26 22:25:04 73 ----a-w- c:\windows\system32\ssprs.dll

2012-06-26 22:25:04 205 ----a-w- c:\windows\system32\lsprst7.dll

2012-06-26 22:25:04 1025 ----a-w- c:\windows\system32\sysprs7.dll

2012-06-26 22:25:04 1025 ----a-w- c:\windows\system32\clauth2.dll

2012-06-26 22:25:04 1025 ----a-w- c:\windows\system32\clauth1.dll

2012-06-26 22:25:04 -------- d-----w- c:\documents and settings\all users\application data\Minnetonka Audio Software

2012-06-26 22:19:12 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys

2012-06-26 22:19:03 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys

2012-06-26 22:18:57 16384 ----a-w- c:\windows\system32\ipsink.ax

2012-06-26 22:18:57 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys

2012-06-26 22:18:50 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys

2012-06-26 22:18:42 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS

2012-06-26 22:18:31 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys

2012-06-26 22:18:16 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys

2012-06-26 21:55:49 53760 ----a-w- c:\windows\system32\vfwwdm32.dll

2012-06-26 21:55:48 51200 ----a-w- c:\windows\system32\drivers\msdv.sys

2012-06-26 21:55:48 43008 ----a-w- c:\windows\system32\ksxbar.ax

2012-06-26 21:55:47 91136 ----a-w- c:\windows\system32\kswdmcap.ax

2012-06-26 21:55:47 61952 ----a-w- c:\windows\system32\kstvtune.ax

2012-06-26 21:55:24 38912 ----a-w- c:\windows\system32\drivers\avc.sys

2012-06-26 21:54:58 48128 ----a-w- c:\windows\system32\drivers\61883.sys

2012-06-23 20:54:29 81920 ----a-w- c:\windows\system32\ieencode.dll

2012-06-23 20:54:29 81920 ----a-w- c:\windows\system32\dllcache\ieencode.dll

2012-06-23 07:09:15 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll

2012-06-23 07:09:15 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll

2012-06-22 05:43:54 476936 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-06-22 05:43:54 472840 ----a-w- c:\windows\system32\deployJava1.dll

.

==================== Find3M ====================

.

2012-06-28 20:22:30 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-28 20:22:30 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-22 05:43:37 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-06-06 09:35:52 83424 ----a-w- c:\windows\system32\dwabho.dll

2005-06-16 22:19:22 2482176 ----a-w- c:\program files\TCTrill.dll

2005-06-11 01:12:16 847872 ----a-w- c:\program files\TCTrillS.dll

2005-06-03 18:59:54 61440 ----a-w- c:\program files\TCReports.dll

2004-02-12 04:11:40 7659520 ----a-w- c:\program files\Geo CS Test Gen Management.exe

2004-02-12 03:59:34 4009984 ----a-w- c:\program files\Geo CS Test Gen Student.exe

2004-01-27 02:04:08 49152 ----a-w- c:\program files\TCAlerts.dll

2003-11-04 22:21:00 983040 ----a-w- c:\program files\stuffit5.engine-5.1.dll

2003-11-04 22:21:00 561152 ----a-w- c:\program files\xp32_207.dll

2003-11-04 22:21:00 21776 ----a-w- c:\program files\shfolder.dll

2003-11-04 22:20:00 479232 ----a-w- c:\program files\rp32_207.dll

2003-11-04 22:20:00 217088 ----a-w- c:\program files\sa32_207.dll

2003-11-04 22:19:00 725032 ----a-w- c:\program files\kSAdg.dll

2003-11-04 22:19:00 692264 ----a-w- c:\program files\kCPdg.dll

2003-11-04 22:19:00 413736 ----a-w- c:\program files\kGRdg.dll

2003-11-04 22:19:00 401462 ----a-w- c:\program files\msvcp60.dll

2003-11-04 22:19:00 290869 ----a-w- c:\program files\msvcrt.dll

2003-11-04 22:19:00 2744361 ----a-w- c:\program files\kFDMdg.dll

2003-11-04 22:19:00 1982504 ----a-w- c:\program files\kFDdg.dll

2003-11-04 22:19:00 1937448 ----a-w- c:\program files\kXPdg.dll

2003-11-04 22:19:00 1794088 ----a-w- c:\program files\kRPdg.dll

2003-11-04 22:19:00 1597480 ----a-w- c:\program files\kDBdg.dll

2003-11-04 22:19:00 1486848 ----a-w- c:\program files\owl609v.dll

2003-11-04 22:18:00 638976 ----a-w- c:\program files\fd32_207.dll

2003-11-04 22:18:00 401728 ----a-w- c:\program files\EQNEDIT.EXE

2003-11-04 22:18:00 352256 ----a-w- c:\program files\db32_207.dll

2003-11-04 22:18:00 212992 ----a-w- c:\program files\cp32_207.dll

2003-11-04 22:18:00 131072 ----a-w- c:\program files\gr32_207.dll

2003-11-04 22:18:00 1122304 ----a-w- c:\program files\fm32_207.dll

2003-11-04 22:17:00 311296 ----a-w- c:\program files\APE24EXT_MT.dll

.

============= FINISH: 2:26:11.25 ===============

[Maniac]

Step 1

Please clean the leftovers of McAfee using their own tool:

http://service.mcafee.com/FAQDocument.aspx?id=TS101331

Step 2

Please run TDSSKiller and this time use Delete option for this entrie:

01:50:56.0625 3772 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

01:50:56.0625 3772 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Step 3

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

Note: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.

[shiannte]

Still no luck at removing the mcafee software.

Here is my tdsskiller log:

15:13:12.0437 3728 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35

15:13:12.0921 3728 ============================================================

15:13:12.0921 3728 Current date / time: 2012/07/14 15:13:12.0921

15:13:12.0921 3728 SystemInfo:

15:13:12.0921 3728

15:13:12.0921 3728 OS Version: 5.1.2600 ServicePack: 3.0

15:13:12.0937 3728 Product type: Workstation

15:13:12.0937 3728 ComputerName: E0460871

15:13:12.0937 3728 UserName: Admin

15:13:12.0937 3728 Windows directory: C:\WINDOWS

15:13:12.0937 3728 System windows directory: C:\WINDOWS

15:13:12.0937 3728 Processor architecture: Intel x86

15:13:12.0937 3728 Number of processors: 2

15:13:12.0937 3728 Page size: 0x1000

15:13:12.0937 3728 Boot type: Normal boot

15:13:12.0937 3728 ============================================================

15:13:14.0906 3728 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

15:13:14.0921 3728 ============================================================

15:13:14.0921 3728 \Device\Harddisk0\DR0:

15:13:14.0921 3728 MBR partitions:

15:13:14.0921 3728 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32FCD, BlocksNum 0x94DB4F4

15:13:14.0921 3728 ============================================================

15:13:14.0937 3728 C: <-> \Device\Harddisk0\DR0\Partition0

15:13:14.0937 3728 ============================================================

15:13:14.0937 3728 Initialize success

15:13:14.0937 3728 ============================================================

15:13:24.0421 4872 ============================================================

15:13:24.0421 4872 Scan started

15:13:24.0421 4872 Mode: Manual; SigCheck; TDLFS;

15:13:24.0421 4872 ============================================================

15:13:25.0765 4872 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys

15:13:33.0328 4872 61883 - ok

15:13:33.0328 4872 Abiosdsk - ok

15:13:33.0343 4872 abp480n5 - ok

15:13:33.0375 4872 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

15:13:33.0531 4872 ACPI - ok

15:13:33.0562 4872 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

15:13:33.0703 4872 ACPIEC - ok

15:13:33.0734 4872 adfs (73685e15ef8b0bd9c30f1af413f13d49) C:\WINDOWS\system32\drivers\adfs.sys

15:13:33.0765 4872 adfs - ok

15:13:33.0875 4872 Adobe Version Cue CS4 (9444a3530c2e88b7ed96a566ff9ccc13) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe

15:13:33.0921 4872 Adobe Version Cue CS4 - ok

15:13:33.0937 4872 adpu160m - ok

15:13:33.0968 4872 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

15:13:34.0171 4872 aec - ok

15:13:34.0187 4872 AegisP (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys

15:13:34.0281 4872 AegisP - ok

15:13:34.0328 4872 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

15:13:34.0390 4872 AFD - ok

15:13:34.0390 4872 Aha154x - ok

15:13:34.0390 4872 aic78u2 - ok

15:13:34.0406 4872 aic78xx - ok

15:13:34.0437 4872 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

15:13:34.0593 4872 Alerter - ok

15:13:34.0609 4872 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

15:13:34.0781 4872 ALG - ok

15:13:34.0781 4872 AliIde - ok

15:13:34.0796 4872 amsint - ok

15:13:34.0843 4872 Apple Mobile Device (4b5ae15e5c73eb4dc8dbec2788230d41) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

15:13:34.0890 4872 Apple Mobile Device - ok

15:13:34.0937 4872 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

15:13:35.0046 4872 AppMgmt - ok

15:13:35.0062 4872 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

15:13:35.0203 4872 Arp1394 - ok

15:13:35.0218 4872 asc - ok

15:13:35.0218 4872 asc3350p - ok

15:13:35.0218 4872 asc3550 - ok

15:13:35.0328 4872 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

15:13:35.0375 4872 aspnet_state - ok

15:13:35.0406 4872 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

15:13:35.0546 4872 AsyncMac - ok

15:13:35.0578 4872 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

15:13:35.0703 4872 atapi - ok

15:13:35.0703 4872 Atdisk - ok

15:13:35.0734 4872 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

15:13:35.0843 4872 Atmarpc - ok

15:13:35.0875 4872 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

15:13:36.0000 4872 AudioSrv - ok

15:13:36.0031 4872 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

15:13:36.0171 4872 audstub - ok

15:13:36.0203 4872 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys

15:13:36.0312 4872 Avc - ok

15:13:36.0343 4872 b57w2k (f96038aa1ec4013a93d2420fc689d1e9) C:\WINDOWS\system32\DRIVERS\b57xp32.sys

15:13:36.0421 4872 b57w2k - ok

15:13:36.0453 4872 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

15:13:36.0593 4872 Beep - ok

15:13:36.0718 4872 BHDrvx86 (a9e111a358ac5f7eba7ac61e43fc6725) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120711.002\BHDrvx86.sys

15:13:36.0781 4872 BHDrvx86 - ok

15:13:36.0828 4872 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

15:13:37.0000 4872 BITS - ok

15:13:37.0046 4872 Bonjour Service (3f56903e124e820aeece6d471583c6c1) C:\Program Files\Bonjour\mDNSResponder.exe

15:13:37.0109 4872 Bonjour Service - ok

15:13:37.0125 4872 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

15:13:37.0265 4872 Browser - ok

15:13:37.0312 4872 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

15:13:37.0453 4872 cbidf2k - ok

15:13:37.0468 4872 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

15:13:37.0593 4872 CCDECODE - ok

15:13:37.0640 4872 ccSet_N360 (599e7f6259a127c174c49938d2aa6a60) C:\WINDOWS\system32\drivers\N360\0602010.005\ccSetx86.sys

15:13:37.0687 4872 ccSet_N360 - ok

15:13:37.0687 4872 cd20xrnt - ok

15:13:37.0718 4872 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

15:13:37.0859 4872 Cdaudio - ok

15:13:37.0906 4872 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

15:13:38.0031 4872 Cdfs - ok

15:13:38.0046 4872 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

15:13:38.0187 4872 Cdrom - ok

15:13:38.0187 4872 Changer - ok

15:13:38.0203 4872 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

15:13:38.0328 4872 CiSvc - ok

15:13:38.0375 4872 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

15:13:38.0515 4872 ClipSrv - ok

15:13:38.0593 4872 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

15:13:38.0625 4872 clr_optimization_v2.0.50727_32 - ok

15:13:38.0656 4872 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

15:13:38.0765 4872 CmBatt - ok

15:13:38.0781 4872 CmdIde - ok

15:13:38.0781 4872 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

15:13:38.0921 4872 Compbatt - ok

15:13:38.0921 4872 COMSysApp - ok

15:13:38.0937 4872 Cpqarray - ok

15:13:38.0953 4872 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

15:13:39.0093 4872 CryptSvc - ok

15:13:39.0109 4872 CSRBC (8e1945984e147562f9f08e1d344a69cc) C:\WINDOWS\system32\Drivers\csrbcxp.sys

15:13:39.0140 4872 CSRBC ( UnsignedFile.Multi.Generic ) - warning

15:13:39.0140 4872 CSRBC - detected UnsignedFile.Multi.Generic (1)

15:13:39.0140 4872 dac2w2k - ok

15:13:39.0140 4872 dac960nt - ok

15:13:39.0187 4872 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

15:13:39.0281 4872 DcomLaunch - ok

15:13:39.0312 4872 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

15:13:39.0421 4872 Dhcp - ok

15:13:39.0421 4872 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

15:13:39.0546 4872 Disk - ok

15:13:39.0578 4872 DLABMFSM (a0500678a33802d8954153839301d539) C:\WINDOWS\system32\Drivers\DLABMFSM.SYS

15:13:39.0609 4872 DLABMFSM - ok

15:13:39.0625 4872 DLABOIOM (b8d2f68cac54d46281399f9092644794) C:\WINDOWS\system32\Drivers\DLABOIOM.SYS

15:13:39.0656 4872 DLABOIOM - ok

15:13:39.0671 4872 DLACDBHM (0ee93ab799d1cb4ec90b36f3612fe907) C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

15:13:39.0703 4872 DLACDBHM - ok

15:13:39.0703 4872 DLADResM (87413b94ae1fabc117c4e8ae6725134e) C:\WINDOWS\system32\Drivers\DLADResM.SYS

15:13:39.0734 4872 DLADResM - ok

15:13:39.0750 4872 DLAIFS_M (766a148235be1c0039c974446e4c0edc) C:\WINDOWS\system32\Drivers\DLAIFS_M.SYS

15:13:39.0796 4872 DLAIFS_M - ok

15:13:39.0796 4872 DLAOPIOM (38267cca177354f1c64450a43a4f7627) C:\WINDOWS\system32\Drivers\DLAOPIOM.SYS

15:13:39.0828 4872 DLAOPIOM - ok

15:13:39.0828 4872 DLAPoolM (fd363369fd313b46b5aeab1a688b52e9) C:\WINDOWS\system32\Drivers\DLAPoolM.SYS

15:13:39.0875 4872 DLAPoolM - ok

15:13:39.0875 4872 DLARTL_M (336ae18f0912ef4fbe5518849e004d74) C:\WINDOWS\system32\Drivers\DLARTL_M.SYS

15:13:39.0906 4872 DLARTL_M - ok

15:13:39.0937 4872 DLAUDFAM (fd85f682c1cc2a7ca878c7a448e6d87e) C:\WINDOWS\system32\Drivers\DLAUDFAM.SYS

15:13:39.0984 4872 DLAUDFAM - ok

15:13:40.0000 4872 DLAUDF_M (af389ce587b6bf5bbdcd6f6abe5eabc0) C:\WINDOWS\system32\Drivers\DLAUDF_M.SYS

15:13:40.0062 4872 DLAUDF_M - ok

15:13:40.0062 4872 dmadmin - ok

15:13:40.0125 4872 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

15:13:40.0281 4872 dmboot - ok

15:13:40.0312 4872 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

15:13:40.0453 4872 dmio - ok

15:13:40.0468 4872 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

15:13:40.0656 4872 dmload - ok

15:13:40.0687 4872 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

15:13:40.0843 4872 dmserver - ok

15:13:40.0875 4872 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

15:13:41.0031 4872 DMusic - ok

15:13:41.0046 4872 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

15:13:41.0156 4872 Dnscache - ok

15:13:41.0187 4872 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

15:13:41.0312 4872 Dot3svc - ok

15:13:41.0312 4872 dpti2o - ok

15:13:41.0328 4872 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

15:13:41.0437 4872 drmkaud - ok

15:13:41.0468 4872 DRVMCDB (5d3b71bb2bb0009d65d290e2ef374bd3) C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

15:13:41.0515 4872 DRVMCDB - ok

15:13:41.0546 4872 DRVNDDM (c591ba9f96f40a1fd6494dafdcd17185) C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

15:13:41.0578 4872 DRVNDDM - ok

15:13:41.0625 4872 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

15:13:41.0750 4872 EapHost - ok

15:13:41.0828 4872 eeCtrl (fce87ba643d5e9a8b6e0378508d1b22d) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

15:13:41.0890 4872 eeCtrl - ok

15:13:41.0937 4872 EpsonBidirectionalService (abdd5ad016affd34ad40e944ce94bf59) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe

15:13:41.0968 4872 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - warning

15:13:41.0968 4872 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic (1)

15:13:42.0031 4872 EpsonCustomerParticipation (b78436ca173ff723a1eace5cd4900375) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

15:13:42.0093 4872 EpsonCustomerParticipation - ok

15:13:42.0125 4872 EraserUtilRebootDrv (115dc729465a8c386615207f28875255) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

15:13:42.0156 4872 EraserUtilRebootDrv - ok

15:13:42.0187 4872 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

15:13:42.0328 4872 ERSvc - ok

15:13:42.0359 4872 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

15:13:42.0390 4872 Eventlog - ok

15:13:42.0421 4872 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

15:13:42.0500 4872 EventSystem - ok

15:13:42.0562 4872 EvtEng (e71b03ff6b819ae1a286aa27e956d523) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

15:13:42.0656 4872 EvtEng ( UnsignedFile.Multi.Generic ) - warning

15:13:42.0656 4872 EvtEng - detected UnsignedFile.Multi.Generic (1)

15:13:42.0718 4872 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

15:13:42.0859 4872 Fastfat - ok

15:13:42.0890 4872 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

15:13:43.0000 4872 FastUserSwitchingCompatibility - ok

15:13:43.0015 4872 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

15:13:43.0250 4872 Fdc - ok

15:13:43.0281 4872 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

15:13:43.0500 4872 Fips - ok

15:13:43.0531 4872 fixustor (cdb568db5e8985dcc623da808ac61042) C:\WINDOWS\system32\drivers\fixustor.sys

15:13:43.0593 4872 fixustor ( UnsignedFile.Multi.Generic ) - warning

15:13:43.0593 4872 fixustor - detected UnsignedFile.Multi.Generic (1)

15:13:43.0687 4872 FLEXnet Licensing Service (1f63900e2eb00101b9aca2b7a870704e) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

15:13:43.0781 4872 FLEXnet Licensing Service - ok

15:13:43.0796 4872 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

15:13:44.0000 4872 Flpydisk - ok

15:13:44.0031 4872 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

15:13:44.0156 4872 FltMgr - ok

15:13:44.0234 4872 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

15:13:44.0265 4872 FontCache3.0.0.0 - ok

15:13:44.0312 4872 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

15:13:44.0453 4872 Fs_Rec - ok

15:13:44.0453 4872 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

15:13:44.0609 4872 Ftdisk - ok

15:13:44.0656 4872 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

15:13:44.0687 4872 GEARAspiWDM - ok

15:13:44.0718 4872 getPlus® Helper (7bec703f31e1d441db16886c9aa4cba9) C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

15:13:44.0781 4872 getPlus® Helper - ok

15:13:44.0812 4872 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

15:13:44.0953 4872 Gpc - ok

15:13:44.0984 4872 guardian2 (7031a936832967a93b0e5d5f1c76745a) C:\WINDOWS\system32\Drivers\oz776.sys

15:13:45.0031 4872 guardian2 - ok

15:13:45.0046 4872 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

15:13:45.0171 4872 HDAudBus - ok

15:13:45.0203 4872 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

15:13:45.0343 4872 helpsvc - ok

15:13:45.0359 4872 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll

15:13:45.0484 4872 HidServ - ok

15:13:45.0500 4872 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

15:13:45.0640 4872 HidUsb - ok

15:13:45.0687 4872 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

15:13:45.0812 4872 hkmsvc - ok

15:13:45.0812 4872 hpn - ok

15:13:45.0859 4872 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

15:13:45.0984 4872 HPZid412 - ok

15:13:46.0000 4872 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

15:13:46.0093 4872 HPZipr12 - ok

15:13:46.0125 4872 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

15:13:46.0203 4872 HPZius12 - ok

15:13:46.0250 4872 HSFHWAZL (290cdbb05903742ea06b7203c5a662f5) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys

15:13:46.0328 4872 HSFHWAZL - ok

15:13:46.0406 4872 HSF_DPV (7ab812355f98858b9ecdd46e6fcc221f) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

15:13:46.0531 4872 HSF_DPV - ok

15:13:46.0578 4872 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

15:13:46.0687 4872 HTTP - ok

15:13:46.0703 4872 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

15:13:46.0843 4872 HTTPFilter - ok

15:13:46.0843 4872 i2omgmt - ok

15:13:46.0843 4872 i2omp - ok

15:13:46.0875 4872 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

15:13:47.0140 4872 i8042prt - ok

15:13:47.0500 4872 ialm (200cca76cd0e0f7eec78fa56c29b4d67) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

15:13:47.0781 4872 ialm - ok

15:13:47.0953 4872 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

15:13:48.0031 4872 idsvc - ok

15:13:48.0156 4872 IDSxpx86 (eeebf3616db90124c1c57019d39aa9a2) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120713.001\IDSxpx86.sys

15:13:48.0187 4872 IDSxpx86 - ok

15:13:48.0281 4872 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

15:13:48.0500 4872 Imapi - ok

15:13:48.0578 4872 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

15:13:48.0796 4872 ImapiService - ok

15:13:48.0812 4872 ini910u - ok

15:13:48.0812 4872 IntelIde - ok

15:13:48.0859 4872 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

15:13:49.0046 4872 intelppm - ok

15:13:49.0062 4872 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

15:13:49.0203 4872 Ip6Fw - ok

15:13:49.0234 4872 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

15:13:49.0359 4872 IpFilterDriver - ok

15:13:49.0375 4872 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

15:13:49.0500 4872 IpInIp - ok

15:13:49.0531 4872 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

15:13:49.0671 4872 IpNat - ok

15:13:49.0734 4872 iPod Service (7a3611564fce7c8be50b03f58cb3eb7d) C:\Program Files\iPod\bin\iPodService.exe

15:13:49.0781 4872 iPod Service - ok

15:13:49.0812 4872 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

15:13:49.0921 4872 IPSec - ok

15:13:49.0953 4872 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

15:13:50.0062 4872 IRENUM - ok

15:13:50.0093 4872 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

15:13:50.0234 4872 isapnp - ok

15:13:50.0296 4872 JavaQuickStarterService (de5d05fd449798ef88cc34ad4b1e7f85) C:\Program Files\Java\jre6\bin\jqs.exe

15:13:50.0328 4872 JavaQuickStarterService - ok

15:13:50.0343 4872 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

15:13:50.0484 4872 Kbdclass - ok

15:13:50.0515 4872 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

15:13:50.0625 4872 kbdhid - ok

15:13:50.0671 4872 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

15:13:50.0781 4872 kmixer - ok

15:13:50.0796 4872 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

15:13:50.0875 4872 KSecDD - ok

15:13:50.0921 4872 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

15:13:50.0984 4872 lanmanserver - ok

15:13:51.0031 4872 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

15:13:51.0109 4872 lanmanworkstation - ok

15:13:51.0125 4872 lbrtfdc - ok

15:13:51.0156 4872 LHidFilt (ea57f9a93042d53256db4e2222b93b37) C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys

15:13:51.0187 4872 LHidFilt - ok

15:13:51.0218 4872 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

15:13:51.0375 4872 LmHosts - ok

15:13:51.0390 4872 LMouFilt (8bd61e1f686d352b318b025524542128) C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys

15:13:51.0484 4872 LMouFilt - ok

15:13:51.0734 4872 Lotus Notes Diagnostics (986e0f3be701b232b8913de59c7adc7c) C:\Program Files\IBM\Lotus\Notes\nsd.exe

15:13:51.0937 4872 Lotus Notes Diagnostics - ok

15:13:52.0015 4872 Lotus Notes Single Logon (71f607abe2355fabea9fb13e057ac050) C:\Program Files\IBM\Lotus\Notes\nslsvice.exe

15:13:52.0078 4872 Lotus Notes Single Logon - ok

15:13:52.0171 4872 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys

15:13:52.0234 4872 MBAMProtector - ok

15:13:52.0296 4872 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

15:13:52.0390 4872 MBAMService - ok

15:13:52.0437 4872 McAfeeFramework (447d4617b99ac0a4ba056713dfe02279) C:\Program Files\Network Associates\Common Framework\FrameworkService.exe

15:13:52.0468 4872 McAfeeFramework - ok

15:13:52.0500 4872 McShield (12bef73e0281ac793865be1a331c67fc) C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe

15:13:52.0578 4872 McShield - ok

15:13:52.0609 4872 McTaskManager (d0f500bc9f114c99d32df4dc4c857c94) C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe

15:13:52.0640 4872 McTaskManager - ok

15:13:52.0687 4872 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

15:13:52.0734 4872 MDM - ok

15:13:52.0781 4872 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

15:13:52.0843 4872 mdmxsdk - ok

15:13:52.0875 4872 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

15:13:53.0000 4872 Messenger - ok

15:13:53.0015 4872 mfeapfk (1f334eb2a13816df45671ebb98896da7) C:\WINDOWS\system32\drivers\mfeapfk.sys

15:13:53.0062 4872 mfeapfk - ok

15:13:53.0093 4872 mfeavfk (8a1dedbbdad33587f6fad780ce4b34b5) C:\WINDOWS\system32\drivers\mfeavfk.sys

15:13:53.0125 4872 mfeavfk - ok

15:13:53.0140 4872 mfebopk (d800e31a019a6979698eef0507baa746) C:\WINDOWS\system32\drivers\mfebopk.sys

15:13:53.0171 4872 mfebopk - ok

15:13:53.0203 4872 mfehidk (0ae14fab8e25c258c6ebf3827c649273) C:\WINDOWS\system32\drivers\mfehidk.sys

15:13:53.0250 4872 mfehidk - ok

15:13:53.0250 4872 mferkdk (e72afc5056f6804c616e7dc32a38945f) C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys

15:13:53.0296 4872 mferkdk - ok

15:13:53.0312 4872 mfetdik (a47f0f63e92730de15d41624ab998c5c) C:\WINDOWS\system32\drivers\mfetdik.sys

15:13:53.0343 4872 mfetdik - ok

15:13:53.0359 4872 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

15:13:53.0515 4872 mnmdd - ok

15:13:53.0546 4872 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

15:13:53.0687 4872 mnmsrvc - ok

15:13:53.0703 4872 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

15:13:53.0828 4872 Modem - ok

15:13:53.0843 4872 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

15:13:53.0984 4872 Mouclass - ok

15:13:54.0015 4872 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

15:13:54.0171 4872 mouhid - ok

15:13:54.0187 4872 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

15:13:54.0328 4872 MountMgr - ok

15:13:54.0375 4872 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

15:13:54.0421 4872 MozillaMaintenance - ok

15:13:54.0421 4872 mraid35x - ok

15:13:54.0437 4872 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

15:13:54.0578 4872 MRxDAV - ok

15:13:54.0687 4872 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

15:13:54.0765 4872 MRxSmb - ok

15:13:54.0796 4872 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

15:13:54.0937 4872 MSDTC - ok

15:13:54.0968 4872 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys

15:13:55.0078 4872 MSDV - ok

15:13:55.0093 4872 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

15:13:55.0218 4872 Msfs - ok

15:13:55.0218 4872 MSIServer - ok

15:13:55.0250 4872 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

15:13:55.0375 4872 MSKSSRV - ok

15:13:55.0375 4872 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

15:13:55.0515 4872 MSPCLOCK - ok

15:13:55.0531 4872 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

15:13:55.0640 4872 MSPQM - ok

15:13:55.0671 4872 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

15:13:55.0781 4872 mssmbios - ok

15:13:55.0812 4872 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

15:13:55.0937 4872 MSTEE - ok

15:13:55.0984 4872 Multi-user Cleanup Service (218d58976c01c60657818ed0eac81602) C:\Program Files\IBM\Lotus\Notes\ntmulti.exe

15:13:56.0015 4872 Multi-user Cleanup Service - ok

15:13:56.0062 4872 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

15:13:56.0109 4872 Mup - ok

15:13:56.0156 4872 N360 (c6948f034d7edabcfa2234d399fc78bc) C:\Program Files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe

15:13:56.0171 4872 N360 - ok

15:13:56.0203 4872 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

15:13:56.0328 4872 NABTSFEC - ok

15:13:56.0390 4872 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

15:13:56.0515 4872 napagent - ok

15:13:56.0593 4872 NAVENG (f11033730b38260b6892e837c457fb4b) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120713.035\NAVENG.SYS

15:13:56.0625 4872 NAVENG - ok

15:13:56.0750 4872 NAVEX15 (4e4e7c0259d3bb97de24a636c0e06aba) C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\VirusDefs\20120713.035\NAVEX15.SYS

15:13:56.0828 4872 NAVEX15 - ok

15:13:56.0953 4872 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

15:13:57.0187 4872 NDIS - ok

15:13:57.0265 4872 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

15:13:57.0390 4872 NdisIP - ok

15:13:57.0421 4872 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

15:13:57.0500 4872 NdisTapi - ok

15:13:57.0515 4872 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

15:13:57.0656 4872 Ndisuio - ok

15:13:57.0656 4872 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

15:13:57.0781 4872 NdisWan - ok

15:13:57.0812 4872 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

15:13:57.0859 4872 NDProxy - ok

15:13:57.0890 4872 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

15:13:58.0031 4872 NetBIOS - ok

15:13:58.0046 4872 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

15:13:58.0187 4872 NetBT - ok

15:13:58.0234 4872 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

15:13:58.0359 4872 NetDDE - ok

15:13:58.0359 4872 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

15:13:58.0468 4872 NetDDEdsdm - ok

15:13:58.0500 4872 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

15:13:58.0640 4872 Netlogon - ok

15:13:58.0687 4872 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

15:13:58.0812 4872 Netman - ok

15:13:58.0906 4872 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

15:13:58.0937 4872 NetTcpPortSharing - ok

15:13:59.0156 4872 NETw4x32 (b5ab1108b377b5f3d37409fabda01453) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys

15:13:59.0343 4872 NETw4x32 - ok

15:13:59.0468 4872 NGCLIENT (174692e8a5eb4df16d44c1b44f978d3f) C:\Program Files\Symantec\Ghost\ngctw32.exe

15:13:59.0531 4872 NGCLIENT - ok

15:13:59.0656 4872 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

15:13:59.0812 4872 NIC1394 - ok

15:13:59.0859 4872 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

15:13:59.0906 4872 Nla - ok

15:13:59.0937 4872 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

15:14:00.0062 4872 Npfs - ok

15:14:00.0093 4872 NSNDIS5 (53f7546e8daefb3a0813f5e19c4613c9) C:\WINDOWS\system32\NSNDIS5.SYS

15:14:00.0140 4872 NSNDIS5 ( UnsignedFile.Multi.Generic ) - warning

15:14:00.0140 4872 NSNDIS5 - detected UnsignedFile.Multi.Generic (1)

15:14:00.0187 4872 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

15:14:00.0359 4872 Ntfs - ok

15:14:00.0406 4872 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

15:14:00.0500 4872 NtLmSsp - ok

15:14:00.0562 4872 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

15:14:00.0703 4872 NtmsSvc - ok

15:14:00.0734 4872 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

15:14:00.0859 4872 Null - ok

15:14:00.0875 4872 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

15:14:01.0015 4872 NwlnkFlt - ok

15:14:01.0031 4872 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

15:14:01.0171 4872 NwlnkFwd - ok

15:14:01.0296 4872 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

15:14:01.0343 4872 odserv - ok

15:14:01.0375 4872 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

15:14:01.0500 4872 ohci1394 - ok

15:14:01.0531 4872 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:14:01.0578 4872 ose - ok

15:14:01.0609 4872 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

15:14:01.0781 4872 Parport - ok

15:14:01.0781 4872 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

15:14:01.0953 4872 PartMgr - ok

15:14:01.0984 4872 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

15:14:02.0171 4872 ParVdm - ok

15:14:02.0250 4872 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

15:14:02.0390 4872 PCI - ok

15:14:02.0406 4872 PCIDump - ok

15:14:02.0406 4872 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

15:14:02.0562 4872 PCIIde - ok

15:14:02.0578 4872 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

15:14:02.0703 4872 Pcmcia - ok

15:14:02.0703 4872 PDCOMP - ok

15:14:02.0718 4872 PDFRAME - ok

15:14:02.0718 4872 PDRELI - ok

15:14:02.0718 4872 PDRFRAME - ok

15:14:02.0734 4872 perc2 - ok

15:14:02.0734 4872 perc2hib - ok

15:14:02.0781 4872 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

15:14:02.0796 4872 PlugPlay - ok

15:14:02.0828 4872 Pml Driver HPZ12 (d31f88c5f19eefa366a415d6bc5f2abc) C:\WINDOWS\system32\HPZipm12.exe

15:14:02.0875 4872 Pml Driver HPZ12 - ok

15:14:02.0890 4872 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

15:14:03.0000 4872 PolicyAgent - ok

15:14:03.0015 4872 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

15:14:03.0156 4872 PptpMiniport - ok

15:14:03.0171 4872 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

15:14:03.0265 4872 ProtectedStorage - ok

15:14:03.0281 4872 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

15:14:03.0437 4872 PSched - ok

15:14:03.0453 4872 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

15:14:03.0609 4872 Ptilink - ok

15:14:03.0640 4872 PxHelp20 (153d02480a0a2f45785522e814c634b6) C:\WINDOWS\system32\Drivers\PxHelp20.sys

15:14:03.0671 4872 PxHelp20 - ok

15:14:03.0687 4872 ql1080 - ok

15:14:03.0687 4872 Ql10wnt - ok

15:14:03.0687 4872 ql12160 - ok

15:14:03.0687 4872 ql1240 - ok

15:14:03.0703 4872 ql1280 - ok

15:14:03.0718 4872 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

15:14:03.0843 4872 RasAcd - ok

15:14:03.0875 4872 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

15:14:04.0000 4872 RasAuto - ok

15:14:04.0015 4872 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

15:14:04.0156 4872 Rasl2tp - ok

15:14:04.0187 4872 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

15:14:04.0296 4872 RasMan - ok

15:14:04.0296 4872 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

15:14:04.0421 4872 RasPppoe - ok

15:14:04.0421 4872 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

15:14:04.0578 4872 Raspti - ok

15:14:04.0656 4872 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

15:14:04.0781 4872 Rdbss - ok

15:14:04.0781 4872 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

15:14:04.0906 4872 RDPCDD - ok

15:14:04.0937 4872 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

15:14:05.0093 4872 rdpdr - ok

15:14:05.0125 4872 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys

15:14:05.0187 4872 RDPWD - ok

15:14:05.0218 4872 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

15:14:05.0359 4872 RDSessMgr - ok

15:14:05.0390 4872 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

15:14:05.0531 4872 redbook - ok

15:14:05.0593 4872 RegSrvc (2cf574d0965f58e514a2dc94114d7eca) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

15:14:05.0671 4872 RegSrvc ( UnsignedFile.Multi.Generic ) - warning

15:14:05.0671 4872 RegSrvc - detected UnsignedFile.Multi.Generic (1)

15:14:05.0703 4872 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

15:14:05.0828 4872 RemoteAccess - ok

15:14:05.0859 4872 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

15:14:05.0984 4872 RemoteRegistry - ok

15:14:06.0031 4872 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

15:14:06.0187 4872 RpcLocator - ok

15:14:06.0234 4872 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

15:14:06.0296 4872 RpcSs - ok

15:14:06.0343 4872 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

15:14:06.0531 4872 RSVP - ok

15:14:06.0609 4872 S24EventMonitor (874173edbd4f2fe711f245855a2ffa23) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

15:14:06.0703 4872 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning

15:14:06.0703 4872 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)

15:14:06.0734 4872 s24trans (eadfb87f911a7a75d1b80617f92901e8) C:\WINDOWS\system32\DRIVERS\s24trans.sys

15:14:06.0781 4872 s24trans ( UnsignedFile.Multi.Generic ) - warning

15:14:06.0781 4872 s24trans - detected UnsignedFile.Multi.Generic (1)

15:14:06.0812 4872 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

15:14:06.0953 4872 SamSs - ok

15:14:06.0984 4872 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

15:14:07.0109 4872 SCardSvr - ok

15:14:07.0140 4872 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

15:14:07.0281 4872 Schedule - ok

15:14:07.0406 4872 SDScannerService (e1f35f902b825c7b18236271f398dda2) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe

15:14:07.0500 4872 SDScannerService - ok

15:14:07.0578 4872 SDUpdateService (2db434f4ce96b3fb65d44b3ad5a4de3e) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe

15:14:07.0656 4872 SDUpdateService - ok

15:14:07.0781 4872 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

15:14:07.0937 4872 Secdrv - ok

15:14:07.0968 4872 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

15:14:08.0125 4872 seclogon - ok

15:14:08.0140 4872 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

15:14:08.0296 4872 SENS - ok

15:14:08.0312 4872 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys

15:14:08.0468 4872 serenum - ok

15:14:08.0531 4872 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys

15:14:08.0671 4872 Serial - ok

15:14:08.0687 4872 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

15:14:08.0828 4872 Sfloppy - ok

15:14:08.0875 4872 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

15:14:09.0015 4872 SharedAccess - ok

15:14:09.0046 4872 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

15:14:09.0093 4872 ShellHWDetection - ok

15:14:09.0093 4872 Simbad - ok

15:14:09.0125 4872 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

15:14:09.0265 4872 SLIP - ok

15:14:09.0718 4872 SMART Board Service (6dac3f90ef7b3ac349890e4eebacb260) C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe

15:14:09.0968 4872 SMART Board Service - ok

15:14:10.0125 4872 SMART Display Controller (63beb15cc3e249bf51134e85dd56535d) C:\Program Files\SMART Technologies\SMART Product Drivers\UCService.exe

15:14:10.0203 4872 SMART Display Controller - ok

15:14:10.0343 4872 SMART SNMP Agent Service (3bcb934ae0a0fca1c3aa7a3a8088bc68) C:\Program Files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe

15:14:10.0468 4872 SMART SNMP Agent Service - ok

15:14:10.0578 4872 Sparrow - ok

15:14:10.0609 4872 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

15:14:10.0875 4872 splitter - ok

15:14:10.0937 4872 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

15:14:10.0984 4872 Spooler - ok

15:14:11.0015 4872 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

15:14:11.0156 4872 sr - ok

15:14:11.0187 4872 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

15:14:11.0296 4872 srservice - ok

15:14:11.0406 4872 SRTSP (9dd258ee034afd36259cb7357e19d0b1) C:\WINDOWS\system32\drivers\N360\0602010.005\SRTSP.SYS

15:14:11.0437 4872 SRTSP - ok

15:14:11.0453 4872 SRTSPX (0cc3a10f363436c7b478419eb73f8d91) C:\WINDOWS\system32\drivers\N360\0602010.005\SRTSPX.SYS

15:14:11.0500 4872 SRTSPX - ok

15:14:11.0546 4872 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

15:14:11.0609 4872 Srv - ok

15:14:11.0625 4872 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

15:14:11.0812 4872 SSDPSRV - ok

15:14:11.0859 4872 STacSV (6f855b5625a47f3ac731a262fdc379a6) C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe

15:14:11.0921 4872 STacSV - ok

15:14:12.0046 4872 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys

15:14:12.0140 4872 STHDA - ok

15:14:12.0218 4872 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

15:14:12.0390 4872 stisvc - ok

15:14:12.0468 4872 stllssvr (de3e7a2345ebaa3ce8e6957dfb55fb15) C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

15:14:12.0531 4872 stllssvr ( UnsignedFile.Multi.Generic ) - warning

15:14:12.0531 4872 stllssvr - detected UnsignedFile.Multi.Generic (1)

15:14:12.0578 4872 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

15:14:12.0781 4872 streamip - ok

15:14:12.0843 4872 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

15:14:12.0984 4872 swenum - ok

15:14:13.0015 4872 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

15:14:13.0125 4872 swmidi - ok

15:14:13.0125 4872 SwPrv - ok

15:14:13.0140 4872 symc810 - ok

15:14:13.0140 4872 symc8xx - ok

15:14:13.0203 4872 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\WINDOWS\system32\drivers\N360\0602010.005\SYMDS.SYS

15:14:13.0250 4872 SymDS - ok

15:14:13.0359 4872 SymEFA (4e55148a2e044d02245cbcdbb266b98c) C:\WINDOWS\system32\drivers\N360\0602010.005\SYMEFA.SYS

15:14:13.0437 4872 SymEFA - ok

15:14:13.0484 4872 SymEvent (74e2521e96176a4449570e50be91954d) C:\WINDOWS\system32\Drivers\SYMEVENT.SYS

15:14:13.0515 4872 SymEvent - ok

15:14:13.0546 4872 SymIRON (2c356cca706505cf63cbe39d532b9236) C:\WINDOWS\system32\drivers\N360\0602010.005\Ironx86.SYS

15:14:13.0578 4872 SymIRON - ok

15:14:13.0609 4872 SYMTDI (508bd882040f9cb12319e3a4fc78edb9) C:\WINDOWS\system32\drivers\N360\0602010.005\SYMTDI.SYS

15:14:13.0656 4872 SYMTDI - ok

15:14:13.0656 4872 sym_hi - ok

15:14:13.0671 4872 sym_u3 - ok

15:14:13.0687 4872 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

15:14:13.0828 4872 sysaudio - ok

15:14:13.0875 4872 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

15:14:14.0000 4872 SysmonLog - ok

15:14:14.0031 4872 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

15:14:14.0156 4872 TapiSrv - ok

15:14:14.0218 4872 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

15:14:14.0265 4872 Tcpip - ok

15:14:14.0328 4872 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

15:14:14.0437 4872 TDPIPE - ok

15:14:14.0468 4872 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

15:14:14.0609 4872 TDTCP - ok

15:14:14.0640 4872 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

15:14:14.0765 4872 TermDD - ok

15:14:14.0781 4872 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

15:14:14.0906 4872 TermService - ok

15:14:14.0953 4872 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

15:14:14.0984 4872 Themes - ok

15:14:15.0015 4872 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe

15:14:15.0140 4872 TlntSvr - ok

15:14:15.0156 4872 toshidpt (e362d54fd394999c4178936396664e57) C:\WINDOWS\system32\drivers\Toshidpt.sys

15:14:15.0250 4872 toshidpt - ok

15:14:15.0250 4872 TosIde - ok

15:14:15.0250 4872 tosporte (8d624d3bd1f2d78bd1c01a2d4e954b4e) C:\WINDOWS\system32\DRIVERS\tosporte.sys

15:14:15.0296 4872 tosporte - ok

15:14:15.0312 4872 tosrfbd (435ac6cc2abed508ac5a495658cbaf0f) C:\WINDOWS\system32\DRIVERS\tosrfbd.sys

15:14:15.0359 4872 tosrfbd - ok

15:14:15.0375 4872 tosrfbnp (90c8525bc578aaffe87c2d0ed4379e9e) C:\WINDOWS\system32\Drivers\tosrfbnp.sys

15:14:15.0437 4872 tosrfbnp - ok

15:14:15.0453 4872 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\WINDOWS\system32\Drivers\tosrfcom.sys

15:14:15.0515 4872 Tosrfcom - ok

15:14:15.0546 4872 Tosrfhid (28099a4e52148319afa685d93a2244d0) C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys

15:14:15.0578 4872 Tosrfhid - ok

15:14:15.0593 4872 tosrfnds (c52fd27b9adf3a1f22cb90e6bcf9b0cb) C:\WINDOWS\system32\DRIVERS\tosrfnds.sys

15:14:15.0656 4872 tosrfnds - ok

15:14:15.0671 4872 Tosrfusb (6bc529c5eca0c7654943fd6fab21c5fa) C:\WINDOWS\system32\DRIVERS\tosrfusb.sys

15:14:15.0734 4872 Tosrfusb - ok

15:14:15.0765 4872 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

15:14:15.0906 4872 TrkWks - ok

15:14:15.0921 4872 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

15:14:16.0062 4872 Udfs - ok

15:14:16.0062 4872 ultra - ok

15:14:16.0125 4872 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

15:14:16.0296 4872 Update - ok

15:14:16.0328 4872 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

15:14:16.0468 4872 upnphost - ok

15:14:16.0484 4872 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

15:14:16.0687 4872 UPS - ok

15:14:16.0703 4872 USBAAPL (1df89c499bf45d878b87ebd4421d462d) C:\WINDOWS\system32\Drivers\usbaapl.sys

15:14:16.0796 4872 USBAAPL - ok

15:14:16.0828 4872 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

15:14:16.0968 4872 usbaudio - ok

15:14:17.0015 4872 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

15:14:17.0156 4872 usbccgp - ok

15:14:17.0187 4872 USBCCID (2825e0e294686a26506690059e1f437a) C:\WINDOWS\system32\DRIVERS\usbccid.sys

15:14:17.0234 4872 USBCCID - ok

15:14:17.0265 4872 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

15:14:17.0390 4872 usbehci - ok

15:14:17.0421 4872 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

15:14:17.0546 4872 usbhub - ok

15:14:17.0578 4872 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

15:14:17.0703 4872 usbprint - ok

15:14:17.0734 4872 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

15:14:17.0859 4872 usbscan - ok

15:14:17.0906 4872 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

15:14:18.0062 4872 USBSTOR - ok

15:14:18.0078 4872 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

15:14:18.0187 4872 usbuhci - ok

15:14:18.0218 4872 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

15:14:18.0359 4872 VgaSave - ok

15:14:18.0359 4872 ViaIde - ok

15:14:18.0375 4872 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

15:14:18.0515 4872 VolSnap - ok

15:14:18.0562 4872 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

15:14:18.0750 4872 VSS - ok

15:14:18.0781 4872 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

15:14:18.0921 4872 W32Time - ok

15:14:18.0937 4872 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

15:14:19.0062 4872 Wanarp - ok

15:14:19.0109 4872 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

15:14:19.0156 4872 Wdf01000 - ok

15:14:19.0171 4872 WDICA - ok

15:14:19.0203 4872 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

15:14:19.0328 4872 wdmaud - ok

15:14:19.0359 4872 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

15:14:19.0484 4872 WebClient - ok

15:14:19.0562 4872 winachsf (a8596cf86d445269a42ecc08b7066a4c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

15:14:19.0640 4872 winachsf - ok

15:14:19.0687 4872 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

15:14:19.0812 4872 winmgmt - ok

15:14:19.0906 4872 WLANKEEPER (4307641ca3389a210295fdffd2a73dee) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

15:14:19.0953 4872 WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning

15:14:19.0953 4872 WLANKEEPER - detected UnsignedFile.Multi.Generic (1)

15:14:20.0000 4872 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

15:14:20.0078 4872 WmdmPmSN - ok

15:14:20.0171 4872 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll

15:14:20.0234 4872 Wmi - ok

15:14:20.0281 4872 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

15:14:20.0390 4872 WmiAcpi - ok

15:14:20.0437 4872 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

15:14:20.0625 4872 WmiApSrv - ok

15:14:20.0718 4872 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe

15:14:20.0828 4872 WMPNetworkSvc - ok

15:14:20.0875 4872 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

15:14:20.0984 4872 wscsvc - ok

15:14:21.0031 4872 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

15:14:21.0187 4872 WSTCODEC - ok

15:14:21.0203 4872 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

15:14:21.0343 4872 wuauserv - ok

15:14:21.0437 4872 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

15:14:21.0531 4872 WudfPf - ok

15:14:21.0531 4872 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

15:14:21.0593 4872 WudfRd - ok

15:14:21.0609 4872 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

15:14:21.0656 4872 WudfSvc - ok

15:14:21.0718 4872 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

15:14:21.0890 4872 WZCSVC - ok

15:14:21.0921 4872 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

15:14:22.0109 4872 xmlprov - ok

15:14:22.0140 4872 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

15:14:22.0546 4872 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

15:14:22.0546 4872 \Device\Harddisk0\DR0 - detected TDSS File System (1)

15:14:22.0546 4872 Boot (0x1200) (6a8375b063e3f895c13c123b5305a0f1) \Device\Harddisk0\DR0\Partition0

15:14:22.0546 4872 \Device\Harddisk0\DR0\Partition0 - ok

15:14:22.0562 4872 ============================================================

15:14:22.0562 4872 Scan finished

15:14:22.0562 4872 ============================================================

15:14:22.0671 4008 Detected object count: 11

15:14:22.0671 4008 Actual detected object count: 11

15:16:34.0765 4008 CSRBC ( UnsignedFile.Multi.Generic ) - skipped by user

15:16:34.0765 4008 CSRBC ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:16:34.0765 4008 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - skipped by user

15:16:34.0765 4008 EpsonBidirectionalService ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:16:34.0765 4008 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user

15:16:34.0765 4008 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:16:34.0781 4008 fixustor ( UnsignedFile.Multi.Generic ) - skipped by user

15:16:34.0781 4008 fixustor ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:16:34.0781 4008 NSNDIS5 ( UnsignedFile.Multi.Generic ) - skipped by user

15:16:34.0781 4008 NSNDIS5 ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:16:34.0781 4008 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user

15:16:34.0781 4008 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:16:34.0781 4008 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user

15:16:34.0781 4008 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:16:34.0781 4008 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user

15:16:34.0781 4008 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:16:34.0781 4008 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user

15:16:34.0781 4008 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:16:34.0781 4008 WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user

15:16:34.0781 4008 WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip

15:16:34.0843 4008 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine

15:16:34.0859 4008 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

15:16:35.0015 4008 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

15:16:35.0109 4008 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

15:16:35.0562 4008 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

15:16:35.0640 4008 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine

15:16:35.0640 4008 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine

15:16:35.0671 4008 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

15:16:35.0718 4008 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

15:16:35.0750 4008 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

15:16:35.0781 4008 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine

15:16:35.0796 4008 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine

15:16:36.0000 4008 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

15:16:36.0078 4008 \Device\Harddisk0\DR0\TDLFS - deleted

15:16:36.0078 4008 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

15:17:23.0406 0160 Deinitialize success

Here is the combofix log:

ComboFix 12-07-14.01 - Admin 07/14/2012 15:32:45.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1161 [GMT -10:00]

Running from: c:\documents and settings\Admin\My Documents\Downloads\ComboFix.exe

AV: McAfee VirusScan Enterprise *Enabled/Outdated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

AV: Norton 360 *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norton 360 *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

* Resident AV is active

.

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Laptop User\WINDOWS

c:\windows\system32\lsprst7.dll

c:\windows\system32\ssprs.dll

.

.

((((((((((((((((((((((((( Files Created from 2012-06-15 to 2012-07-15 )))))))))))))))))))))))))))))))

.

.

2012-07-14 20:55 . 2012-07-14 20:55 1193472 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\mac.dll

2012-07-14 20:53 . 2012-07-14 20:52 173568 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\welsvp.dll

2012-07-14 20:52 . 2012-07-14 20:52 43008 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\wbxtrace.dll

2012-07-14 20:52 . 2012-07-14 20:52 52736 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\raurl.dll

2012-07-14 20:52 . 2012-07-14 20:52 516920 ----a-w- c:\program files\Mozilla Firefox\plugins\atcliun.exe

2012-07-14 20:52 . 2012-07-14 20:52 4004352 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\atres.dll

2012-07-14 20:52 . 2012-07-14 20:52 50176 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\atpack.dll

2012-07-14 20:52 . 2012-07-14 20:52 8704 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\atmemmgr.dll

2012-07-14 20:52 . 2012-07-14 20:52 69120 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\atcarmcl.dll

2012-07-14 20:52 . 2012-07-14 20:52 1028096 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\Atwbxui12.dll

2012-07-14 20:52 . 2012-07-14 20:52 9216 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\atkbctl.dll

2012-07-14 20:52 . 2012-07-14 20:52 303416 ----a-w- c:\program files\Mozilla Firefox\plugins\ieatgpc.dll

2012-07-14 20:52 . 2012-07-14 20:52 586040 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\atgpcext.dll

2012-07-14 20:52 . 2012-07-14 20:52 80184 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\atgpcdec.dll

2012-07-14 20:52 . 2012-07-14 20:52 215864 ----a-w- c:\program files\Mozilla Firefox\plugins\npatgpc.dll

2012-07-12 11:55 . 2012-07-12 11:55 -------- d-----w- c:\documents and settings\Admin\Application Data\Malwarebytes

2012-07-12 11:50 . 2012-07-15 01:16 -------- d-----w- C:\TDSSKiller_Quarantine

2012-07-12 11:23 . 2012-07-12 11:23 -------- d-----w- c:\documents and settings\Admin\Application Data\Epson

2012-07-12 11:23 . 2012-07-12 11:23 -------- d-----w- c:\documents and settings\Admin\Application Data\Leader Technologies

2012-07-02 02:25 . 2012-07-02 22:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2012-07-02 02:24 . 2009-01-25 23:14 15224 ----a-w- c:\windows\system32\sdnclean.exe

2012-07-02 02:24 . 2012-07-02 02:51 -------- d-----w- c:\program files\Spybot - Search & Destroy 2

2012-06-30 10:41 . 2012-06-30 10:41 -------- d-----w- c:\documents and settings\Laptop User\Application Data\Malwarebytes

2012-06-30 10:40 . 2012-06-30 10:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-06-30 10:40 . 2012-07-03 23:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-30 10:40 . 2012-07-12 11:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-06-30 09:36 . 2012-06-30 09:36 -------- d-----w- c:\documents and settings\Laptop User\Application Data\DriverCure

2012-06-30 09:35 . 2012-06-30 09:35 -------- d-----w- c:\documents and settings\Laptop User\Application Data\SpeedMaxPc

2012-06-30 09:35 . 2012-07-01 07:34 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedMaxPc

2012-06-28 06:05 . 2012-06-28 06:05 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL

2012-06-28 06:05 . 2012-06-28 06:05 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2012-06-28 06:04 . 2012-06-28 06:04 -------- d-----w- c:\windows\system32\drivers\N360

2012-06-28 06:04 . 2012-06-28 06:04 -------- d-----w- c:\program files\Norton 360

2012-06-28 06:04 . 2012-06-28 06:04 -------- d-----w- c:\program files\Windows Sidebar

2012-06-28 06:02 . 2012-06-28 06:02 -------- d-----w- c:\program files\NortonInstaller

2012-06-28 06:02 . 2012-06-28 06:02 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller

2012-06-28 01:56 . 2012-06-28 02:03 -------- d-----w- c:\documents and settings\All Users\Application Data\F4D55F3E0405F6ED00096165D151FC4E

2012-06-26 22:25 . 2012-06-26 22:25 1025 ----a-w- c:\windows\system32\sysprs7.dll

2012-06-26 22:25 . 2012-06-26 22:25 1025 ----a-w- c:\windows\system32\clauth2.dll

2012-06-26 22:25 . 2012-06-26 22:25 1025 ----a-w- c:\windows\system32\clauth1.dll

2012-06-26 22:25 . 2012-06-26 22:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Minnetonka Audio Software

2012-06-26 22:19 . 2008-04-13 18:39 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys

2012-06-26 22:19 . 2008-04-13 18:46 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys

2012-06-26 22:18 . 2008-04-14 00:12 16384 ----a-w- c:\windows\system32\ipsink.ax

2012-06-26 22:18 . 2008-04-13 18:46 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys

2012-06-26 22:18 . 2008-04-13 18:46 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys

2012-06-26 22:18 . 2008-04-13 18:46 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS

2012-06-26 22:18 . 2008-04-13 18:46 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys

2012-06-26 22:18 . 2008-04-13 18:46 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys

2012-06-26 21:55 . 2008-04-14 00:12 53760 ----a-w- c:\windows\system32\vfwwdm32.dll

2012-06-26 21:55 . 2008-04-14 00:12 43008 ----a-w- c:\windows\system32\ksxbar.ax

2012-06-26 21:55 . 2008-04-13 18:46 51200 ----a-w- c:\windows\system32\drivers\msdv.sys

2012-06-26 21:55 . 2008-04-14 00:12 91136 ----a-w- c:\windows\system32\kswdmcap.ax

2012-06-26 21:55 . 2008-04-14 00:12 61952 ----a-w- c:\windows\system32\kstvtune.ax

2012-06-26 21:55 . 2008-04-13 18:46 38912 ----a-w- c:\windows\system32\drivers\avc.sys

2012-06-26 21:54 . 2008-04-13 18:46 48128 ----a-w- c:\windows\system32\drivers\61883.sys

2012-06-23 23:57 . 2012-06-23 23:57 -------- d-----w- c:\documents and settings\Laptop User\Local Settings\Application Data\IBM

2012-06-23 20:54 . 2012-04-20 19:29 81920 -c--a-w- c:\windows\system32\dllcache\ieencode.dll

2012-06-23 20:54 . 2012-04-20 19:29 81920 ----a-w- c:\windows\system32\ieencode.dll

2012-06-23 07:09 . 2012-06-23 07:09 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll

2012-06-23 07:09 . 2012-06-23 07:09 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll

2012-06-22 05:43 . 2012-06-22 05:43 476936 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-06-22 05:43 . 2012-06-22 05:43 472840 ----a-w- c:\windows\system32\deployJava1.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-06-28 20:22 . 2012-04-13 06:44 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-28 20:22 . 2011-06-07 10:23 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-22 05:43 . 2008-09-26 23:07 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-06-13 13:19 . 2006-02-28 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-06 09:35 . 2012-06-06 09:35 83424 ----a-w- c:\windows\system32\dwabho.dll

2012-06-05 15:50 . 2006-02-28 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-05 15:50 . 2005-09-08 11:03 1372672 ----a-w- c:\windows\system32\msxml6.dll

2012-06-04 04:32 . 2006-02-28 12:00 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-03 01:19 . 2008-07-28 21:10 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-03 01:19 . 2008-07-28 21:10 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-03 01:19 . 2008-07-24 23:39 329240 ----a-w- c:\windows\system32\wucltui.dll

2012-06-03 01:19 . 2008-07-24 23:39 210968 ----a-w- c:\windows\system32\wuweb.dll

2012-06-03 01:19 . 2008-07-24 23:39 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-03 01:19 . 2009-01-09 20:15 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-03 01:19 . 2008-07-28 21:10 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-03 01:19 . 2008-07-24 23:39 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-03 01:19 . 2008-07-24 23:39 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-03 01:19 . 2006-02-28 12:00 97304 ----a-w- c:\windows\system32\cdm.dll

2012-06-03 01:19 . 2008-07-28 21:10 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-03 01:19 . 2008-07-24 23:39 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-03 01:19 . 2008-07-24 23:39 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-03 01:18 . 2010-01-19 07:08 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-03 01:18 . 2010-01-19 07:08 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-03 01:18 . 2010-01-19 07:08 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-05-31 13:22 . 2006-02-28 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-16 07:58 . 2006-02-28 12:00 667136 ----a-w- c:\windows\system32\wininet.dll

2012-05-04 13:16 . 2006-02-28 12:00 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 12:32 . 2004-08-03 22:59 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46 . 2008-07-24 23:37 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-04-20 19:29 . 2006-02-28 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx

2012-04-19 12:44 . 2006-02-28 12:00 369664 ----a-w- c:\windows\system32\html.iec

2005-06-16 22:19 . 2005-06-16 22:19 2482176 ----a-w- c:\program files\TCTrill.dll

2005-06-11 01:12 . 2005-06-11 01:12 847872 ----a-w- c:\program files\TCTrillS.dll

2005-06-03 18:59 . 2005-06-03 18:59 61440 ----a-w- c:\program files\TCReports.dll

2004-02-12 04:11 . 2004-02-12 04:11 7659520 ----a-w- c:\program files\Geo CS Test Gen Management.exe

2004-02-12 03:59 . 2004-02-12 03:59 4009984 ----a-w- c:\program files\Geo CS Test Gen Student.exe

2004-01-27 02:04 . 2004-01-27 02:04 49152 ----a-w- c:\program files\TCAlerts.dll

2003-11-04 22:21 . 2003-11-04 22:21 983040 ----a-w- c:\program files\stuffit5.engine-5.1.dll

2003-11-04 22:21 . 2003-11-04 22:21 561152 ----a-w- c:\program files\xp32_207.dll

2003-11-04 22:21 . 2003-11-04 22:21 21776 ----a-w- c:\program files\shfolder.dll

2003-11-04 22:20 . 2003-11-04 22:20 479232 ----a-w- c:\program files\rp32_207.dll

2003-11-04 22:20 . 2003-11-04 22:20 217088 ----a-w- c:\program files\sa32_207.dll

2003-11-04 22:19 . 2003-11-04 22:19 725032 ----a-w- c:\program files\kSAdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 692264 ----a-w- c:\program files\kCPdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 413736 ----a-w- c:\program files\kGRdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 401462 ----a-w- c:\program files\msvcp60.dll

2003-11-04 22:19 . 2003-11-04 22:19 290869 ----a-w- c:\program files\msvcrt.dll

2003-11-04 22:19 . 2003-11-04 22:19 2744361 ----a-w- c:\program files\kFDMdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 1982504 ----a-w- c:\program files\kFDdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 1937448 ----a-w- c:\program files\kXPdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 1794088 ----a-w- c:\program files\kRPdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 1597480 ----a-w- c:\program files\kDBdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 1486848 ----a-w- c:\program files\owl609v.dll

2003-11-04 22:18 . 2003-11-04 22:18 638976 ----a-w- c:\program files\fd32_207.dll

2003-11-04 22:18 . 2003-11-04 22:18 401728 ----a-w- c:\program files\EQNEDIT.EXE

2003-11-04 22:18 . 2003-11-04 22:18 352256 ----a-w- c:\program files\db32_207.dll

2003-11-04 22:18 . 2003-11-04 22:18 212992 ----a-w- c:\program files\cp32_207.dll

2003-11-04 22:18 . 2003-11-04 22:18 131072 ----a-w- c:\program files\gr32_207.dll

2003-11-04 22:18 . 2003-11-04 22:18 1122304 ----a-w- c:\program files\fm32_207.dll

2003-11-04 22:17 . 2003-11-04 22:17 311296 ----a-w- c:\program files\APE24EXT_MT.dll

2012-07-14 20:52 . 2012-07-14 20:52 303416 ----a-w- c:\program files\mozilla firefox\plugins\ieatgpc.dll

2012-06-23 07:09 . 2011-12-28 05:51 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"UMonit"="c:\windows\system32\umonit.exe" [2007-06-18 200704]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-19 254696]

"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]

"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2006-11-29 112216]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-30 421888]

"Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-17 138008]

"NGTray"="c:\program files\Symantec\Ghost\ngtray.exe" [2007-04-20 181896]

"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UdaterUI.exe" [2007-10-26 136512]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

"LTCM Client"="c:\program files\LTCM Client\ltcmClient.exe" [2009-08-05 1596096]

"Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-10-09 100888]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-10-09 100888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-13 141600]

"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-07-26 823296]

"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-07-26 974848]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-17 138008]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-17 162584]

"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]

"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2009-12-19 611712]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2012-03-27 40376]

"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2012-03-26 640440]

"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2012-05-11 3349488]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-1-11 2150400]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

SetPoint.lnk - c:\program files\SetPoint\SetPoint.exe [2009-1-12 679936]

SMART Board Tools.lnk - c:\program files\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe [2010-11-19 13310832]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

@=""

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"=

"c:\\Program Files\\Symantec\\Ghost\\ngctw32.exe"=

"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\SMART Technologies\\SMART Product Drivers\\UCGui.exe"=

"c:\\Program Files\\SMART Technologies\\SMART Product Drivers\\SMARTSNMPAgent.exe"=

"c:\\Program Files\\SMART Technologies\\SMART Product Drivers\\UCService.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"=

"c:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"=

"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"=

"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5353:TCP"= 5353:TCP:Adobe CSI CS4

"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server

"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server

.

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0602010.005\SymDS.sys [6/27/2012 8:05 PM 340088]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0602010.005\SymEFA.sys [6/27/2012 8:05 PM 905336]

R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120711.002\BHDrvx86.sys [7/12/2012 1:31 AM 821920]

R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\0602010.005\ccSetx86.sys [6/27/2012 8:05 PM 132744]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0602010.005\Ironx86.sys [6/27/2012 8:05 PM 149624]

R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\EpsonCustomerParticipation\EPCP.exe [6/9/2011 1:01 PM 521600]

R2 Lotus Notes Diagnostics;Lotus Notes Diagnostics;c:\program files\IBM\Lotus\Notes\nsd.exe [9/29/2009 11:29 AM 3397000]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6/30/2012 12:40 AM 655944]

R2 N360;Norton 360;c:\program files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe [6/27/2012 8:04 PM 138232]

R2 NGCLIENT;Symantec Ghost Client Agent;c:\program files\Symantec\Ghost\ngctw32.exe [4/19/2007 9:01 PM 632456]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [7/1/2012 4:24 PM 1122296]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [7/1/2012 4:24 PM 838136]

R2 SMART Display Controller;SMART Display Controller;c:\program files\SMART Technologies\SMART Product Drivers\UCService.exe [11/19/2010 7:58 PM 846192]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [6/28/2012 4:09 PM 106656]

R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120713.001\IDSXpx86.sys [7/14/2012 12:57 AM 369632]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6/30/2012 12:40 AM 22344]

S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [8/15/2008 5:46 AM 288112]

S3 fixustor;fixustor;c:\windows\system32\drivers\fixustor.sys [2/6/2012 7:05 PM 6016]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/26/2012 12:04 PM 113120]

S3 SMART SNMP Agent Service;SMART SNMP Agent Service;c:\program files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe [11/19/2010 7:59 PM 1664368]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 50883511

*Deregistered* - 50883511

.

Contents of the 'Scheduled Tasks' folder

.

2012-07-15 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job

- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2012-07-02 02:29]

.

2012-07-02 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job

- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2012-07-02 02:29]

.

2012-07-02 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job

- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2012-07-02 02:29]

.

.

------- Supplementary Scan -------

.

uInternet Settings,ProxyOverride = *.local

IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF}

DPF: {CAFECAFE-0013-0001-0030-ABCDEFABCDEF}

FF - ProfilePath - c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\7wgst86i.default\

.

.

------- File Associations -------

.

.txt=

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

HKU-Default-Run-Adobe - c:\documents and settings\Laptop User\Local Settings\Application Data\Apple Computer\Adobe\xdlqzl.dll

Notify-SDWinLogon - SDWinLogon.dll

HKLM_ActiveSetup-Neat ADF Scanner 2008 - reg copy HKLM\Software\The Neat Company\Neat ADF Scanner 2008 HKCU\Software\The Neat Company\Neat ADF Scanner 2008

AddRemove-FixUstor - c:\windows\temp\fixustor\remove.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-07-14 15:40

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

UMonit = c:\windows\system32\umonit.exe?USB\Vid_1713&Pid_01008???????I_03????(!??B\ROOT_H8??????V????????????????????h?????A~(!???????????b@?????????????????@$?|?????$?|??B~??@???E~????????????????????@???????????????t??????????????|`$?|?????$?|U$?|??????????????@

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]

"ImagePath"="\"c:\program files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\6.2.1.5\diMaster.dll\" /prefetch:1"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]

"Version"=hex:5c,7c,2e,44,07,d1,54,06,ef,30,5f,22,e3,21,18,6d,13,c9,fb,1b,f7,

44,50,70,ec,57,e4,82,0e,d2,30,9b,ee,e8,ae,db,e4,1d,fb,9c,81,e3,64,01,34,ee,\

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(1212)

c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

c:\program files\IBM\Lotus\Notes\npnotes.dll

.

Completion time: 2012-07-14 15:42:50

ComboFix-quarantined-files.txt 2012-07-15 01:42

.

Pre-Run: 25,248,092,160 bytes free

Post-Run: 25,688,604,672 bytes free

.

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

.

- - End Of File - - FA06A307EE655AAE237BCC14DAA8BE16

[Maniac]

Step 1

Please use the McAfee uninstaller tool to clean the leftovers:

http://service.mcafee.com/FAQDocument.aspx?id=TS101331

Step 2

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

SecCenter::
AV: McAfee VirusScan Enterprise *Enabled/Outdated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}

JavaClearCache::

Save this as CFScript.txt, in the same location as ComboFix.exe

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

[shiannte]

ComboFix 12-07-14.01 - Admin 07/16/2012 12:17:47.2.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2038.1188 [GMT -10:00]

Running from: c:\documents and settings\Admin\My Documents\ComboFix.exe

Command switches used :: c:\documents and settings\Admin\My Documents\CFScript.txt

AV: Norton 360 *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norton 360 *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

.

.

((((((((((((((((((((((((( Files Created from 2012-06-16 to 2012-07-16 )))))))))))))))))))))))))))))))

.

.

2012-07-15 04:43 . 2012-07-15 05:14 -------- d-----w- c:\documents and settings\Admin\Application Data\webex

2012-07-14 20:55 . 2012-07-14 20:55 1193472 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\mac.dll

2012-07-14 20:53 . 2012-07-14 20:52 173568 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\welsvp.dll

2012-07-14 20:52 . 2012-07-14 20:52 43008 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\wbxtrace.dll

2012-07-14 20:52 . 2012-07-14 20:52 52736 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\raurl.dll

2012-07-14 20:52 . 2012-07-14 20:52 516920 ----a-w- c:\program files\Mozilla Firefox\plugins\atcliun.exe

2012-07-14 20:52 . 2012-07-14 20:52 4004352 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\atres.dll

2012-07-14 20:52 . 2012-07-14 20:52 50176 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\atpack.dll

2012-07-14 20:52 . 2012-07-14 20:52 8704 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\atmemmgr.dll

2012-07-14 20:52 . 2012-07-14 20:52 69120 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\atcarmcl.dll

2012-07-14 20:52 . 2012-07-14 20:52 1028096 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\Atwbxui12.dll

2012-07-14 20:52 . 2012-07-14 20:52 9216 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\atkbctl.dll

2012-07-14 20:52 . 2012-07-14 20:52 303416 ----a-w- c:\program files\Mozilla Firefox\plugins\ieatgpc.dll

2012-07-14 20:52 . 2012-07-14 20:52 586040 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\atgpcext.dll

2012-07-14 20:52 . 2012-07-14 20:52 80184 ----a-w- c:\program files\Mozilla Firefox\plugins\WebEx\1224\atgpcdec.dll

2012-07-14 20:52 . 2012-07-14 20:52 215864 ----a-w- c:\program files\Mozilla Firefox\plugins\npatgpc.dll

2012-07-12 11:55 . 2012-07-12 11:55 -------- d-----w- c:\documents and settings\Admin\Application Data\Malwarebytes

2012-07-12 11:50 . 2012-07-15 01:16 -------- d-----w- C:\TDSSKiller_Quarantine

2012-07-12 11:23 . 2012-07-12 11:23 -------- d-----w- c:\documents and settings\Admin\Application Data\Epson

2012-07-12 11:23 . 2012-07-12 11:23 -------- d-----w- c:\documents and settings\Admin\Application Data\Leader Technologies

2012-07-02 02:25 . 2012-07-02 22:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

2012-07-02 02:24 . 2009-01-25 23:14 15224 ----a-w- c:\windows\system32\sdnclean.exe

2012-07-02 02:24 . 2012-07-02 02:51 -------- d-----w- c:\program files\Spybot - Search & Destroy 2

2012-06-30 10:41 . 2012-06-30 10:41 -------- d-----w- c:\documents and settings\Laptop User\Application Data\Malwarebytes

2012-06-30 10:40 . 2012-06-30 10:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-06-30 10:40 . 2012-07-03 23:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-30 10:40 . 2012-07-12 11:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-06-30 09:36 . 2012-06-30 09:36 -------- d-----w- c:\documents and settings\Laptop User\Application Data\DriverCure

2012-06-30 09:35 . 2012-06-30 09:35 -------- d-----w- c:\documents and settings\Laptop User\Application Data\SpeedMaxPc

2012-06-30 09:35 . 2012-07-01 07:34 -------- d-----w- c:\documents and settings\All Users\Application Data\SpeedMaxPc

2012-06-28 06:05 . 2012-06-28 06:05 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL

2012-06-28 06:05 . 2012-06-28 06:05 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2012-06-28 06:04 . 2012-06-28 06:04 -------- d-----w- c:\windows\system32\drivers\N360

2012-06-28 06:04 . 2012-06-28 06:04 -------- d-----w- c:\program files\Norton 360

2012-06-28 06:04 . 2012-06-28 06:04 -------- d-----w- c:\program files\Windows Sidebar

2012-06-28 06:02 . 2012-06-28 06:02 -------- d-----w- c:\program files\NortonInstaller

2012-06-28 06:02 . 2012-06-28 06:02 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller

2012-06-28 01:56 . 2012-06-28 02:03 -------- d-----w- c:\documents and settings\All Users\Application Data\F4D55F3E0405F6ED00096165D151FC4E

2012-06-26 22:25 . 2012-06-26 22:25 1025 ----a-w- c:\windows\system32\sysprs7.dll

2012-06-26 22:25 . 2012-06-26 22:25 1025 ----a-w- c:\windows\system32\clauth2.dll

2012-06-26 22:25 . 2012-06-26 22:25 1025 ----a-w- c:\windows\system32\clauth1.dll

2012-06-26 22:25 . 2012-06-26 22:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Minnetonka Audio Software

2012-06-26 22:19 . 2008-04-13 18:39 5504 ----a-w- c:\windows\system32\drivers\MSTEE.sys

2012-06-26 22:19 . 2008-04-13 18:46 10880 ----a-w- c:\windows\system32\drivers\NdisIP.sys

2012-06-26 22:18 . 2008-04-14 00:12 16384 ----a-w- c:\windows\system32\ipsink.ax

2012-06-26 22:18 . 2008-04-13 18:46 15232 ----a-w- c:\windows\system32\drivers\StreamIP.sys

2012-06-26 22:18 . 2008-04-13 18:46 11136 ----a-w- c:\windows\system32\drivers\SLIP.sys

2012-06-26 22:18 . 2008-04-13 18:46 19200 ----a-w- c:\windows\system32\drivers\WSTCODEC.SYS

2012-06-26 22:18 . 2008-04-13 18:46 85248 ----a-w- c:\windows\system32\drivers\NABTSFEC.sys

2012-06-26 22:18 . 2008-04-13 18:46 17024 ----a-w- c:\windows\system32\drivers\CCDECODE.sys

2012-06-26 21:55 . 2008-04-14 00:12 53760 ----a-w- c:\windows\system32\vfwwdm32.dll

2012-06-26 21:55 . 2008-04-14 00:12 43008 ----a-w- c:\windows\system32\ksxbar.ax

2012-06-26 21:55 . 2008-04-13 18:46 51200 ----a-w- c:\windows\system32\drivers\msdv.sys

2012-06-26 21:55 . 2008-04-14 00:12 91136 ----a-w- c:\windows\system32\kswdmcap.ax

2012-06-26 21:55 . 2008-04-14 00:12 61952 ----a-w- c:\windows\system32\kstvtune.ax

2012-06-26 21:55 . 2008-04-13 18:46 38912 ----a-w- c:\windows\system32\drivers\avc.sys

2012-06-26 21:54 . 2008-04-13 18:46 48128 ----a-w- c:\windows\system32\drivers\61883.sys

2012-06-23 23:57 . 2012-06-23 23:57 -------- d-----w- c:\documents and settings\Laptop User\Local Settings\Application Data\IBM

2012-06-23 20:54 . 2012-04-20 19:29 81920 -c--a-w- c:\windows\system32\dllcache\ieencode.dll

2012-06-23 20:54 . 2012-04-20 19:29 81920 ----a-w- c:\windows\system32\ieencode.dll

2012-06-23 07:09 . 2012-06-23 07:09 770384 ----a-w- c:\program files\Mozilla Firefox\msvcr100.dll

2012-06-23 07:09 . 2012-06-23 07:09 421200 ----a-w- c:\program files\Mozilla Firefox\msvcp100.dll

2012-06-22 05:43 . 2012-06-22 05:43 476936 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-06-22 05:43 . 2012-06-22 05:43 472840 ----a-w- c:\windows\system32\deployJava1.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-06-28 20:22 . 2012-04-13 06:44 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-06-28 20:22 . 2011-06-07 10:23 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-22 05:43 . 2008-09-26 23:07 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-06-13 13:19 . 2006-02-28 12:00 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-06 09:35 . 2012-06-06 09:35 83424 ----a-w- c:\windows\system32\dwabho.dll

2012-06-05 15:50 . 2006-02-28 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-05 15:50 . 2005-09-08 11:03 1372672 ----a-w- c:\windows\system32\msxml6.dll

2012-06-04 04:32 . 2006-02-28 12:00 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-03 01:19 . 2008-07-28 21:10 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-03 01:19 . 2008-07-28 21:10 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-03 01:19 . 2008-07-24 23:39 329240 ----a-w- c:\windows\system32\wucltui.dll

2012-06-03 01:19 . 2008-07-24 23:39 210968 ----a-w- c:\windows\system32\wuweb.dll

2012-06-03 01:19 . 2008-07-24 23:39 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-03 01:19 . 2009-01-09 20:15 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-03 01:19 . 2008-07-28 21:10 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-03 01:19 . 2008-07-24 23:39 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-03 01:19 . 2008-07-24 23:39 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-03 01:19 . 2006-02-28 12:00 97304 ----a-w- c:\windows\system32\cdm.dll

2012-06-03 01:19 . 2008-07-28 21:10 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-03 01:19 . 2008-07-24 23:39 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-03 01:19 . 2008-07-24 23:39 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-03 01:18 . 2010-01-19 07:08 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-06-03 01:18 . 2010-01-19 07:08 214256 ----a-w- c:\windows\system32\muweb.dll

2012-06-03 01:18 . 2010-01-19 07:08 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-05-31 13:22 . 2006-02-28 12:00 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-16 07:58 . 2006-02-28 12:00 667136 ----a-w- c:\windows\system32\wininet.dll

2012-05-04 13:16 . 2006-02-28 12:00 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 12:32 . 2004-08-03 22:59 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46 . 2008-07-24 23:37 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-04-20 19:29 . 2006-02-28 12:00 61952 ----a-w- c:\windows\system32\tdc.ocx

2012-04-19 12:44 . 2006-02-28 12:00 369664 ----a-w- c:\windows\system32\html.iec

2005-06-16 22:19 . 2005-06-16 22:19 2482176 ----a-w- c:\program files\TCTrill.dll

2005-06-11 01:12 . 2005-06-11 01:12 847872 ----a-w- c:\program files\TCTrillS.dll

2005-06-03 18:59 . 2005-06-03 18:59 61440 ----a-w- c:\program files\TCReports.dll

2004-02-12 04:11 . 2004-02-12 04:11 7659520 ----a-w- c:\program files\Geo CS Test Gen Management.exe

2004-02-12 03:59 . 2004-02-12 03:59 4009984 ----a-w- c:\program files\Geo CS Test Gen Student.exe

2004-01-27 02:04 . 2004-01-27 02:04 49152 ----a-w- c:\program files\TCAlerts.dll

2003-11-04 22:21 . 2003-11-04 22:21 983040 ----a-w- c:\program files\stuffit5.engine-5.1.dll

2003-11-04 22:21 . 2003-11-04 22:21 561152 ----a-w- c:\program files\xp32_207.dll

2003-11-04 22:21 . 2003-11-04 22:21 21776 ----a-w- c:\program files\shfolder.dll

2003-11-04 22:20 . 2003-11-04 22:20 479232 ----a-w- c:\program files\rp32_207.dll

2003-11-04 22:20 . 2003-11-04 22:20 217088 ----a-w- c:\program files\sa32_207.dll

2003-11-04 22:19 . 2003-11-04 22:19 725032 ----a-w- c:\program files\kSAdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 692264 ----a-w- c:\program files\kCPdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 413736 ----a-w- c:\program files\kGRdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 401462 ----a-w- c:\program files\msvcp60.dll

2003-11-04 22:19 . 2003-11-04 22:19 290869 ----a-w- c:\program files\msvcrt.dll

2003-11-04 22:19 . 2003-11-04 22:19 2744361 ----a-w- c:\program files\kFDMdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 1982504 ----a-w- c:\program files\kFDdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 1937448 ----a-w- c:\program files\kXPdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 1794088 ----a-w- c:\program files\kRPdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 1597480 ----a-w- c:\program files\kDBdg.dll

2003-11-04 22:19 . 2003-11-04 22:19 1486848 ----a-w- c:\program files\owl609v.dll

2003-11-04 22:18 . 2003-11-04 22:18 638976 ----a-w- c:\program files\fd32_207.dll

2003-11-04 22:18 . 2003-11-04 22:18 401728 ----a-w- c:\program files\EQNEDIT.EXE

2003-11-04 22:18 . 2003-11-04 22:18 352256 ----a-w- c:\program files\db32_207.dll

2003-11-04 22:18 . 2003-11-04 22:18 212992 ----a-w- c:\program files\cp32_207.dll

2003-11-04 22:18 . 2003-11-04 22:18 131072 ----a-w- c:\program files\gr32_207.dll

2003-11-04 22:18 . 2003-11-04 22:18 1122304 ----a-w- c:\program files\fm32_207.dll

2003-11-04 22:17 . 2003-11-04 22:17 311296 ----a-w- c:\program files\APE24EXT_MT.dll

2012-07-14 20:52 . 2012-07-14 20:52 303416 ----a-w- c:\program files\mozilla firefox\plugins\ieatgpc.dll

2012-06-23 07:09 . 2011-12-28 05:51 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-07-15_01.40.44 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-07-15 01:51 . 2012-07-15 01:51 16384 c:\windows\Temp\Perflib_Perfdata_8e4.dat

+ 2012-07-15 01:45 . 2012-07-15 01:45 16384 c:\windows\Temp\Perflib_Perfdata_310.dat

+ 2012-07-15 01:49 . 2012-07-15 01:49 19968 c:\windows\Installer\3bbe3.msi

+ 2011-01-14 17:10 . 2011-01-14 17:10 155520 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD6.DLL

+ 2011-01-14 17:10 . 2011-01-14 17:10 140160 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL2.DLL

+ 2011-07-21 22:34 . 2011-07-21 22:34 3456000 c:\windows\Installer\26ec878.msp

+ 2011-01-14 17:10 . 2011-01-14 17:10 2395008 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKWORD.DLL

+ 2011-01-14 17:10 . 2011-01-14 17:10 2180992 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKPOWERPOINT.DLL

+ 2011-01-14 17:10 . 2011-01-14 17:10 3443072 c:\windows\Installer\$PatchCache$\Managed\00004109500200000000000000F01FEC\14.0.5130\GKEXCEL.DLL

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"UMonit"="c:\windows\system32\umonit.exe" [2007-06-18 200704]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-19 254696]

"SigmatelSysTrayApp"="c:\program files\SigmaTel\C-Major Audio\WDM\stsystra.exe" [2007-05-10 405504]

"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2006-11-29 112216]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-30 421888]

"Persistence"="c:\windows\system32\igfxpers.exe" [2007-05-17 138008]

"NGTray"="c:\program files\Symantec\Ghost\ngtray.exe" [2007-04-20 181896]

"McAfeeUpdaterUI"="c:\program files\Network Associates\Common Framework\UdaterUI.exe" [2007-10-26 136512]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]

"LTCM Client"="c:\program files\LTCM Client\ltcmClient.exe" [2009-08-05 1596096]

"Logitech Hardware Abstraction Layer"="c:\program files\Common Files\Logitech\khalshared\KHALMNPR.EXE" [2007-10-09 100888]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-10-09 100888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-11-13 141600]

"IntelZeroConfig"="c:\program files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-07-26 823296]

"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-07-26 974848]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-05-17 138008]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-05-17 162584]

"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]

"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2009-12-19 611712]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"Adobe Acrobat Speed Launcher"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" [2012-03-27 40376]

"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" [2012-03-26 640440]

"SDTray"="c:\program files\Spybot - Search & Destroy 2\SDTray.exe" [2012-05-11 3349488]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-1-11 2150400]

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]

SetPoint.lnk - c:\program files\SetPoint\SetPoint.exe [2009-1-12 679936]

SMART Board Tools.lnk - c:\program files\SMART Technologies\SMART Product Drivers\SMARTBoardTools.exe [2010-11-19 13310832]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean.exe

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

@=""

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Network Associates\\Common Framework\\FrameworkService.exe"=

"c:\\Program Files\\Symantec\\Ghost\\ngctw32.exe"=

"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"c:\\Program Files\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\bin\\VersionCueCS4.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\SMART Technologies\\SMART Product Drivers\\UCGui.exe"=

"c:\\Program Files\\SMART Technologies\\SMART Product Drivers\\SMARTSNMPAgent.exe"=

"c:\\Program Files\\SMART Technologies\\SMART Product Drivers\\UCService.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Spybot - Search & Destroy 2\\SDTray.exe"=

"c:\\Program Files\\Spybot - Search & Destroy 2\\SDFSSvc.exe"=

"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdate.exe"=

"c:\\Program Files\\Spybot - Search & Destroy 2\\SDUpdSvc.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5353:TCP"= 5353:TCP:Adobe CSI CS4

"51000:TCP"= 51000:TCP:Adobe Version Cue CS4 Server

"51001:TCP"= 51001:TCP:Adobe Version Cue CS4 Server

.

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0602010.005\SymDS.sys [6/27/2012 8:05 PM 340088]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0602010.005\SymEFA.sys [6/27/2012 8:05 PM 905336]

R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\BASHDefs\20120711.002\BHDrvx86.sys [7/12/2012 1:31 AM 821920]

R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\0602010.005\ccSetx86.sys [6/27/2012 8:05 PM 132744]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0602010.005\Ironx86.sys [6/27/2012 8:05 PM 149624]

R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\EpsonCustomerParticipation\EPCP.exe [6/9/2011 1:01 PM 521600]

R2 Lotus Notes Diagnostics;Lotus Notes Diagnostics;c:\program files\IBM\Lotus\Notes\nsd.exe [9/29/2009 11:29 AM 3397000]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [6/30/2012 12:40 AM 655944]

R2 N360;Norton 360;c:\program files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe [6/27/2012 8:04 PM 138232]

R2 NGCLIENT;Symantec Ghost Client Agent;c:\program files\Symantec\Ghost\ngctw32.exe [4/19/2007 9:01 PM 632456]

R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\Spybot - Search & Destroy 2\SDFSSvc.exe [7/1/2012 4:24 PM 1122296]

R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\Spybot - Search & Destroy 2\SDUpdSvc.exe [7/1/2012 4:24 PM 838136]

R2 SMART Display Controller;SMART Display Controller;c:\program files\SMART Technologies\SMART Product Drivers\UCService.exe [11/19/2010 7:58 PM 846192]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [6/28/2012 4:09 PM 106656]

R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.2.1.5\Definitions\IPSDefs\20120713.001\IDSXpx86.sys [7/14/2012 12:57 AM 369632]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [6/30/2012 12:40 AM 22344]

S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [8/15/2008 5:46 AM 288112]

S3 fixustor;fixustor;c:\windows\system32\drivers\fixustor.sys [2/6/2012 7:05 PM 6016]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/26/2012 12:04 PM 113120]

S3 SMART SNMP Agent Service;SMART SNMP Agent Service;c:\program files\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe [11/19/2010 7:59 PM 1664368]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

Contents of the 'Scheduled Tasks' folder

.

2012-07-15 c:\windows\Tasks\Check for updates (Spybot - Search & Destroy).job

- c:\program files\Spybot - Search & Destroy 2\SDUpdate.exe [2012-07-02 02:29]

.

2012-07-02 c:\windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job

- c:\program files\Spybot - Search & Destroy 2\SDImmunize.exe [2012-07-02 02:29]

.

2012-07-02 c:\windows\Tasks\Scan the system (Spybot - Search & Destroy).job

- c:\program files\Spybot - Search & Destroy 2\SDScan.exe [2012-07-02 02:29]

.

.

------- Supplementary Scan -------

.

uInternet Settings,ProxyOverride = *.local

IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

DPF: {CAFECAFE-0013-0001-0028-ABCDEFABCDEF}

DPF: {CAFECAFE-0013-0001-0030-ABCDEFABCDEF}

FF - ProfilePath - c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\7wgst86i.default\

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-07-16 12:26

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

UMonit = c:\windows\system32\umonit.exe?USB\Vid_1713&Pid_01008???????I_03????(!??B\ROOT_H8??????V????????????????????h?????A~(!???????????b@?????????????????@$?|?????$?|??B~??@???E~????????????????????@???????????????t??????????????|`$?|?????$?|U$?|??????????????@

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360]

"ImagePath"="\"c:\program files\Norton 360\Engine\6.2.1.5\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\6.2.1.5\diMaster.dll\" /prefetch:1"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]

"Version"=hex:5c,7c,2e,44,07,d1,54,06,ef,30,5f,22,e3,21,18,6d,13,c9,fb,1b,f7,

44,50,70,ec,57,e4,82,0e,d2,30,9b,ee,e8,ae,db,e4,1d,fb,9c,81,e3,64,01,34,ee,\

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(1200)

c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

c:\program files\IBM\Lotus\Notes\npnotes.dll

c:\windows\system32\igfxdev.dll

.

- - - - - - - > 'explorer.exe'(8088)

c:\program files\SetPoint\lgscroll.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Completion time: 2012-07-16 12:28:03

ComboFix-quarantined-files.txt 2012-07-16 22:27

ComboFix2.txt 2012-07-15 01:42

.

Pre-Run: 25,100,419,072 bytes free

Post-Run: 25,097,547,776 bytes free

.

- - End Of File - - 8E82462B56C1E73DEBBD35B0FD508DA0

[Maniac]

Good!

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic
  

[shiannte]

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=6.00.2900.5512 (xpsp.080413-2105)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=efd6fba95682834ba2e9374d5060c928

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-07-17 01:19:56

# local_time=2012-07-16 03:19:56 (-1000, Hawaiian Standard Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=3589 16777189 100 74 1397679 93060631 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=185669

# found=16

# cleaned=16

# scan_time=3461

C:\Program Files\Zwinky_5qEI\Installr\1.bin\5qEIPlug.dll a variant of Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Program Files\Zwinky_5qEI\Installr\1.bin\5qEZSETP.dll a variant of Win32/Toolbar.MyWebSearch.Q application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{99127170-8C24-4E44-88F1-D9B20302B823}\RP4\A0000168.dll a variant of Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\System Volume Information\_restore{99127170-8C24-4E44-88F1-D9B20302B823}\RP4\A0000169.dll a variant of Win32/Toolbar.MyWebSearch.Q application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\12.07.2012_01.47.57\mbr0000\tdlfs0000\tsk0001.dta a variant of Win32/Olmarik.AYI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\12.07.2012_01.47.57\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\12.07.2012_01.47.57\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\12.07.2012_01.47.57\mbr0000\tdlfs0000\tsk0008.dta Win32/Olmarik.AFK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\12.07.2012_01.47.57\mbr0000\tdlfs0000\tsk0009.dta Win64/Olmarik.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\12.07.2012_01.47.57\mbr0000\tdlfs0000\tsk0012.dta a variant of Win32/Olmarik.AYI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\14.07.2012_15.13.12\tdlfs0000\tsk0001.dta a variant of Win32/Olmarik.AYI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\14.07.2012_15.13.12\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\14.07.2012_15.13.12\tdlfs0000\tsk0003.dta Win64/Olmarik.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\14.07.2012_15.13.12\tdlfs0000\tsk0007.dta Win32/Olmarik.AFK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\14.07.2012_15.13.12\tdlfs0000\tsk0008.dta Win64/Olmarik.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\TDSSKiller_Quarantine\14.07.2012_15.13.12\tdlfs0000\tsk0011.dta a variant of Win32/Olmarik.AYI trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

[Maniac]

Good!

How is your system now?

[shiannte]

Back to normal Thank you sooooo much for all of your help!

[Maniac]

Glad I could help!

Please uninstall ComboFix:

www.bleepingcomputer.com/combofix/how-to-use-combofix#uninstall

Next, manually delete DDS, TDSSKiller and McAfee tool. Next, uninstall ESET Online Scanner.

Some malware prevention tips:

http://forums.malwarebytes.org/index.php?showtopic=104379&pid=515983&st=0entry515983

Safe surfing!

[Maurice Naggar]

Glad we could help. This has been resolved, and now this topic is closed.

The fixes in this Topic are for this system only!

Do not apply the fix-instructions from this topic to any other system!

[screen317]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!