Redirect Virus

[mikegug7]

Hello. Recently my computer has been redirecting search entries from Google, as well as other search engines (Bing, etc). I've run MWB, and it removed a Trojan (don't remember which one, I clicked through it too fast! ) Reboot, and i'm still getting redirects, although not as often. Any help would be appreciated in removing the rest of this malware! Thanks in advance!

.

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by Sara-Belle at 19:09:19 on 2012-07-27

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.439 [GMT -7:00]

.

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\Explorer.EXE

svchost.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\ehome\ehtray.exe

C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe

C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb11.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe

C:\WINDOWS\system32\hphmon06.exe

C:\Program Files\VTech\DownloadManager\System\AgentMonitor.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe

C:\Program Files\Common Files\Java\Java Update\jucheck.exe

C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe

C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\HPZipm12.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://google.com/

uInternet Settings,ProxyOverride = *.local

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: GamingWonderland: {a899079d-206f-43a6-be6a-07e0fa648ea0} - c:\program files\gamingwonderland\bar\1.bin\gtbar.dll

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [Google Update] "c:\documents and settings\sara-belle\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [PhotoChannel] rundll32.exe "c:\documents and settings\sara-belle\local settings\application data\wmtools downloaded files\photochannel\kenllgy.dll",CreateInstance

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [intelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"

mRun: [intelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [sigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"

mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb11.exe

mRun: [HPHUPD06] c:\program files\hp\{aac4fc36-8f89-4587-8dd3-ebc57c83374d}\hphupd06.exe

mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"

mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"

mRun: [HPHmon06] c:\windows\system32\hphmon06.exe

mRun: [AgentMonitor] c:\program files\vtech\downloadmanager\system\AgentMonitor.exe

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

dRun: [PhotoChannel] rundll32.exe "c:\documents and settings\sara-belle\local settings\application data\wmtools downloaded files\photochannel\kenllgy.dll",CreateInstance

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

IE: &Search - http://tbedits.gamingwonderland.com/one-toolbaredits/menusearch.jhtml?s=100000425&p=Z7xdm064YYus&si=2121&a=EEBFCA6F-9F33-4DF8-AEE0-2B74346F8268&n=2012051622

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://images3.pnimedia.com/ProductAssets/costcous/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll

Notify: igfxcui - igfxdev.dll

Hosts: 192.168.1.70 HP000E7FD6C66D

.

============= SERVICES / DRIVERS ===============

.

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-12-4 136176]

S3 FlyUsb;FLY Fusion;c:\windows\system32\drivers\FlyUsb.sys [2011-1-14 18560]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-12-4 136176]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2012-07-22 05:54:42 -------- d-----w- C:\TDSSKiller_Quarantine

.

==================== Find3M ====================

.

2012-07-03 20:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys

2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll

2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll

2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll

2012-06-02 22:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 22:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 22:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 22:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 22:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll

2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll

2012-05-11 14:42:33 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec

2012-05-08 04:24:28 444952 ----a-w- c:\windows\system32\wrap_oal.dll

2012-05-08 04:24:28 109080 ----a-w- c:\windows\system32\OpenAL32.dll

2012-05-04 13:16:13 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-05-04 12:32:19 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-05-02 13:46:36 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys

.

============= FINISH: 19:10:20.20 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 7/9/2010 6:39:05 PM

System Uptime: 7/27/2012 5:38:46 PM (2 hours ago)

.

Motherboard: Dell Inc. | | 0KD882

Processor: Genuine Intel® CPU T2300 @ 1.66GHz | Microprocessor | 981/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 108 GiB total, 0.864 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Intel® PRO/Wireless 3945ABG Network Connection

Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_10208086&REV_02\4&6C79FC5&0&00E0

Manufacturer: Intel Corporation

Name: Intel® PRO/Wireless 3945ABG Network Connection

PNP Device ID: PCI\VEN_8086&DEV_4222&SUBSYS_10208086&REV_02\4&6C79FC5&0&00E0

Service: NETw4x32

.

==== System Restore Points ===================

.

RP116: 7/13/2012 9:50:39 PM - Software Distribution Service 3.0

RP117: 7/20/2012 7:37:21 PM - System Checkpoint

RP118: 7/21/2012 8:31:02 PM - System Checkpoint

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Flash Player 10 Plugin

Adobe Flash Player 11 ActiveX

Adobe Reader 9.4.0

Adore Puzzle

Ambush Pack 1.00 for Pocket Tanks Deluxe

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Big Fish Games: Game Manager

Bonjour

Broadcom 440x 10/100 Integrated Controller

Canon Camera Access Library

Canon DIGITAL CAMERA Solution Disk Software Guide

CANON iMAGE GATEWAY MyCamera Download Plugin

CANON iMAGE GATEWAY Task for ZoomBrowser EX

Canon MOV Decoder

Canon MOV Encoder

Canon MovieEdit Task for ZoomBrowser EX

Canon PowerShot ELPH 300 HS_IXUS 220 HS Camera User Guide

Canon Utilities CameraWindow DC 8

Canon Utilities CameraWindow Launcher

Canon Utilities Movie Uploader for YouTube

Canon Utilities MyCamera

Canon Utilities PhotoStitch

Canon Utilities ZoomBrowser EX

Canon ZoomBrowser EX Memory Card Utility

Chaos Pack 1.00 for Pocket Tanks Deluxe

Christmas Wonderland

Clockwork Crokinole

Conexant HDA D110 MDC V.92 Modem

Costco Photo Organizer

Dell ResourceCD

Disney Toontown Online

Dora Saves the Snow Princess

ESET Online Scanner v3

Fireworks Pack v1.0 for Pocket Tanks Deluxe

Flamethrower Pack 1.00 for Pocket Tanks Deluxe

Free Video Flip and Rotate version 1.8.13.908

Go Diego Go Ultimate Rescue League

Gold Pack v1.0 for Pocket Tanks Deluxe

Google Chrome

Google Earth

Google Update Helper

Gravity Pack v1.0 for Pocket Tanks Deluxe

High Definition Audio Driver Package - KB835221

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB981793)

HP Image Zone 4.0

HP Software Update

HP Unload DLL Patch

I SPY: Treasure Hunt

Intel® Graphics Media Accelerator Driver

Intel® PROSet/Wireless Software

iTunes

Java Auto Updater

Java 6 Update 20

LeapFrog Connect

LeapFrog Tag Junior Plugin

Learning Lodge Navigator

Malice: Two Sisters

Malwarebytes Anti-Malware version 1.62.0.1300

mCore

mDriver

mDrWiFi

Meteor Pack 1.00 for Pocket Tanks Deluxe

mHlpDell

Microsoft .NET Framework 1.0 Hotfix (KB2572066)

Microsoft .NET Framework 1.0 Hotfix (KB2604042)

Microsoft .NET Framework 1.0 Hotfix (KB2656378)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

mIWA

mLogView

mMHouse

MobileMe Control Panel

mPfMgr

mPfWiz

mProSafe

mSCfg

mSSO

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6 Service Pack 2 (KB973686)

mWlsSafe

mWMI

mZConfig

Nuke Pack 1.00 for Pocket Tanks Deluxe

OpenAL

Overland

Photosmart 320,370,7400,8100,8400 Series

Pocket Tanks Deluxe v1.3

Power Pack 1.00 for Pocket Tanks Deluxe

PS8400

PSPrinters06

QFolder

QuickTime

Safari

Scholastic's I SPY Junior

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982381)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Shadomania

SigmaTel Audio

Snark Busters: High Society

Snowball Pack v1.0 for Pocket Tanks Deluxe

Sonic Encoders

Spring Bonus

Super Pack v1.1 for Pocket Tanks Deluxe

Synaptics Pointing Device Driver

TrayApp

Unload

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB982632)

Update for Windows Media Player 10 (KB913800)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676-v2)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2718704)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update Rollup 2 for Windows XP Media Center Edition 2005

Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Junior Plugin)

VTech Download Agent Library

WebFldrs XP

WebReg

Windows Driver Package - LeapFrog (FlyUsb) USB (11/05/2008 1.1.1.0)

Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)

Windows Driver Package - Ricoh Company (rimsptsk) hdc (11/14/2006 6.00.01.04)

Windows Internet Explorer 8

Windows Media Format Runtime

Windows Presentation Foundation

Windows XP Media Center Edition 2005 KB2502898

Windows XP Media Center Edition 2005 KB2619340

Windows XP Media Center Edition 2005 KB2628259

Windows XP Media Center Edition 2005 KB908250

Windows XP Media Center Edition 2005 KB973768

Windows XP Service Pack 3

XML Paper Specification Shared Components Pack 1.0

.

==== Event Viewer Messages From Past Week ========

.

7/27/2012 6:22:40 PM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).

7/27/2012 6:22:40 PM, error: Service Control Manager [7034] - The LeapFrog Connect Device Service service terminated unexpectedly. It has done this 1 time(s).

7/27/2012 6:22:40 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).

7/27/2012 6:22:40 PM, error: Service Control Manager [7034] - The Intel® PROSet/Wireless SSO Service service terminated unexpectedly. It has done this 1 time(s).

7/27/2012 6:22:40 PM, error: Service Control Manager [7034] - The Intel® PROSet/Wireless Service service terminated unexpectedly. It has done this 1 time(s).

7/27/2012 6:22:40 PM, error: Service Control Manager [7034] - The Intel® PROSet/Wireless Registry Service service terminated unexpectedly. It has done this 1 time(s).

7/27/2012 6:22:40 PM, error: Service Control Manager [7034] - The Intel® PROSet/Wireless Event Log service terminated unexpectedly. It has done this 1 time(s).

7/27/2012 6:22:40 PM, error: Service Control Manager [7034] - The Canon Camera Access Library 8 service terminated unexpectedly. It has done this 1 time(s).

7/21/2012 10:25:47 PM, error: System Error [1003] - Error code 10000050, parameter1 a8c07000, parameter2 00000000, parameter3 80509987, parameter4 00000000.

7/20/2012 8:59:13 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.

.

==== End Of File ===========================

[mikegug7]

Thanks for the response. I checked in IE and nothing was checked in the LAN settings windows. Also, I've been getting the redirect in both Chrome and IE.

[MrCharlie]

Thanks for the response. I checked in IE and nothing was checked in the LAN settings windows. Also, I've been getting the redirect in both Chrome and IE.

Welcome to the forum, is someone helping you??

If not please do this..........

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

[mikegug7]

Thanks. Someone had asked me to check LAN settings in IE, but it looks like they deleted their post?

Anyways, below is the report from RogueKiller.

RogueKiller V7.6.4 [07/17/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: Sara-Belle [Admin rights]

Mode: Scan -- Date: 07/28/2012 08:05:12

¤¤¤ Bad processes: 1 ¤¤¤

[sUSP PATH] kenllgy.dll -- C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll -> KILLED [TermProc]

¤¤¤ Registry Entries: 10 ¤¤¤

[bLACKLIST DLL] HKCU\[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\.DEFAULT[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-19[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-19_Classes[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-20[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-20_Classes[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-21-484763869-1614895754-839522115-1003[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-21-484763869-1614895754-839522115-1003_Classes[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-18[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

192.168.1.70 HP000E7FD6C66D

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD1200BEVS-75LAT0 +++++

--- User ---

[MBR] 53a616d47b781bd4a5bcc012b773497f

[bSP] 924c3ccc7cf16975da73c299d9d5d6d2 : Windows XP MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 110925 Mo

2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 227271555 | Size: 2055 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

[mikegug7]

Thanks. Someone had asked me to check LAN settings in IE, but it looks like they deleted their post?

Anyways, below is the report from RogueKiller.

RogueKiller V7.6.4 [07/17/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User: Sara-Belle [Admin rights]

Mode: Scan -- Date: 07/28/2012 08:05:12

¤¤¤ Bad processes: 1 ¤¤¤

[sUSP PATH] kenllgy.dll -- C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll -> KILLED [TermProc]

¤¤¤ Registry Entries: 10 ¤¤¤

[bLACKLIST DLL] HKCU\[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\.DEFAULT[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-19[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-19_Classes[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-20[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-20_Classes[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-21-484763869-1614895754-839522115-1003[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-21-484763869-1614895754-839522115-1003_Classes[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-18[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

192.168.1.70 HP000E7FD6C66D

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD1200BEVS-75LAT0 +++++

--- User ---

[MBR] 53a616d47b781bd4a5bcc012b773497f

[bSP] 924c3ccc7cf16975da73c299d9d5d6d2 : Windows XP MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 47 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 96390 | Size: 110925 Mo

2 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 227271555 | Size: 2055 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1].txt >>

RKreport[1].txt

[MrCharlie]

Run RogueKiller again and click Scan

When the scan completes > click on the Processes tab

Put a check next to all of these and uncheck the rest:

¤¤¤ Bad processes: 1 ¤¤¤

[sUSP PATH] kenllgy.dll -- C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll -> KILLED [TermProc]

Now click Delete on the right hand column under Options

-------------

Next click on the Registry tab and put a check next to these and uncheck the rest.

¤¤¤ Registry Entries: 10 ¤¤¤

[bLACKLIST DLL] HKCU\[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\.DEFAULT[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-19[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-19_Classes[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-20[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-20_Classes[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-21-484763869-1614895754-839522115-1003[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-21-484763869-1614895754-839522115-1003_Classes[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

[bLACKLIST DLL] HKUS\S-1-5-18[...]\Run : PhotoChannel (rundll32.exe "C:\Documents and Settings\Sara-Belle\Local Settings\Application Data\WMTools Downloaded Files\PhotoChannel\kenllgy.dll",CreateInstance) -> FOUND

Now click Delete on the right hand column under Options

------------------------------------------

Then.................

Please make sure system restore is running and create a new restore point before continuing.

XP <===> Vista & W7

XP users > please back up the registry using ERUNT.

-----------------------------------------

Please download and run TDSSKiller to your desktop as outlined below:

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

http://img.photobuck...alee/tdss_1.jpg

-------------------------

Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

http://img.photobuck...alee/tdss_2.jpg

------------------------

Click the Start Scan button.

http://img.photobuck...alee/tdss_3.jpg

-----------------------

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

http://img.photobuck...alee/tdss_4.jpg

----------------------

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

http://img.photobuck...alee/tdss_5.jpg

--------------------

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

-------------------

Here's a summary of what to do if you would like to print it out:

If a suspicious object is detected, the default action will be Skip, click on Continue

If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose

Skip and click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

MrC

[mikegug7]

Ran RogueKiller again, but nothing is showing up on the processes tab. I attached a pic of the screenshot.Should I continue with the rest of your instructions?

[MrCharlie]

YES!! MrC

[mikegug7]

Looks like RogueKiller created a folder on my desktop called RK_Quarantine with the following files; kenllgy.dll.vir, physicaldrive0_user.dat, Eula.txt, and quarantinereport.txt. This was created after the first scan.

[MrCharlie]

That's OK,,MrC

[mikegug7]

Below is the report from TDSSKiller. Only suspicious objects were found.

08:37:10.0140 2588 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32

08:37:10.0921 2588 ============================================================

08:37:10.0921 2588 Current date / time: 2012/07/28 08:37:10.0921

08:37:10.0921 2588 SystemInfo:

08:37:10.0921 2588

08:37:10.0921 2588 OS Version: 5.1.2600 ServicePack: 3.0

08:37:10.0921 2588 Product type: Workstation

08:37:10.0921 2588 ComputerName: SARA-594D193752

08:37:10.0921 2588 UserName: Sara-Belle

08:37:10.0921 2588 Windows directory: C:\WINDOWS

08:37:10.0921 2588 System windows directory: C:\WINDOWS

08:37:10.0921 2588 Processor architecture: Intel x86

08:37:10.0921 2588 Number of processors: 2

08:37:10.0921 2588 Page size: 0x1000

08:37:10.0921 2588 Boot type: Normal boot

08:37:10.0921 2588 ============================================================

08:37:13.0515 2588 Drive \Device\Harddisk0\DR0 - Size: 0x1B98B79400 (110.39 Gb), SectorSize: 0x200, Cylinders: 0x384A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

08:37:13.0531 2588 ============================================================

08:37:13.0531 2588 \Device\Harddisk0\DR0:

08:37:13.0531 2588 MBR partitions:

08:37:13.0531 2588 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0xD8A6AFD

08:37:13.0546 2588 ============================================================

08:37:13.0609 2588 C: <-> \Device\Harddisk0\DR0\Partition0

08:37:13.0609 2588 ============================================================

08:37:13.0609 2588 Initialize success

08:37:13.0609 2588 ============================================================

08:37:37.0031 2552 ============================================================

08:37:37.0031 2552 Scan started

08:37:37.0031 2552 Mode: Manual; SigCheck; TDLFS;

08:37:37.0031 2552 ============================================================

08:37:37.0343 2552 Abiosdsk - ok

08:37:37.0359 2552 abp480n5 - ok

08:37:37.0421 2552 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

08:37:37.0953 2552 ACPI - ok

08:37:38.0078 2552 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

08:37:38.0281 2552 ACPIEC - ok

08:37:38.0281 2552 adpu160m - ok

08:37:38.0328 2552 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

08:37:38.0531 2552 aec - ok

08:37:38.0593 2552 AegisP (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys

08:37:38.0640 2552 AegisP - ok

08:37:38.0750 2552 AFD (f6b7b1ecd7b41736bdb6ff4b092bcb79) C:\WINDOWS\System32\drivers\afd.sys

08:37:38.0812 2552 AFD - ok

08:37:38.0812 2552 Aha154x - ok

08:37:38.0828 2552 aic78u2 - ok

08:37:38.0828 2552 aic78xx - ok

08:37:38.0875 2552 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

08:37:39.0078 2552 Alerter - ok

08:37:39.0093 2552 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

08:37:39.0281 2552 ALG - ok

08:37:39.0296 2552 AliIde - ok

08:37:39.0296 2552 amsint - ok

08:37:39.0468 2552 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

08:37:39.0500 2552 Apple Mobile Device - ok

08:37:39.0562 2552 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

08:37:39.0750 2552 AppMgmt - ok

08:37:39.0781 2552 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

08:37:39.0984 2552 Arp1394 - ok

08:37:39.0984 2552 asc - ok

08:37:40.0000 2552 asc3350p - ok

08:37:40.0000 2552 asc3550 - ok

08:37:40.0187 2552 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

08:37:40.0218 2552 aspnet_state - ok

08:37:40.0250 2552 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

08:37:40.0437 2552 AsyncMac - ok

08:37:40.0468 2552 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

08:37:40.0671 2552 atapi - ok

08:37:40.0687 2552 Atdisk - ok

08:37:40.0718 2552 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

08:37:40.0921 2552 Atmarpc - ok

08:37:40.0968 2552 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

08:37:41.0171 2552 AudioSrv - ok

08:37:41.0218 2552 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

08:37:41.0421 2552 audstub - ok

08:37:41.0484 2552 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys

08:37:41.0562 2552 bcm4sbxp - ok

08:37:41.0609 2552 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

08:37:41.0812 2552 Beep - ok

08:37:41.0890 2552 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

08:37:42.0140 2552 BITS - ok

08:37:42.0281 2552 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe

08:37:42.0312 2552 Bonjour Service - ok

08:37:42.0375 2552 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

08:37:42.0578 2552 Browser - ok

08:37:42.0578 2552 catchme - ok

08:37:42.0625 2552 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

08:37:42.0828 2552 cbidf2k - ok

08:37:42.0890 2552 CCALib8 (fc9005ee6aa8d4378582eb4c1f333a97) C:\Program Files\Canon\CAL\CALMAIN.exe

08:37:42.0906 2552 CCALib8 ( UnsignedFile.Multi.Generic ) - warning

08:37:42.0906 2552 CCALib8 - detected UnsignedFile.Multi.Generic (1)

08:37:42.0921 2552 cd20xrnt - ok

08:37:42.0937 2552 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

08:37:43.0156 2552 Cdaudio - ok

08:37:43.0187 2552 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

08:37:43.0375 2552 Cdfs - ok

08:37:43.0390 2552 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

08:37:43.0593 2552 Cdrom - ok

08:37:43.0625 2552 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys

08:37:43.0640 2552 cercsr6 ( UnsignedFile.Multi.Generic ) - warning

08:37:43.0640 2552 cercsr6 - detected UnsignedFile.Multi.Generic (1)

08:37:43.0640 2552 Changer - ok

08:37:43.0671 2552 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

08:37:43.0859 2552 CiSvc - ok

08:37:43.0890 2552 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

08:37:44.0078 2552 ClipSrv - ok

08:37:44.0265 2552 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

08:37:44.0296 2552 clr_optimization_v2.0.50727_32 - ok

08:37:44.0421 2552 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

08:37:44.0453 2552 clr_optimization_v4.0.30319_32 - ok

08:37:44.0515 2552 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

08:37:44.0703 2552 CmBatt - ok

08:37:44.0703 2552 CmdIde - ok

08:37:44.0718 2552 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

08:37:44.0921 2552 Compbatt - ok

08:37:44.0921 2552 COMSysApp - ok

08:37:44.0937 2552 Cpqarray - ok

08:37:44.0968 2552 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

08:37:45.0171 2552 CryptSvc - ok

08:37:45.0171 2552 dac2w2k - ok

08:37:45.0171 2552 dac960nt - ok

08:37:45.0250 2552 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

08:37:45.0359 2552 DcomLaunch - ok

08:37:45.0437 2552 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

08:37:45.0625 2552 Dhcp - ok

08:37:45.0671 2552 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

08:37:45.0875 2552 Disk - ok

08:37:45.0890 2552 dmadmin - ok

08:37:45.0953 2552 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

08:37:46.0203 2552 dmboot - ok

08:37:46.0234 2552 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

08:37:46.0421 2552 dmio - ok

08:37:46.0453 2552 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

08:37:46.0640 2552 dmload - ok

08:37:46.0687 2552 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

08:37:46.0890 2552 dmserver - ok

08:37:46.0937 2552 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

08:37:47.0140 2552 DMusic - ok

08:37:47.0187 2552 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

08:37:47.0328 2552 Dnscache - ok

08:37:47.0390 2552 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

08:37:47.0593 2552 Dot3svc - ok

08:37:47.0593 2552 dpti2o - ok

08:37:47.0625 2552 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

08:37:47.0875 2552 drmkaud - ok

08:37:47.0968 2552 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

08:37:48.0140 2552 EapHost - ok

08:37:48.0250 2552 ehRecvr (8301243bde5b6cd316d79c0191d50d9a) C:\WINDOWS\eHome\ehRecvr.exe

08:37:48.0281 2552 ehRecvr - ok

08:37:48.0343 2552 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe

08:37:48.0421 2552 ehSched - ok

08:37:48.0484 2552 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

08:37:48.0703 2552 ERSvc - ok

08:37:48.0750 2552 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

08:37:48.0812 2552 Eventlog - ok

08:37:48.0875 2552 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

08:37:48.0937 2552 EventSystem - ok

08:37:49.0125 2552 EvtEng (1caea4b1f293859c65be20221a4008d6) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

08:37:49.0234 2552 EvtEng ( UnsignedFile.Multi.Generic ) - warning

08:37:49.0234 2552 EvtEng - detected UnsignedFile.Multi.Generic (1)

08:37:49.0312 2552 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

08:37:49.0500 2552 Fastfat - ok

08:37:49.0593 2552 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

08:37:49.0656 2552 FastUserSwitchingCompatibility - ok

08:37:49.0687 2552 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

08:37:49.0875 2552 Fdc - ok

08:37:49.0890 2552 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

08:37:50.0078 2552 Fips - ok

08:37:50.0109 2552 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

08:37:50.0296 2552 Flpydisk - ok

08:37:50.0359 2552 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

08:37:50.0546 2552 FltMgr - ok

08:37:50.0593 2552 FlyUsb (8efa9bfc940d9eb9348d9dafb839fe25) C:\WINDOWS\system32\DRIVERS\FlyUsb.sys

08:37:50.0640 2552 FlyUsb - ok

08:37:50.0796 2552 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

08:37:50.0828 2552 FontCache3.0.0.0 - ok

08:37:50.0875 2552 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

08:37:51.0062 2552 Fs_Rec - ok

08:37:51.0109 2552 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

08:37:51.0328 2552 Ftdisk - ok

08:37:51.0375 2552 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

08:37:51.0406 2552 GEARAspiWDM - ok

08:37:51.0437 2552 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

08:37:51.0625 2552 Gpc - ok

08:37:51.0781 2552 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

08:37:51.0812 2552 gupdate - ok

08:37:51.0812 2552 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

08:37:51.0843 2552 gupdatem - ok

08:37:51.0906 2552 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

08:37:52.0093 2552 HDAudBus - ok

08:37:52.0218 2552 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

08:37:52.0421 2552 helpsvc - ok

08:37:52.0421 2552 HidServ - ok

08:37:52.0468 2552 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

08:37:52.0671 2552 hkmsvc - ok

08:37:52.0734 2552 HP Port Resolver (58176988fba04153d35d7eb92825a14f) C:\WINDOWS\system32\hpbpro.exe

08:37:52.0906 2552 HP Port Resolver - ok

08:37:52.0953 2552 HP Status Server (b00044476f6d091922da76a086ecc15b) C:\WINDOWS\system32\hpboid.exe

08:37:52.0984 2552 HP Status Server - ok

08:37:52.0984 2552 hpn - ok

08:37:53.0062 2552 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys

08:37:53.0109 2552 HSFHWAZL - ok

08:37:53.0203 2552 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

08:37:53.0296 2552 HSF_DPV - ok

08:37:53.0359 2552 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

08:37:53.0437 2552 HTTP - ok

08:37:53.0468 2552 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

08:37:53.0671 2552 HTTPFilter - ok

08:37:53.0671 2552 i2omgmt - ok

08:37:53.0671 2552 i2omp - ok

08:37:53.0718 2552 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

08:37:53.0906 2552 i8042prt - ok

08:37:54.0328 2552 ialm (bffa387180121df1e4646c4ced3e16ca) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

08:37:54.0687 2552 ialm - ok

08:37:54.0953 2552 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

08:37:55.0109 2552 idsvc - ok

08:37:55.0171 2552 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

08:37:55.0375 2552 Imapi - ok

08:37:55.0437 2552 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

08:37:55.0640 2552 ImapiService - ok

08:37:55.0640 2552 ini910u - ok

08:37:55.0640 2552 IntelIde - ok

08:37:55.0671 2552 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

08:37:55.0843 2552 intelppm - ok

08:37:55.0875 2552 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

08:37:56.0062 2552 Ip6Fw - ok

08:37:56.0093 2552 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

08:37:56.0296 2552 IpFilterDriver - ok

08:37:56.0343 2552 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

08:37:56.0515 2552 IpInIp - ok

08:37:56.0546 2552 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

08:37:56.0750 2552 IpNat - ok

08:37:56.0890 2552 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe

08:37:56.0968 2552 iPod Service - ok

08:37:57.0000 2552 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

08:37:57.0187 2552 IPSec - ok

08:37:57.0203 2552 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

08:37:57.0406 2552 IRENUM - ok

08:37:57.0453 2552 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

08:37:57.0640 2552 isapnp - ok

08:37:57.0750 2552 JavaQuickStarterService (f80e48e18340d49dcaaf48d2bfab6f25) C:\Program Files\Java\jre6\bin\jqs.exe

08:37:57.0781 2552 JavaQuickStarterService ( UnsignedFile.Multi.Generic ) - warning

08:37:57.0781 2552 JavaQuickStarterService - detected UnsignedFile.Multi.Generic (1)

08:37:57.0812 2552 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

08:37:58.0015 2552 Kbdclass - ok

08:37:58.0250 2552 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

08:37:58.0421 2552 kmixer - ok

08:37:58.0437 2552 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

08:37:58.0484 2552 KSecDD - ok

08:37:58.0546 2552 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

08:37:58.0609 2552 lanmanserver - ok

08:37:58.0671 2552 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

08:37:58.0750 2552 lanmanworkstation - ok

08:37:58.0765 2552 lbrtfdc - ok

08:37:59.0171 2552 LeapFrog Connect Device Service (f6642700e5f510c910e129f8b56b0f65) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

08:37:59.0609 2552 LeapFrog Connect Device Service ( UnsignedFile.Multi.Generic ) - warning

08:37:59.0609 2552 LeapFrog Connect Device Service - detected UnsignedFile.Multi.Generic (1)

08:37:59.0796 2552 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

08:37:59.0984 2552 LmHosts - ok

08:38:00.0046 2552 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe

08:38:00.0093 2552 McrdSvc - ok

08:38:00.0156 2552 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

08:38:00.0187 2552 mdmxsdk - ok

08:38:00.0250 2552 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

08:38:00.0437 2552 Messenger - ok

08:38:00.0468 2552 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll

08:38:00.0500 2552 MHN ( UnsignedFile.Multi.Generic ) - warning

08:38:00.0500 2552 MHN - detected UnsignedFile.Multi.Generic (1)

08:38:00.0531 2552 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys

08:38:00.0531 2552 MHNDRV ( UnsignedFile.Multi.Generic ) - warning

08:38:00.0531 2552 MHNDRV - detected UnsignedFile.Multi.Generic (1)

08:38:00.0578 2552 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

08:38:00.0765 2552 mnmdd - ok

08:38:00.0796 2552 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

08:38:01.0000 2552 mnmsrvc - ok

08:38:01.0046 2552 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

08:38:01.0234 2552 Modem - ok

08:38:01.0250 2552 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

08:38:01.0421 2552 Mouclass - ok

08:38:01.0468 2552 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

08:38:01.0671 2552 MountMgr - ok

08:38:01.0671 2552 mraid35x - ok

08:38:01.0687 2552 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

08:38:01.0890 2552 MRxDAV - ok

08:38:01.0968 2552 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

08:38:02.0046 2552 MRxSmb - ok

08:38:02.0078 2552 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

08:38:02.0265 2552 MSDTC - ok

08:38:02.0281 2552 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

08:38:02.0453 2552 Msfs - ok

08:38:02.0453 2552 MSIServer - ok

08:38:02.0484 2552 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

08:38:02.0687 2552 MSKSSRV - ok

08:38:02.0703 2552 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

08:38:02.0875 2552 MSPCLOCK - ok

08:38:02.0890 2552 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

08:38:03.0078 2552 MSPQM - ok

08:38:03.0140 2552 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

08:38:03.0312 2552 mssmbios - ok

08:38:03.0343 2552 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

08:38:03.0390 2552 Mup - ok

08:38:03.0453 2552 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

08:38:03.0671 2552 napagent - ok

08:38:03.0703 2552 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

08:38:03.0906 2552 NDIS - ok

08:38:03.0953 2552 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

08:38:04.0015 2552 NdisTapi - ok

08:38:04.0031 2552 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

08:38:04.0203 2552 Ndisuio - ok

08:38:04.0218 2552 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

08:38:04.0421 2552 NdisWan - ok

08:38:04.0453 2552 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

08:38:04.0500 2552 NDProxy - ok

08:38:04.0515 2552 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

08:38:04.0703 2552 NetBIOS - ok

08:38:04.0750 2552 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

08:38:04.0921 2552 NetBT - ok

08:38:04.0984 2552 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

08:38:05.0187 2552 NetDDE - ok

08:38:05.0187 2552 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

08:38:05.0359 2552 NetDDEdsdm - ok

08:38:05.0437 2552 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

08:38:05.0625 2552 Netlogon - ok

08:38:05.0687 2552 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

08:38:05.0890 2552 Netman - ok

08:38:06.0062 2552 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

08:38:06.0093 2552 NetTcpPortSharing - ok

08:38:06.0265 2552 NETw4x32 (b5ab1108b377b5f3d37409fabda01453) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys

08:38:06.0437 2552 NETw4x32 - ok

08:38:06.0625 2552 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

08:38:06.0812 2552 NIC1394 - ok

08:38:06.0890 2552 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

08:38:06.0953 2552 Nla - ok

08:38:06.0968 2552 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

08:38:07.0171 2552 Npfs - ok

08:38:07.0218 2552 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

08:38:07.0437 2552 Ntfs - ok

08:38:07.0500 2552 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

08:38:07.0734 2552 NtLmSsp - ok

08:38:07.0828 2552 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

08:38:08.0109 2552 NtmsSvc - ok

08:38:08.0140 2552 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

08:38:08.0406 2552 Null - ok

08:38:08.0421 2552 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

08:38:08.0687 2552 NwlnkFlt - ok

08:38:08.0687 2552 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

08:38:08.0953 2552 NwlnkFwd - ok

08:38:09.0046 2552 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

08:38:09.0281 2552 ohci1394 - ok

08:38:09.0328 2552 OMCI (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS

08:38:09.0343 2552 OMCI ( UnsignedFile.Multi.Generic ) - warning

08:38:09.0343 2552 OMCI - detected UnsignedFile.Multi.Generic (1)

08:38:09.0359 2552 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

08:38:09.0593 2552 Parport - ok

08:38:09.0625 2552 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

08:38:09.0859 2552 PartMgr - ok

08:38:09.0890 2552 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

08:38:10.0156 2552 ParVdm - ok

08:38:10.0187 2552 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

08:38:10.0406 2552 PCI - ok

08:38:10.0421 2552 PCIDump - ok

08:38:10.0453 2552 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

08:38:10.0703 2552 PCIIde - ok

08:38:10.0750 2552 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

08:38:10.0968 2552 Pcmcia - ok

08:38:10.0984 2552 PDCOMP - ok

08:38:10.0984 2552 PDFRAME - ok

08:38:10.0984 2552 PDRELI - ok

08:38:11.0000 2552 PDRFRAME - ok

08:38:11.0000 2552 perc2 - ok

08:38:11.0015 2552 perc2hib - ok

08:38:11.0078 2552 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

08:38:11.0140 2552 PlugPlay - ok

08:38:11.0203 2552 Pml Driver HPZ12 (767adb72f52b5abf96f5490fd023fd6e) C:\WINDOWS\system32\HPZipm12.exe

08:38:11.0218 2552 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

08:38:11.0218 2552 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

08:38:11.0218 2552 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

08:38:11.0437 2552 PolicyAgent - ok

08:38:11.0515 2552 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

08:38:11.0765 2552 PptpMiniport - ok

08:38:11.0781 2552 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

08:38:12.0000 2552 ProtectedStorage - ok

08:38:12.0015 2552 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

08:38:12.0265 2552 PSched - ok

08:38:12.0312 2552 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

08:38:12.0578 2552 Ptilink - ok

08:38:12.0593 2552 PxHelp20 (617accada2e0a0f43ec6030bbac49513) C:\WINDOWS\system32\Drivers\PxHelp20.sys

08:38:12.0656 2552 PxHelp20 - ok

08:38:12.0656 2552 ql1080 - ok

08:38:12.0671 2552 Ql10wnt - ok

08:38:12.0671 2552 ql12160 - ok

08:38:12.0687 2552 ql1240 - ok

08:38:12.0687 2552 ql1280 - ok

08:38:12.0718 2552 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

08:38:12.0953 2552 RasAcd - ok

08:38:13.0000 2552 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

08:38:13.0218 2552 RasAuto - ok

08:38:13.0250 2552 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

08:38:13.0500 2552 Rasl2tp - ok

08:38:13.0562 2552 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

08:38:13.0796 2552 RasMan - ok

08:38:13.0812 2552 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

08:38:14.0046 2552 RasPppoe - ok

08:38:14.0062 2552 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

08:38:14.0312 2552 Raspti - ok

08:38:14.0328 2552 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

08:38:14.0562 2552 Rdbss - ok

08:38:14.0578 2552 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

08:38:14.0828 2552 RDPCDD - ok

08:38:14.0937 2552 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

08:38:15.0187 2552 rdpdr - ok

08:38:15.0234 2552 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys

08:38:15.0328 2552 RDPWD - ok

08:38:15.0390 2552 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

08:38:15.0625 2552 RDSessMgr - ok

08:38:15.0656 2552 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

08:38:15.0890 2552 redbook - ok

08:38:16.0046 2552 RegSrvc (c86f2f4cd3664572511a70eaecadd7a0) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

08:38:16.0093 2552 RegSrvc ( UnsignedFile.Multi.Generic ) - warning

08:38:16.0093 2552 RegSrvc - detected UnsignedFile.Multi.Generic (1)

08:38:16.0140 2552 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

08:38:16.0375 2552 RemoteAccess - ok

08:38:16.0421 2552 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

08:38:16.0671 2552 RemoteRegistry - ok

08:38:16.0718 2552 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys

08:38:16.0796 2552 rimmptsk - ok

08:38:16.0843 2552 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys

08:38:16.0921 2552 rimsptsk - ok

08:38:16.0968 2552 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys

08:38:17.0046 2552 rismxdp - ok

08:38:17.0078 2552 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

08:38:17.0312 2552 RpcLocator - ok

08:38:17.0390 2552 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll

08:38:17.0500 2552 RpcSs - ok

08:38:17.0531 2552 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

08:38:17.0812 2552 RSVP - ok

08:38:17.0937 2552 S24EventMonitor (7b6967e16fa10676e9e23017b80ab749) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

08:38:18.0031 2552 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning

08:38:18.0046 2552 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)

08:38:18.0062 2552 s24trans (eadfb87f911a7a75d1b80617f92901e8) C:\WINDOWS\system32\DRIVERS\s24trans.sys

08:38:18.0093 2552 s24trans ( UnsignedFile.Multi.Generic ) - warning

08:38:18.0093 2552 s24trans - detected UnsignedFile.Multi.Generic (1)

08:38:18.0140 2552 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

08:38:18.0359 2552 SamSs - ok

08:38:18.0390 2552 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

08:38:18.0640 2552 SCardSvr - ok

08:38:18.0703 2552 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

08:38:18.0937 2552 Schedule - ok

08:38:19.0015 2552 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys

08:38:19.0265 2552 sdbus - ok

08:38:19.0312 2552 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

08:38:19.0531 2552 Secdrv - ok

08:38:19.0562 2552 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

08:38:19.0796 2552 seclogon - ok

08:38:19.0828 2552 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

08:38:20.0078 2552 SENS - ok

08:38:20.0109 2552 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

08:38:20.0343 2552 Serial - ok

08:38:20.0390 2552 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys

08:38:20.0625 2552 sffdisk - ok

08:38:20.0656 2552 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys

08:38:20.0890 2552 sffp_sd - ok

08:38:20.0937 2552 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

08:38:21.0171 2552 Sfloppy - ok

08:38:21.0250 2552 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

08:38:21.0546 2552 SharedAccess - ok

08:38:21.0593 2552 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

08:38:21.0625 2552 ShellHWDetection - ok

08:38:21.0625 2552 Simbad - ok

08:38:21.0640 2552 Sparrow - ok

08:38:21.0671 2552 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

08:38:21.0906 2552 splitter - ok

08:38:21.0968 2552 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

08:38:22.0046 2552 Spooler - ok

08:38:22.0078 2552 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

08:38:22.0296 2552 sr - ok

08:38:22.0359 2552 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

08:38:22.0625 2552 srservice - ok

08:38:22.0671 2552 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

08:38:22.0796 2552 Srv - ok

08:38:22.0859 2552 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

08:38:23.0093 2552 SSDPSRV - ok

08:38:23.0250 2552 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys

08:38:23.0406 2552 STHDA - ok

08:38:23.0484 2552 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

08:38:23.0734 2552 stisvc - ok

08:38:23.0812 2552 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

08:38:24.0046 2552 swenum - ok

08:38:24.0062 2552 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

08:38:24.0296 2552 swmidi - ok

08:38:24.0296 2552 SwPrv - ok

08:38:24.0312 2552 symc810 - ok

08:38:24.0328 2552 symc8xx - ok

08:38:24.0328 2552 sym_hi - ok

08:38:24.0343 2552 sym_u3 - ok

08:38:24.0406 2552 SynTP (6bef3acd6ee22eec55b68699e8aace09) C:\WINDOWS\system32\DRIVERS\SynTP.sys

08:38:24.0484 2552 SynTP - ok

08:38:24.0531 2552 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

08:38:24.0781 2552 sysaudio - ok

08:38:24.0812 2552 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

08:38:25.0046 2552 SysmonLog - ok

08:38:25.0093 2552 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

08:38:25.0359 2552 TapiSrv - ok

08:38:25.0421 2552 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

08:38:25.0546 2552 Tcpip - ok

08:38:25.0593 2552 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

08:38:25.0828 2552 TDPIPE - ok

08:38:25.0859 2552 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

08:38:26.0109 2552 TDTCP - ok

08:38:26.0140 2552 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

08:38:26.0359 2552 TermDD - ok

08:38:26.0453 2552 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

08:38:26.0734 2552 TermService - ok

08:38:26.0796 2552 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

08:38:26.0828 2552 Themes - ok

08:38:26.0875 2552 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe

08:38:27.0109 2552 TlntSvr - ok

08:38:27.0109 2552 TosIde - ok

08:38:27.0171 2552 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

08:38:27.0421 2552 TrkWks - ok

08:38:27.0468 2552 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

08:38:27.0703 2552 Udfs - ok

08:38:27.0703 2552 ultra - ok

08:38:27.0734 2552 UMWdf (9651e5d850b6f6bd7c77c70aa06f02bf) C:\WINDOWS\system32\wdfmgr.exe

08:38:27.0843 2552 UMWdf - ok

08:38:27.0921 2552 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

08:38:28.0156 2552 Update - ok

08:38:28.0250 2552 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

08:38:28.0500 2552 upnphost - ok

08:38:28.0531 2552 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

08:38:28.0765 2552 UPS - ok

08:38:28.0828 2552 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys

08:38:28.0906 2552 USBAAPL - ok

08:38:28.0953 2552 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

08:38:29.0171 2552 usbehci - ok

08:38:29.0234 2552 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

08:38:29.0453 2552 usbhub - ok

08:38:29.0500 2552 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

08:38:29.0734 2552 usbscan - ok

08:38:29.0781 2552 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

08:38:30.0015 2552 USBSTOR - ok

08:38:30.0046 2552 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

08:38:30.0281 2552 usbuhci - ok

08:38:30.0312 2552 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

08:38:30.0546 2552 VgaSave - ok

08:38:30.0562 2552 ViaIde - ok

08:38:30.0609 2552 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

08:38:30.0828 2552 VolSnap - ok

08:38:30.0875 2552 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

08:38:31.0125 2552 VSS - ok

08:38:31.0281 2552 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

08:38:31.0515 2552 W32Time - ok

08:38:31.0546 2552 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

08:38:31.0796 2552 Wanarp - ok

08:38:31.0875 2552 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys

08:38:31.0921 2552 Wdf01000 - ok

08:38:31.0921 2552 WDICA - ok

08:38:31.0953 2552 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

08:38:32.0187 2552 wdmaud - ok

08:38:32.0250 2552 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

08:38:32.0484 2552 WebClient - ok

08:38:32.0578 2552 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

08:38:32.0656 2552 winachsf - ok

08:38:32.0781 2552 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

08:38:33.0015 2552 winmgmt - ok

08:38:33.0187 2552 WLANKEEPER (4db3ba8de1ef86fdac9729b5122953d5) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

08:38:33.0250 2552 WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning

08:38:33.0250 2552 WLANKEEPER - detected UnsignedFile.Multi.Generic (1)

08:38:33.0296 2552 WmdmPmSN (b9715b9c18bc6c8f4b66733d208cc9f7) C:\WINDOWS\system32\MsPMSNSv.dll

08:38:33.0406 2552 WmdmPmSN - ok

08:38:33.0500 2552 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll

08:38:33.0640 2552 Wmi - ok

08:38:33.0687 2552 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

08:38:33.0906 2552 WmiApSrv - ok

08:38:34.0171 2552 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

08:38:34.0265 2552 WPFFontCache_v0400 - ok

08:38:34.0343 2552 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

08:38:34.0578 2552 wscsvc - ok

08:38:34.0625 2552 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

08:38:34.0875 2552 wuauserv - ok

08:38:34.0968 2552 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

08:38:35.0265 2552 WZCSVC - ok

08:38:35.0312 2552 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

08:38:35.0546 2552 xmlprov - ok

08:38:35.0593 2552 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

08:38:36.0531 2552 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

08:38:36.0531 2552 \Device\Harddisk0\DR0 - detected TDSS File System (1)

08:38:36.0531 2552 Boot (0x1200) (cc81cc372206f3fb6fec00ab7076a14e) \Device\Harddisk0\DR0\Partition0

08:38:36.0546 2552 \Device\Harddisk0\DR0\Partition0 - ok

08:38:36.0546 2552 ============================================================

08:38:36.0546 2552 Scan finished

08:38:36.0546 2552 ============================================================

08:38:36.0671 1416 Detected object count: 14

08:38:36.0671 1416 Actual detected object count: 14

08:39:13.0718 1416 CCALib8 ( UnsignedFile.Multi.Generic ) - skipped by user

08:39:13.0718 1416 CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:39:13.0718 1416 cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user

08:39:13.0718 1416 cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:39:13.0718 1416 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user

08:39:13.0718 1416 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:39:13.0718 1416 JavaQuickStarterService ( UnsignedFile.Multi.Generic ) - skipped by user

08:39:13.0718 1416 JavaQuickStarterService ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:39:13.0734 1416 LeapFrog Connect Device Service ( UnsignedFile.Multi.Generic ) - skipped by user

08:39:13.0734 1416 LeapFrog Connect Device Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:39:13.0734 1416 MHN ( UnsignedFile.Multi.Generic ) - skipped by user

08:39:13.0734 1416 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:39:13.0734 1416 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user

08:39:13.0734 1416 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:39:13.0734 1416 OMCI ( UnsignedFile.Multi.Generic ) - skipped by user

08:39:13.0734 1416 OMCI ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:39:13.0734 1416 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

08:39:13.0734 1416 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:39:13.0734 1416 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user

08:39:13.0734 1416 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:39:13.0734 1416 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user

08:39:13.0734 1416 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:39:13.0750 1416 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user

08:39:13.0750 1416 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:39:13.0750 1416 WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user

08:39:13.0750 1416 WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:39:13.0750 1416 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

08:39:13.0750 1416 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

08:39:21.0703 2628 ============================================================

08:39:21.0703 2628 Scan started

08:39:21.0703 2628 Mode: Manual; SigCheck; TDLFS;

08:39:21.0703 2628 ============================================================

08:39:21.0953 2628 Abiosdsk - ok

08:39:21.0968 2628 abp480n5 - ok

08:39:22.0031 2628 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

08:39:22.0234 2628 ACPI - ok

08:39:22.0281 2628 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

08:39:22.0484 2628 ACPIEC - ok

08:39:22.0484 2628 adpu160m - ok

08:39:22.0546 2628 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

08:39:22.0750 2628 aec - ok

08:39:22.0812 2628 AegisP (a1ad1a4a9f18d900ca9c93fa3efdcb56) C:\WINDOWS\system32\DRIVERS\AegisP.sys

08:39:22.0843 2628 AegisP - ok

08:39:22.0906 2628 AFD (f6b7b1ecd7b41736bdb6ff4b092bcb79) C:\WINDOWS\System32\drivers\afd.sys

08:39:22.0921 2628 AFD - ok

08:39:22.0937 2628 Aha154x - ok

08:39:22.0937 2628 aic78u2 - ok

08:39:22.0953 2628 aic78xx - ok

08:39:23.0000 2628 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

08:39:23.0171 2628 Alerter - ok

08:39:23.0203 2628 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

08:39:23.0390 2628 ALG - ok

08:39:23.0390 2628 AliIde - ok

08:39:23.0406 2628 amsint - ok

08:39:23.0562 2628 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

08:39:23.0578 2628 Apple Mobile Device - ok

08:39:23.0640 2628 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

08:39:23.0828 2628 AppMgmt - ok

08:39:23.0859 2628 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

08:39:24.0062 2628 Arp1394 - ok

08:39:24.0062 2628 asc - ok

08:39:24.0062 2628 asc3350p - ok

08:39:24.0078 2628 asc3550 - ok

08:39:24.0265 2628 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

08:39:24.0296 2628 aspnet_state - ok

08:39:24.0328 2628 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

08:39:24.0500 2628 AsyncMac - ok

08:39:24.0531 2628 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

08:39:24.0718 2628 atapi - ok

08:39:24.0718 2628 Atdisk - ok

08:39:24.0750 2628 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

08:39:24.0953 2628 Atmarpc - ok

08:39:25.0015 2628 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

08:39:25.0203 2628 AudioSrv - ok

08:39:25.0250 2628 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

08:39:25.0453 2628 audstub - ok

08:39:25.0515 2628 bcm4sbxp (cd4646067cc7dcba1907fa0acf7e3966) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys

08:39:25.0562 2628 bcm4sbxp - ok

08:39:25.0609 2628 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

08:39:25.0828 2628 Beep - ok

08:39:25.0890 2628 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

08:39:26.0125 2628 BITS - ok

08:39:26.0250 2628 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe

08:39:26.0281 2628 Bonjour Service - ok

08:39:26.0343 2628 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

08:39:26.0546 2628 Browser - ok

08:39:26.0546 2628 catchme - ok

08:39:26.0593 2628 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

08:39:26.0781 2628 cbidf2k - ok

08:39:26.0828 2628 CCALib8 (fc9005ee6aa8d4378582eb4c1f333a97) C:\Program Files\Canon\CAL\CALMAIN.exe

08:39:26.0859 2628 CCALib8 ( UnsignedFile.Multi.Generic ) - warning

08:39:26.0859 2628 CCALib8 - detected UnsignedFile.Multi.Generic (1)

08:39:26.0859 2628 cd20xrnt - ok

08:39:26.0921 2628 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

08:39:27.0125 2628 Cdaudio - ok

08:39:27.0187 2628 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

08:39:27.0359 2628 Cdfs - ok

08:39:27.0375 2628 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

08:39:27.0578 2628 Cdrom - ok

08:39:27.0609 2628 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys

08:39:27.0609 2628 cercsr6 ( UnsignedFile.Multi.Generic ) - warning

08:39:27.0609 2628 cercsr6 - detected UnsignedFile.Multi.Generic (1)

08:39:27.0625 2628 Changer - ok

08:39:27.0656 2628 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

08:39:27.0828 2628 CiSvc - ok

08:39:27.0843 2628 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

08:39:28.0031 2628 ClipSrv - ok

08:39:28.0406 2628 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

08:39:28.0437 2628 clr_optimization_v2.0.50727_32 - ok

08:39:28.0500 2628 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

08:39:28.0531 2628 clr_optimization_v4.0.30319_32 - ok

08:39:28.0578 2628 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

08:39:28.0765 2628 CmBatt - ok

08:39:28.0781 2628 CmdIde - ok

08:39:28.0781 2628 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

08:39:28.0968 2628 Compbatt - ok

08:39:28.0968 2628 COMSysApp - ok

08:39:28.0984 2628 Cpqarray - ok

08:39:29.0000 2628 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

08:39:29.0203 2628 CryptSvc - ok

08:39:29.0203 2628 dac2w2k - ok

08:39:29.0203 2628 dac960nt - ok

08:39:29.0281 2628 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

08:39:29.0343 2628 DcomLaunch - ok

08:39:29.0437 2628 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

08:39:29.0609 2628 Dhcp - ok

08:39:29.0671 2628 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

08:39:29.0875 2628 Disk - ok

08:39:29.0875 2628 dmadmin - ok

08:39:29.0937 2628 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

08:39:30.0140 2628 dmboot - ok

08:39:30.0171 2628 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

08:39:30.0343 2628 dmio - ok

08:39:30.0375 2628 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

08:39:30.0562 2628 dmload - ok

08:39:30.0609 2628 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

08:39:30.0812 2628 dmserver - ok

08:39:30.0859 2628 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

08:39:31.0031 2628 DMusic - ok

08:39:31.0078 2628 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

08:39:31.0156 2628 Dnscache - ok

08:39:31.0203 2628 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

08:39:31.0406 2628 Dot3svc - ok

08:39:31.0406 2628 dpti2o - ok

08:39:31.0437 2628 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

08:39:31.0609 2628 drmkaud - ok

08:39:31.0640 2628 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

08:39:31.0843 2628 EapHost - ok

08:39:31.0953 2628 ehRecvr (8301243bde5b6cd316d79c0191d50d9a) C:\WINDOWS\eHome\ehRecvr.exe

08:39:31.0984 2628 ehRecvr - ok

08:39:32.0046 2628 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe

08:39:32.0093 2628 ehSched - ok

08:39:32.0156 2628 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

08:39:32.0343 2628 ERSvc - ok

08:39:32.0390 2628 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

08:39:32.0453 2628 Eventlog - ok

08:39:32.0531 2628 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

08:39:32.0593 2628 EventSystem - ok

08:39:32.0781 2628 EvtEng (1caea4b1f293859c65be20221a4008d6) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

08:39:32.0843 2628 EvtEng ( UnsignedFile.Multi.Generic ) - warning

08:39:32.0843 2628 EvtEng - detected UnsignedFile.Multi.Generic (1)

08:39:32.0921 2628 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

08:39:33.0109 2628 Fastfat - ok

08:39:33.0171 2628 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

08:39:33.0203 2628 FastUserSwitchingCompatibility - ok

08:39:33.0218 2628 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

08:39:33.0390 2628 Fdc - ok

08:39:33.0421 2628 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

08:39:33.0609 2628 Fips - ok

08:39:33.0640 2628 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

08:39:33.0828 2628 Flpydisk - ok

08:39:33.0875 2628 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

08:39:34.0078 2628 FltMgr - ok

08:39:34.0109 2628 FlyUsb (8efa9bfc940d9eb9348d9dafb839fe25) C:\WINDOWS\system32\DRIVERS\FlyUsb.sys

08:39:34.0140 2628 FlyUsb - ok

08:39:34.0328 2628 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

08:39:34.0343 2628 FontCache3.0.0.0 - ok

08:39:34.0406 2628 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

08:39:34.0593 2628 Fs_Rec - ok

08:39:34.0625 2628 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

08:39:34.0828 2628 Ftdisk - ok

08:39:34.0875 2628 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

08:39:34.0906 2628 GEARAspiWDM - ok

08:39:34.0937 2628 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

08:39:35.0125 2628 Gpc - ok

08:39:35.0281 2628 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

08:39:35.0296 2628 gupdate - ok

08:39:35.0296 2628 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe

08:39:35.0328 2628 gupdatem - ok

08:39:35.0390 2628 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

08:39:35.0578 2628 HDAudBus - ok

08:39:35.0703 2628 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

08:39:35.0890 2628 helpsvc - ok

08:39:35.0890 2628 HidServ - ok

08:39:35.0937 2628 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

08:39:36.0125 2628 hkmsvc - ok

08:39:36.0187 2628 HP Port Resolver (58176988fba04153d35d7eb92825a14f) C:\WINDOWS\system32\hpbpro.exe

08:39:36.0218 2628 HP Port Resolver - ok

08:39:36.0281 2628 HP Status Server (b00044476f6d091922da76a086ecc15b) C:\WINDOWS\system32\hpboid.exe

08:39:36.0312 2628 HP Status Server - ok

08:39:36.0328 2628 hpn - ok

08:39:36.0390 2628 HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys

08:39:36.0421 2628 HSFHWAZL - ok

08:39:36.0500 2628 HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys

08:39:36.0593 2628 HSF_DPV - ok

08:39:36.0656 2628 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

08:39:36.0703 2628 HTTP - ok

08:39:36.0734 2628 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

08:39:36.0921 2628 HTTPFilter - ok

08:39:36.0921 2628 i2omgmt - ok

08:39:36.0921 2628 i2omp - ok

08:39:36.0984 2628 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

08:39:37.0171 2628 i8042prt - ok

08:39:37.0578 2628 ialm (bffa387180121df1e4646c4ced3e16ca) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

08:39:37.0937 2628 ialm - ok

08:39:38.0203 2628 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

08:39:38.0296 2628 idsvc - ok

08:39:38.0375 2628 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

08:39:38.0578 2628 Imapi - ok

08:39:38.0625 2628 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

08:39:38.0828 2628 ImapiService - ok

08:39:38.0828 2628 ini910u - ok

08:39:38.0843 2628 IntelIde - ok

08:39:38.0875 2628 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

08:39:39.0046 2628 intelppm - ok

08:39:39.0062 2628 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

08:39:39.0250 2628 Ip6Fw - ok

08:39:39.0281 2628 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

08:39:39.0484 2628 IpFilterDriver - ok

08:39:39.0531 2628 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

08:39:39.0703 2628 IpInIp - ok

08:39:39.0734 2628 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

08:39:39.0921 2628 IpNat - ok

08:39:40.0062 2628 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe

08:39:40.0109 2628 iPod Service - ok

08:39:40.0140 2628 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

08:39:40.0328 2628 IPSec - ok

08:39:40.0343 2628 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

08:39:40.0531 2628 IRENUM - ok

08:39:40.0593 2628 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

08:39:40.0781 2628 isapnp - ok

08:39:40.0890 2628 JavaQuickStarterService (f80e48e18340d49dcaaf48d2bfab6f25) C:\Program Files\Java\jre6\bin\jqs.exe

08:39:40.0890 2628 JavaQuickStarterService ( UnsignedFile.Multi.Generic ) - warning

08:39:40.0890 2628 JavaQuickStarterService - detected UnsignedFile.Multi.Generic (1)

08:39:40.0921 2628 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

08:39:41.0109 2628 Kbdclass - ok

08:39:41.0140 2628 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

08:39:41.0328 2628 kmixer - ok

08:39:41.0375 2628 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

08:39:41.0406 2628 KSecDD - ok

08:39:41.0468 2628 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

08:39:41.0500 2628 lanmanserver - ok

08:39:41.0578 2628 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

08:39:41.0609 2628 lanmanworkstation - ok

08:39:41.0609 2628 lbrtfdc - ok

08:39:41.0984 2628 LeapFrog Connect Device Service (f6642700e5f510c910e129f8b56b0f65) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

08:39:42.0234 2628 LeapFrog Connect Device Service ( UnsignedFile.Multi.Generic ) - warning

08:39:42.0234 2628 LeapFrog Connect Device Service - detected UnsignedFile.Multi.Generic (1)

08:39:42.0390 2628 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

08:39:42.0593 2628 LmHosts - ok

08:39:42.0687 2628 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe

08:39:42.0750 2628 McrdSvc - ok

08:39:42.0796 2628 mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

08:39:42.0843 2628 mdmxsdk - ok

08:39:42.0890 2628 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

08:39:43.0062 2628 Messenger - ok

08:39:43.0109 2628 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll

08:39:43.0140 2628 MHN ( UnsignedFile.Multi.Generic ) - warning

08:39:43.0140 2628 MHN - detected UnsignedFile.Multi.Generic (1)

08:39:43.0156 2628 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys

08:39:43.0171 2628 MHNDRV ( UnsignedFile.Multi.Generic ) - warning

08:39:43.0171 2628 MHNDRV - detected UnsignedFile.Multi.Generic (1)

08:39:43.0218 2628 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

08:39:43.0421 2628 mnmdd - ok

08:39:43.0453 2628 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

08:39:43.0625 2628 mnmsrvc - ok

08:39:43.0687 2628 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

08:39:43.0859 2628 Modem - ok

08:39:43.0875 2628 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

08:39:44.0062 2628 Mouclass - ok

08:39:44.0109 2628 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

08:39:44.0296 2628 MountMgr - ok

08:39:44.0296 2628 mraid35x - ok

08:39:44.0343 2628 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

08:39:44.0531 2628 MRxDAV - ok

08:39:44.0609 2628 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

08:39:44.0687 2628 MRxSmb - ok

08:39:44.0703 2628 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

08:39:44.0906 2628 MSDTC - ok

08:39:44.0937 2628 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

08:39:45.0125 2628 Msfs - ok

08:39:45.0125 2628 MSIServer - ok

08:39:45.0171 2628 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

08:39:45.0359 2628 MSKSSRV - ok

08:39:45.0375 2628 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

08:39:45.0546 2628 MSPCLOCK - ok

08:39:45.0578 2628 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

08:39:45.0781 2628 MSPQM - ok

08:39:45.0828 2628 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

08:39:46.0015 2628 mssmbios - ok

08:39:46.0046 2628 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

08:39:46.0078 2628 Mup - ok

08:39:46.0109 2628 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

08:39:46.0312 2628 napagent - ok

08:39:46.0343 2628 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

08:39:46.0531 2628 NDIS - ok

08:39:46.0593 2628 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

08:39:46.0625 2628 NdisTapi - ok

08:39:46.0640 2628 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

08:39:46.0828 2628 Ndisuio - ok

08:39:46.0890 2628 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

08:39:47.0078 2628 NdisWan - ok

08:39:47.0109 2628 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

08:39:47.0125 2628 NDProxy - ok

08:39:47.0140 2628 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

08:39:47.0328 2628 NetBIOS - ok

08:39:47.0359 2628 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

08:39:47.0531 2628 NetBT - ok

08:39:47.0578 2628 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

08:39:47.0750 2628 NetDDE - ok

08:39:47.0750 2628 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

08:39:47.0937 2628 NetDDEdsdm - ok

08:39:48.0000 2628 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

08:39:48.0171 2628 Netlogon - ok

08:39:48.0234 2628 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

08:39:48.0437 2628 Netman - ok

08:39:48.0593 2628 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

08:39:48.0609 2628 NetTcpPortSharing - ok

08:39:48.0796 2628 NETw4x32 (b5ab1108b377b5f3d37409fabda01453) C:\WINDOWS\system32\DRIVERS\NETw4x32.sys

08:39:48.0937 2628 NETw4x32 - ok

08:39:49.0109 2628 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

08:39:49.0296 2628 NIC1394 - ok

08:39:49.0359 2628 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

08:39:49.0421 2628 Nla - ok

08:39:49.0421 2628 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

08:39:49.0625 2628 Npfs - ok

08:39:49.0687 2628 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

08:39:49.0906 2628 Ntfs - ok

08:39:49.0953 2628 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

08:39:50.0140 2628 NtLmSsp - ok

08:39:50.0218 2628 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

08:39:50.0437 2628 NtmsSvc - ok

08:39:50.0468 2628 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

08:39:50.0687 2628 Null - ok

08:39:50.0734 2628 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

08:39:50.0937 2628 NwlnkFlt - ok

08:39:50.0953 2628 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

08:39:51.0156 2628 NwlnkFwd - ok

08:39:51.0187 2628 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

08:39:51.0359 2628 ohci1394 - ok

08:39:51.0390 2628 OMCI (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS

08:39:51.0390 2628 OMCI ( UnsignedFile.Multi.Generic ) - warning

08:39:51.0390 2628 OMCI - detected UnsignedFile.Multi.Generic (1)

08:39:51.0421 2628 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys

08:39:51.0609 2628 Parport - ok

08:39:51.0625 2628 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

08:39:51.0812 2628 PartMgr - ok

08:39:51.0843 2628 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

08:39:52.0046 2628 ParVdm - ok

08:39:52.0062 2628 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

08:39:52.0234 2628 PCI - ok

08:39:52.0234 2628 PCIDump - ok

08:39:52.0296 2628 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

08:39:52.0484 2628 PCIIde - ok

08:39:52.0515 2628 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

08:39:52.0687 2628 Pcmcia - ok

08:39:52.0687 2628 PDCOMP - ok

08:39:52.0703 2628 PDFRAME - ok

08:39:52.0703 2628 PDRELI - ok

08:39:52.0718 2628 PDRFRAME - ok

08:39:52.0718 2628 perc2 - ok

08:39:52.0718 2628 perc2hib - ok

08:39:52.0796 2628 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

08:39:52.0843 2628 PlugPlay - ok

08:39:52.0906 2628 Pml Driver HPZ12 (767adb72f52b5abf96f5490fd023fd6e) C:\WINDOWS\system32\HPZipm12.exe

08:39:52.0906 2628 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

08:39:52.0906 2628 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

08:39:52.0906 2628 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

08:39:53.0078 2628 PolicyAgent - ok

08:39:53.0093 2628 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

08:39:53.0296 2628 PptpMiniport - ok

08:39:53.0296 2628 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

08:39:53.0468 2628 ProtectedStorage - ok

08:39:53.0500 2628 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

08:39:53.0703 2628 PSched - ok

08:39:53.0750 2628 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

08:39:53.0953 2628 Ptilink - ok

08:39:53.0984 2628 PxHelp20 (617accada2e0a0f43ec6030bbac49513) C:\WINDOWS\system32\Drivers\PxHelp20.sys

08:39:54.0031 2628 PxHelp20 - ok

08:39:54.0046 2628 ql1080 - ok

08:39:54.0046 2628 Ql10wnt - ok

08:39:54.0046 2628 ql12160 - ok

08:39:54.0062 2628 ql1240 - ok

08:39:54.0062 2628 ql1280 - ok

08:39:54.0093 2628 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

08:39:54.0281 2628 RasAcd - ok

08:39:54.0328 2628 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

08:39:54.0500 2628 RasAuto - ok

08:39:54.0531 2628 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

08:39:54.0734 2628 Rasl2tp - ok

08:39:54.0781 2628 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

08:39:54.0968 2628 RasMan - ok

08:39:54.0984 2628 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

08:39:55.0171 2628 RasPppoe - ok

08:39:55.0203 2628 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

08:39:55.0375 2628 Raspti - ok

08:39:55.0390 2628 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

08:39:55.0593 2628 Rdbss - ok

08:39:55.0593 2628 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

08:39:55.0796 2628 RDPCDD - ok

08:39:55.0843 2628 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

08:39:56.0031 2628 rdpdr - ok

08:39:56.0078 2628 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys

08:39:56.0125 2628 RDPWD - ok

08:39:56.0171 2628 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

08:39:56.0343 2628 RDSessMgr - ok

08:39:56.0375 2628 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

08:39:56.0546 2628 redbook - ok

08:39:56.0687 2628 RegSrvc (c86f2f4cd3664572511a70eaecadd7a0) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

08:39:56.0718 2628 RegSrvc ( UnsignedFile.Multi.Generic ) - warning

08:39:56.0718 2628 RegSrvc - detected UnsignedFile.Multi.Generic (1)

08:39:56.0750 2628 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

08:39:56.0953 2628 RemoteAccess - ok

08:39:57.0000 2628 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

08:39:57.0203 2628 RemoteRegistry - ok

08:39:57.0250 2628 rimmptsk (d85e3fa9f5b1f29bb4ed185c450d1470) C:\WINDOWS\system32\DRIVERS\rimmptsk.sys

08:39:57.0281 2628 rimmptsk - ok

08:39:57.0343 2628 rimsptsk (db8eb01c58c9fada00c70b1775278ae0) C:\WINDOWS\system32\DRIVERS\rimsptsk.sys

08:39:57.0390 2628 rimsptsk - ok

08:39:57.0421 2628 rismxdp (6c1f93c0760c9f79a1869d07233df39d) C:\WINDOWS\system32\DRIVERS\rixdptsk.sys

08:39:57.0453 2628 rismxdp - ok

08:39:57.0515 2628 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

08:39:57.0687 2628 RpcLocator - ok

08:39:57.0750 2628 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll

08:39:57.0812 2628 RpcSs - ok

08:39:57.0859 2628 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

08:39:58.0046 2628 RSVP - ok

08:39:58.0125 2628 S24EventMonitor (7b6967e16fa10676e9e23017b80ab749) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

08:39:58.0187 2628 S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning

08:39:58.0187 2628 S24EventMonitor - detected UnsignedFile.Multi.Generic (1)

08:39:58.0218 2628 s24trans (eadfb87f911a7a75d1b80617f92901e8) C:\WINDOWS\system32\DRIVERS\s24trans.sys

08:39:58.0234 2628 s24trans ( UnsignedFile.Multi.Generic ) - warning

08:39:58.0234 2628 s24trans - detected UnsignedFile.Multi.Generic (1)

08:39:58.0281 2628 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

08:39:58.0468 2628 SamSs - ok

08:39:58.0515 2628 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

08:39:58.0703 2628 SCardSvr - ok

08:39:58.0765 2628 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

08:39:58.0968 2628 Schedule - ok

08:39:59.0015 2628 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys

08:39:59.0218 2628 sdbus - ok

08:39:59.0265 2628 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

08:39:59.0437 2628 Secdrv - ok

08:39:59.0484 2628 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

08:39:59.0671 2628 seclogon - ok

08:39:59.0703 2628 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

08:39:59.0890 2628 SENS - ok

08:39:59.0921 2628 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

08:40:00.0109 2628 Serial - ok

08:40:00.0156 2628 sffdisk (0fa803c64df0914b41f807ea276bf2a6) C:\WINDOWS\system32\DRIVERS\sffdisk.sys

08:40:00.0343 2628 sffdisk - ok

08:40:00.0375 2628 sffp_sd (c17c331e435ed8737525c86a7557b3ac) C:\WINDOWS\system32\DRIVERS\sffp_sd.sys

08:40:00.0562 2628 sffp_sd - ok

08:40:00.0593 2628 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

08:40:00.0765 2628 Sfloppy - ok

08:40:00.0906 2628 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

08:40:01.0140 2628 SharedAccess - ok

08:40:01.0187 2628 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

08:40:01.0218 2628 ShellHWDetection - ok

08:40:01.0218 2628 Simbad - ok

08:40:01.0234 2628 Sparrow - ok

08:40:01.0250 2628 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

08:40:01.0437 2628 splitter - ok

08:40:01.0500 2628 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

08:40:01.0531 2628 Spooler - ok

08:40:01.0562 2628 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

08:40:01.0734 2628 sr - ok

08:40:01.0812 2628 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

08:40:01.0984 2628 srservice - ok

08:40:02.0046 2628 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

08:40:02.0078 2628 Srv - ok

08:40:02.0125 2628 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

08:40:02.0328 2628 SSDPSRV - ok

08:40:02.0453 2628 STHDA (951801dfb54d86f611f0af47825476f9) C:\WINDOWS\system32\drivers\sthda.sys

08:40:02.0562 2628 STHDA - ok

08:40:02.0625 2628 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

08:40:02.0812 2628 stisvc - ok

08:40:02.0890 2628 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

08:40:03.0078 2628 swenum - ok

08:40:03.0093 2628 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

08:40:03.0296 2628 swmidi - ok

08:40:03.0296 2628 SwPrv - ok

08:40:03.0312 2628 symc810 - ok

08:40:03.0312 2628 symc8xx - ok

08:40:03.0312 2628 sym_hi - ok

08:40:03.0328 2628 sym_u3 - ok

08:40:03.0375 2628 SynTP (6bef3acd6ee22eec55b68699e8aace09) C:\WINDOWS\system32\DRIVERS\SynTP.sys

08:40:03.0406 2628 SynTP - ok

08:40:03.0468 2628 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

08:40:03.0656 2628 sysaudio - ok

08:40:03.0687 2628 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

08:40:03.0859 2628 SysmonLog - ok

08:40:03.0906 2628 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

08:40:04.0078 2628 TapiSrv - ok

08:40:04.0140 2628 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

08:40:04.0250 2628 Tcpip - ok

08:40:04.0281 2628 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

08:40:04.0468 2628 TDPIPE - ok

08:40:04.0484 2628 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

08:40:04.0687 2628 TDTCP - ok

08:40:04.0718 2628 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

08:40:04.0906 2628 TermDD - ok

08:40:04.0937 2628 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

08:40:05.0140 2628 TermService - ok

08:40:05.0187 2628 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

08:40:05.0218 2628 Themes - ok

08:40:05.0265 2628 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe

08:40:05.0453 2628 TlntSvr - ok

08:40:05.0453 2628 TosIde - ok

08:40:05.0515 2628 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

08:40:05.0718 2628 TrkWks - ok

08:40:05.0750 2628 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

08:40:05.0953 2628 Udfs - ok

08:40:05.0953 2628 ultra - ok

08:40:05.0984 2628 UMWdf (9651e5d850b6f6bd7c77c70aa06f02bf) C:\WINDOWS\system32\wdfmgr.exe

08:40:06.0062 2628 UMWdf - ok

08:40:06.0125 2628 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

08:40:06.0312 2628 Update - ok

08:40:06.0343 2628 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

08:40:06.0531 2628 upnphost - ok

08:40:06.0562 2628 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

08:40:06.0750 2628 UPS - ok

08:40:06.0812 2628 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys

08:40:06.0843 2628 USBAAPL - ok

08:40:06.0890 2628 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

08:40:07.0078 2628 usbehci - ok

08:40:07.0125 2628 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

08:40:07.0296 2628 usbhub - ok

08:40:07.0328 2628 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

08:40:07.0531 2628 usbscan - ok

08:40:07.0562 2628 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

08:40:07.0859 2628 USBSTOR - ok

08:40:07.0937 2628 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

08:40:08.0187 2628 usbuhci - ok

08:40:08.0218 2628 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

08:40:08.0484 2628 VgaSave - ok

08:40:08.0500 2628 ViaIde - ok

08:40:08.0531 2628 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

08:40:08.0781 2628 VolSnap - ok

08:40:08.0859 2628 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

08:40:09.0125 2628 VSS - ok

08:40:09.0187 2628 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

08:40:09.0468 2628 W32Time - ok

08:40:09.0515 2628 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

08:40:09.0781 2628 Wanarp - ok

08:40:09.0875 2628 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys

08:40:09.0937 2628 Wdf01000 - ok

08:40:09.0953 2628 WDICA - ok

08:40:09.0984 2628 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

08:40:10.0250 2628 wdmaud - ok

08:40:10.0312 2628 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

08:40:10.0593 2628 WebClient - ok

08:40:10.0687 2628 winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

08:40:10.0781 2628 winachsf - ok

08:40:10.0906 2628 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

08:40:11.0171 2628 winmgmt - ok

08:40:11.0359 2628 WLANKEEPER (4db3ba8de1ef86fdac9729b5122953d5) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

08:40:11.0375 2628 WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning

08:40:11.0375 2628 WLANKEEPER - detected UnsignedFile.Multi.Generic (1)

08:40:11.0437 2628 WmdmPmSN (b9715b9c18bc6c8f4b66733d208cc9f7) C:\WINDOWS\system32\MsPMSNSv.dll

08:40:11.0531 2628 WmdmPmSN - ok

08:40:11.0640 2628 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll

08:40:11.0781 2628 Wmi - ok

08:40:11.0812 2628 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

08:40:12.0078 2628 WmiApSrv - ok

08:40:12.0312 2628 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

08:40:12.0390 2628 WPFFontCache_v0400 - ok

08:40:12.0468 2628 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

08:40:12.0750 2628 wscsvc - ok

08:40:12.0781 2628 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

08:40:13.0078 2628 wuauserv - ok

08:40:13.0171 2628 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

08:40:13.0484 2628 WZCSVC - ok

08:40:13.0515 2628 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

08:40:13.0781 2628 xmlprov - ok

08:40:13.0828 2628 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

08:40:14.0937 2628 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

08:40:14.0937 2628 \Device\Harddisk0\DR0 - detected TDSS File System (1)

08:40:14.0953 2628 Boot (0x1200) (cc81cc372206f3fb6fec00ab7076a14e) \Device\Harddisk0\DR0\Partition0

08:40:14.0953 2628 \Device\Harddisk0\DR0\Partition0 - ok

08:40:14.0953 2628 ============================================================

08:40:14.0953 2628 Scan finished

08:40:14.0953 2628 ============================================================

08:40:14.0968 4004 Detected object count: 14

08:40:14.0968 4004 Actual detected object count: 14

08:41:00.0343 4004 CCALib8 ( UnsignedFile.Multi.Generic ) - skipped by user

08:41:00.0343 4004 CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:41:00.0343 4004 cercsr6 ( UnsignedFile.Multi.Generic ) - skipped by user

08:41:00.0343 4004 cercsr6 ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:41:00.0359 4004 EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user

08:41:00.0359 4004 EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:41:00.0359 4004 JavaQuickStarterService ( UnsignedFile.Multi.Generic ) - skipped by user

08:41:00.0359 4004 JavaQuickStarterService ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:41:00.0359 4004 LeapFrog Connect Device Service ( UnsignedFile.Multi.Generic ) - skipped by user

08:41:00.0359 4004 LeapFrog Connect Device Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:41:00.0359 4004 MHN ( UnsignedFile.Multi.Generic ) - skipped by user

08:41:00.0359 4004 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:41:00.0359 4004 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user

08:41:00.0359 4004 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:41:00.0359 4004 OMCI ( UnsignedFile.Multi.Generic ) - skipped by user

08:41:00.0359 4004 OMCI ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:41:00.0359 4004 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

08:41:00.0359 4004 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:41:00.0359 4004 RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user

08:41:00.0359 4004 RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:41:00.0375 4004 S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user

08:41:00.0375 4004 S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:41:00.0375 4004 s24trans ( UnsignedFile.Multi.Generic ) - skipped by user

08:41:00.0375 4004 s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:41:00.0375 4004 WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user

08:41:00.0375 4004 WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip

08:41:00.0375 4004 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

08:41:00.0375 4004 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

[MrCharlie]

Run TDSSKiller again and just Delete this one:

08:41:00.0375 4004 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

08:41:00.0375 4004 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

--------------------------------------

Then.................

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

[mikegug7]

ComboFix Log was too large to paste as text. Attached the file instead.

ComboFix.txt

[MrCharlie]

I'm not seeing too much...please do this:

Download TFC to your desktop

Close any open windows.

Double click the TFC icon to run the program

TFC will close all open programs itself in order to run,

Click the Start button to begin the process.

Allow TFC to run uninterrupted.

The program should not take long to finish it's job

Once its finished it should automatically reboot your machine,

if it doesn't, manually reboot to ensure a complete clean

------------------------------------

Then......

Please Update and run a Quick Scan with MBAM, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

[mikegug7]

Ran TFC and rebooted. Updated MWB and scanned. Nothing was found. Log is below.

Still getting redirects through Google and Bing in Chrome, but I after clicking through 10-15 links in IE, everything looks fine. Could be it be specifically targeting Chrome?

Malwarebytes Anti-Malware 1.62.0.1300

www.malwarebytes.org

Database version: v2012.07.28.06

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Sara-Belle :: SARA-594D193752 [administrator]

7/28/2012 10:36:03 AM

mbam-log-2012-07-28 (10-36-03).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 202512

Time elapsed: 7 minute(s),

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[MrCharlie]

I just helped someone with the same problem, try this with Chrome.....

On Chrome you have to manually change it.

First check for any odd extensions or plugins:

type the following into the address box and hit Enter:

chrome:plugins

Do the same for:

chrome:extensions

---------------------------

Then look at this link (it's for a different infection but the way to change Chromes settings is the same)

http://deletemalware...tall-guide.html

Let me know, MrC

[mikegug7]

Looked at Chrome:extensions and and chrome:plugins. Didn't see anything out of the ordinary. Decided to try uninstalling and re-installing Chrome. Looks like it did the trick! Thanks MrC! Any additional scans you want me to run?

[MrCharlie]

Great, sometimes that's what has to be done.

You're all set to go.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!