Jump to content

Mbam.exe stops after a few seconds


Recommended Posts

Hello ~ I am new and hope that you can help me. I can usually clean up my system but have come across something new. I see that a few others are having the same issue.

I have installed, uninstalled and reintalled Malwarebytes but after running a couple of seconds it shuts down and I get "Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item."

I AVG for my anti virus and cannot even get it to run. I have tried to do the steps in the pinned topics, but they will run for a short while.

Thanks in advance for any and all help.

Katie

Link to post
Share on other sites

Forgot to add that I am running in Safe Mode, because if I don't I can't get anywhere.

Hello ~ I am new and hope that you can help me. I can usually clean up my system but have come across something new. I see that a few others are having the same issue.

I have installed, uninstalled and reintalled Malwarebytes but after running a couple of seconds it shuts down and I get "Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item."

I AVG for my anti virus and cannot even get it to run. I have tried to do the steps in the pinned topics, but they will run for a short while.

Thanks in advance for any and all help.

Katie

Link to post
Share on other sites

Able to run GMER, but uable to save the logfile.

DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK

Internet Explorer: 9.0.8112.16421

Run by Susan at 18:46:18 on 2011-10-01

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3062.2370 [GMT -5:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\SYSTEM32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\3410614825:3592795700.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\Explorer.EXE

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page =

uStart Page = hxxp://www.yahoo.com/

uSearch Bar =

mStart Page = hxxp://en.us.acer.yahoo.com

mDefault_Page_URL = hxxp://en.us.acer.yahoo.com

uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn0\YTNavAssist.dll

mURLSearchHooks: H - No File

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll

BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll

BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File

BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll

BHO: BrowserHelper Class: {8a9d74f9-560b-4fe7-abeb-3b2e638e5cd6} - c:\program files\sgpsa\SearchAssistant.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll

TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [ZIBBrzONx0v2b3n8234A] c:\users\susan\appdata\roaming\yvss2obf3mg5q6w\Y8ffRL9hTqjUe.exe

uRun: [installIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [synTPStart] c:\program files\synaptics\syntp\SynTPStart.exe

mRun: [bisonInst0402] c:\windows\BR040286.exe

mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"

mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"

mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\x86\eDSloader.exe

mRun: [LManager] c:\progra~1\launch~1\LManager.exe

mRun: [eRecoveryService]

mRun: [Acer Assist Launcher] c:\program files\acer\acer assist\launcher.exe

mRun: [Acer Product Registration] "c:\program files\acer\acer registration\ACE1.exe" /startup

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [skytel] Skytel.exe

mRun: [FBSSA] c:\program files\sgpsa\ie3sh.exe

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [Windows Mobile-based device management] %WINDIR%\WindowsMobile\wmdcBase.exe

mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume

mRun: [Reader Library Launcher] c:\program files\sony\reader\data\bin\launcher\Reader Library Launcher.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

StartupFolder: c:\users\susan\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll

IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

LSP: mswsock.dll

DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA499} - hxxps://setup.bellsouth.net/wizlet/PWReset/static/controls/WebflowActiveXInstaller_6-1-2.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 24.177.176.38 97.81.22.195 24.178.162.3

TCP: Interfaces\{650B49CC-5E86-45BC-96CE-D1BC12B978B1} : DhcpNameServer = 24.177.176.38 97.81.22.195 24.178.162.3

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

Notify: igfxcui - igfxdev.dll

.

============= SERVICES / DRIVERS ===============

.

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2007-7-22 180736]

R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]

S2 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2009-11-7 464264]

S2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-11-7 234888]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 FileOpenManagerSvc;FileOpenManagerSvc;c:\programdata\fileopen\services\FileOpenManagerSvc32.exe [2011-3-9 212352]

S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-23 135664]

S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-4-22 92592]

S2 UniversalCommunicationServer;Universal Communication Server;"c:\program files\bernina\ucs\universalcommunicationserver.exe" --> c:\program files\bernina\ucs\UniversalCommunicationServer.exe [?]

S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-23 135664]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-10-01 22:01:22 -------- d--h--w- c:\programdata\Common Files

2011-10-01 21:55:13 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-01 21:52:07 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{7fd29e97-27ed-4912-879e-ce09daa95d00}\offreg.dll

2011-10-01 21:44:21 -------- d-----w- c:\users\susan\appdata\roaming\Malwarebytes

2011-10-01 21:44:17 -------- d-----w- c:\programdata\Malwarebytes

2011-10-01 21:44:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-10-01 21:39:21 -------- d-----w- c:\users\susan\appdata\roaming\jrrNtxxA0uc2i

2011-10-01 21:39:21 -------- d-----w- c:\users\susan\appdata\roaming\bbF3pnG5aHd

2011-10-01 21:36:49 -------- d-----w- c:\users\susan\appdata\roaming\OonG4amH6W7E8Tq

2011-10-01 21:36:49 -------- d-----w- c:\users\susan\appdata\roaming\fCwkIVrlOtPuSiD

2011-10-01 21:31:18 2417664 ----a-w- c:\users\susan\appdata\roaming\wmplayer.exe

2011-10-01 21:30:40 -------- d-----w- c:\users\susan\appdata\roaming\ByxA1uvS2b3m5Q6

2011-10-01 21:30:39 -------- d-----w- c:\users\susan\appdata\roaming\p4G5sQJ6E8R9Tez

2011-10-01 01:02:27 -------- d-----w- c:\users\susan\appdata\roaming\oonF4amH5W7E8Rq

2011-10-01 01:02:26 -------- d-----w- c:\users\susan\appdata\roaming\pibD3nG4aHsKfqY

2011-10-01 00:55:52 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{7fd29e97-27ed-4912-879e-ce09daa95d00}\mpengine.dll

2011-10-01 00:49:17 -------- d-----w- c:\users\susan\appdata\roaming\OekIBrzONx

2011-10-01 00:49:16 -------- d-----w- c:\users\susan\appdata\roaming\I2obF4mG5Q6E

2011-09-30 00:30:36 2417664 ----a-w- c:\users\susan\appdata\roaming\java.exe

2011-09-30 00:13:53 2417664 ----a-w- c:\users\susan\appdata\roaming\iexplore.exe

2011-09-30 00:10:36 -------- d-----w- c:\users\susan\appdata\roaming\O8fL9qjUkBOyAuS

2011-09-30 00:10:35 -------- d-----w- c:\users\susan\appdata\roaming\lhTXweBrzNxu

2011-09-30 00:00:51 -------- d-----w- c:\users\susan\appdata\roaming\SG4aQH6sW7E9TqY

2011-09-30 00:00:51 -------- d-----w- c:\users\susan\appdata\roaming\nXqjYCekIrNx0c2

2011-09-29 23:55:02 -------- d-----w- c:\users\susan\appdata\roaming\ZTZqhYCwkVlBx0c

2011-09-29 23:55:02 -------- d-----w- c:\users\susan\appdata\roaming\h1ivD3onFaHs

2011-09-29 20:18:04 -------- d-----w- c:\users\susan\appdata\roaming\HdEK8fRZ9TwUeI

2011-09-29 20:18:04 -------- d-----w- c:\users\susan\appdata\roaming\FzPNycA1uDoFpGs

2011-09-29 20:07:26 -------- d-----w- c:\users\susan\appdata\roaming\R9hTXqjUCkBzNx0

2011-09-29 20:07:26 -------- d-----w- c:\users\susan\appdata\roaming\qvS2ibF3pGaHdKf

2011-09-29 20:07:15 -------- d-----w- c:\users\susan\appdata\roaming\yvSS2obF3mG5Q6W

2011-09-29 20:07:14 -------- d-----w- c:\users\susan\appdata\roaming\jsQQJ6dEKfRZh

2011-09-17 13:39:58 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

2011-09-05 13:26:14 -------- d-----w- c:\users\susan\appdata\roaming\FileOpen

2011-09-05 13:21:29 -------- d-----w- c:\program files\FileOpen

2011-09-05 13:21:28 -------- d-----w- c:\programdata\FileOpen

.

==================== Find3M ====================

.

2011-08-10 09:43:56 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-22 02:54:43 1797632 ----a-w- c:\windows\system32\jscript9.dll

2011-07-22 02:48:26 1126912 ----a-w- c:\windows\system32\wininet.dll

2011-07-22 02:44:36 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-07-11 13:25:35 2048 ----a-w- c:\windows\system32\tzres.dll

2011-07-06 15:31:47 214016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys

.

=========

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 6/6/2008 11:52:21 PM

System Uptime: 10/1/2011 4:49:38 PM (2 hours ago)

.

Motherboard: Acer | | Columbia

Processor: Intel® Core2 Duo CPU T5550 @ 1.83GHz | U2E1 | 1828/166mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 112 GiB total, 71.144 GiB free.

D: is FIXED (NTFS) - 112 GiB total, 111.379 GiB free.

E: is CDROM ()

F: is Removable

G: is CDROM (CDFS)

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}

Description: Microsoft ISATAP Adapter

Device ID: ROOT\*ISATAP\0004

Manufacturer: Microsoft

Name: Microsoft ISATAP Adapter #5

PNP Device ID: ROOT\*ISATAP\0004

Service: tunnel

.

==== System Restore Points ===================

.

RP758: 9/29/2011 2:38:44 PM - Windows Update

RP759: 9/30/2011 7:55:33 PM - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

2007 Microsoft Office system

32 Bit HP CIO Components Installer

Acer Assist

Acer Crystal Eye

Acer Crystal Eye Webcam

Acer eDataSecurity Management

Acer eLock Management

Acer Empowering Technology

Acer eNet Management

Acer ePower Management

Acer ePresentation Management

Acer eSettings Management

Acer GridVista

Acer Mobility Center Plug-In

Acer Registration

Acer ScreenSaver

Activation Assistant for the 2007 Microsoft Office suites

Adobe AIR

Adobe Digital Editions

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 8.1.3

AIO_Scan

ATT-PRT22

Belarc Advisor 7.2

Bing Bar

Bing Rewards Client Installer

Broadcom Gigabit Integrated Controller

BufferChm

Business Contact Manager for Outlook 2007 SP2

C4380

C4380_doccd

C4380_Help

CCScore

Copy

CustomerResearchQFolder

Destination Component

DeviceDiscovery

DeviceManagementQFolder

DocProc

DocProcQFolder

Embroidery Software

ESSBrwr

ESSCDBK

ESScore

ESSgui

ESSini

ESSPCD

ESSPDock

ESSTOOLS

essvatgt

eSupportQFolder

Fax

fflink

FileOpen Client

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

HDAUDIO Soft Data Fax Modem with SmartCP

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Customer Participation Program 9.0

HP Imaging Device Functions 9.0

HP OCR Software 9.0

HP Photosmart All-In-One Software 9.0

HP Photosmart Essential 2.01

HP Photosmart Essential2.01

HP Smart Web Printing

HP Solution Center 9.0

HP Update

HPProductAssistant

HPSSupply

InstallIQ Updater

Intel PROSet Wireless

Intel® Graphics Media Accelerator Driver

Intel® PROSet/Wireless WiFi Software

Java Auto Updater

Java 6 Update 26

Kodak EasyShare software

Launch Manager

LightScribe 1.4.142.1

Malwarebytes' Anti-Malware version 1.51.2.1300

MarketResearch

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2416447)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Default Manager

Microsoft Office 2003 Web Components

Microsoft Office 2007 Primary Interop Assemblies

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional Hybrid 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Small Business Connectivity Components

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft SQL Server 2005

Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)

Microsoft SQL Server Native Client

Microsoft SQL Server Setup Support Files (English)

Microsoft SQL Server VSS Writer

Microsoft UI Engine

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Mobile Broadband Drivers

MobileMe Control Panel

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXMLInstaller

netbrdg

NTI Backup NOW! 4.7

NTI CD & DVD-Maker

NTI Shadow

OfotoXMI

OGA Notifier 2.0.0048.0

PanoStandAlone

PowerDVD

PRS-500 USB driver

PS_AIO_02_ProductContext

PS_AIO_02_Software

PS_AIO_02_Software_min

PSSWCORE

Reader Library by Sony

Realtek High Definition Audio Driver

Scan

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2553074)

Security Update for 2007 Microsoft Office System (KB2553089)

Security Update for 2007 Microsoft Office System (KB2553090)

Security Update for 2007 Microsoft Office System (KB2584063)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2553073)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

SFR

SHASTA

skin0001

SKINXSDK

SolutionCenter

Spelling Dictionaries Support For Adobe Reader 8

staticcr

Status

Synaptics Pointing Device Driver

Texas Instruments PCIxx21/x515/xx12 drivers.

TIPCI

TomTom HOME 2.8.2.2264

TomTom HOME Visual Studio Merge Modules

Toolbox

TrayApp

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office Access 2007 Help (KB963663)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Outlook 2007 (KB2583910)

Update for Microsoft Office Outlook 2007 Help (KB963677)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Publisher 2007 Help (KB963667)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Update for Outlook 2007 Junk Email Filter (KB2553110)

VideoBuzz

VideoToolkit01

VPRINTOL

Vuze Toolbar

WebReg

WIRELESS

Yahoo! BrowserPlus 2.9.8

Yahoo! Software Update

Yahoo! Toolbar

YouTube Downloader 3.0

.

==== Event Viewer Messages From Past Week ========

.

9/30/2011 8:00:57 PM, Error: EventLog [6008] - The previous system shutdown at 7:58:06 PM on 9/30/2011 was unexpected.

9/29/2011 2:39:50 PM, Error: volsnap [20] - The shadow copies of volume C: were aborted because of a failed free space computation.

9/24/2011 7:08:36 PM, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{650B49CC-5E86-45BC-96CE-D1BC12B978B1} because another computer on the network has the same name. The server could not start.

9/24/2011 7:08:36 PM, Error: netbt [4321] - The name "SUSAN-PC :20" could not be registered on the interface with IP address 10.0.0.2. The computer with the IP address 10.0.0.19 did not allow the name to be claimed by this computer.

9/24/2011 7:08:36 PM, Error: netbt [4321] - The name "SUSAN-PC :0" could not be registered on the interface with IP address 10.0.0.2. The computer with the IP address 10.0.0.19 did not allow the name to be claimed by this computer.

10/1/2011 5:01:41 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

10/1/2011 4:52:21 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

10/1/2011 4:52:02 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: spldr Wanarpv6

10/1/2011 4:52:02 PM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: Cannot create a file when that file already exists.

10/1/2011 4:52:02 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

10/1/2011 4:52:02 PM, Error: Service Control Manager [7000] - The Windows Firewall Authorization Driver service failed to start due to the following error: Cannot create a file when that file already exists.

10/1/2011 4:51:41 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\System32\IWMSSvc.dll Error Code: 21

10/1/2011 4:51:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

10/1/2011 4:51:33 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}

10/1/2011 4:51:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

10/1/2011 4:51:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

10/1/2011 4:45:00 PM, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 10.0.0.2 for the Network Card with network address 001CBF9B1894 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).

10/1/2011 4:38:57 PM, Error: Service Control Manager [7000] - The Universal Communication Server service failed to start due to the following error: The system cannot find the file specified.

10/1/2011 4:38:57 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, download DDS by sUBs and save it to your Desktop.

Double-click on the DDS icon and let the scan run. When it has run two logs will be produced, please post only DDS.txt directly into your reply.

-screen317

Link to post
Share on other sites

Hello screen317 ~ Thank you for your help.

Here is the TDSSKiller log:

17:35:52.0102 1048 TDSS rootkit removing tool 2.6.5.0 Oct 5 2011 20:52:46

17:35:52.0632 1048 ============================================================

17:35:52.0632 1048 Current date / time: 2011/10/05 17:35:52.0632

17:35:52.0632 1048 SystemInfo:

17:35:52.0632 1048

17:35:52.0632 1048 OS Version: 6.0.6002 ServicePack: 2.0

17:35:52.0632 1048 Product type: Workstation

17:35:52.0632 1048 ComputerName: SUSAN-PC

17:35:52.0632 1048 UserName: Susan

17:35:52.0632 1048 Windows directory: C:\Windows

17:35:52.0632 1048 System windows directory: C:\Windows

17:35:52.0632 1048 Processor architecture: Intel x86

17:35:52.0632 1048 Number of processors: 2

17:35:52.0632 1048 Page size: 0x1000

17:35:52.0632 1048 Boot type: Safe boot with network

17:35:52.0632 1048 ============================================================

17:35:53.0802 1048 Initialize success

17:35:55.0908 1372 ============================================================

17:35:55.0908 1372 Scan started

17:35:55.0908 1372 Mode: Manual;

17:35:55.0908 1372 ============================================================

17:35:56.0969 1372 29da49cb (9bf9283937db72d812772b34c08ac90e) C:\Windows\3410614825:3592795700.exe

17:35:56.0969 1372 Suspicious file (Hidden): C:\Windows\3410614825:3592795700.exe. md5: 9bf9283937db72d812772b34c08ac90e

17:35:56.0969 1372 29da49cb ( HiddenFile.Multi.Generic ) - warning

17:35:56.0969 1372 29da49cb - detected HiddenFile.Multi.Generic (1)

17:35:57.0094 1372 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

17:35:57.0094 1372 ACPI - ok

17:35:57.0141 1372 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

17:35:57.0141 1372 adp94xx - ok

17:35:57.0187 1372 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

17:35:57.0187 1372 adpahci - ok

17:35:57.0219 1372 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

17:35:57.0219 1372 adpu160m - ok

17:35:57.0250 1372 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

17:35:57.0250 1372 adpu320 - ok

17:35:57.0328 1372 AFD (fbff315793b8bb09c5ba0ff5d1c5b0c7) C:\Windows\system32\drivers\afd.sys

17:35:57.0328 1372 Suspicious file (Forged): C:\Windows\system32\drivers\afd.sys. Real md5: fbff315793b8bb09c5ba0ff5d1c5b0c7, Fake md5: 3911b972b55fea0478476b2e777b29fa

17:35:57.0328 1372 AFD ( Rootkit.Win32.ZAccess.e ) - infected

17:35:57.0328 1372 AFD - detected Rootkit.Win32.ZAccess.e (0)

17:35:57.0375 1372 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

17:35:57.0390 1372 agp440 - ok

17:35:57.0437 1372 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

17:35:57.0437 1372 aic78xx - ok

17:35:57.0515 1372 aksfridge (9e989429631a0588c60c430fd7db7576) C:\Windows\system32\DRIVERS\aksfridge.sys

17:35:57.0515 1372 aksfridge - ok

17:35:57.0562 1372 akshasp (f2454a0c7dd0f79847f3ecf45570aca4) C:\Windows\system32\DRIVERS\akshasp.sys

17:35:57.0577 1372 akshasp - ok

17:35:57.0609 1372 akshhl (ea987a959eeadcb49ffaa4999dde5032) C:\Windows\system32\DRIVERS\akshhl.sys

17:35:57.0624 1372 akshhl - ok

17:35:57.0671 1372 aksusb (c0389eae9b0c0abbc294d34dbd41e81f) C:\Windows\system32\DRIVERS\aksusb.sys

17:35:57.0671 1372 aksusb - ok

17:35:57.0687 1372 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

17:35:57.0687 1372 aliide - ok

17:35:57.0733 1372 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

17:35:57.0749 1372 amdagp - ok

17:35:57.0780 1372 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

17:35:57.0780 1372 amdide - ok

17:35:57.0811 1372 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

17:35:57.0811 1372 AmdK7 - ok

17:35:57.0843 1372 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys

17:35:57.0843 1372 AmdK8 - ok

17:35:57.0889 1372 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

17:35:57.0889 1372 arc - ok

17:35:57.0921 1372 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

17:35:57.0921 1372 arcsas - ok

17:35:57.0999 1372 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

17:35:57.0999 1372 AsyncMac - ok

17:35:58.0030 1372 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

17:35:58.0030 1372 atapi - ok

17:35:58.0092 1372 b57nd60x (aa6b367ca7da571dfc3374ec137d87a5) C:\Windows\system32\DRIVERS\b57nd60x.sys

17:35:58.0108 1372 b57nd60x - ok

17:35:58.0217 1372 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

17:35:58.0217 1372 Beep - ok

17:35:58.0264 1372 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

17:35:58.0264 1372 blbdrive - ok

17:35:58.0326 1372 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

17:35:58.0326 1372 bowser - ok

17:35:58.0373 1372 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

17:35:58.0373 1372 BrFiltLo - ok

17:35:58.0435 1372 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

17:35:58.0435 1372 BrFiltUp - ok

17:35:58.0467 1372 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

17:35:58.0467 1372 Brserid - ok

17:35:58.0498 1372 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

17:35:58.0498 1372 BrSerWdm - ok

17:35:58.0513 1372 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

17:35:58.0513 1372 BrUsbMdm - ok

17:35:58.0545 1372 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

17:35:58.0545 1372 BrUsbSer - ok

17:35:58.0560 1372 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

17:35:58.0560 1372 BTHMODEM - ok

17:35:58.0669 1372 Cam5607 (4b999349156c3e203e0728aca4274359) C:\Windows\system32\Drivers\BisonC07.sys

17:35:58.0701 1372 Cam5607 - ok

17:35:58.0732 1372 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

17:35:58.0732 1372 cdfs - ok

17:35:58.0779 1372 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

17:35:58.0779 1372 cdrom - ok

17:35:58.0810 1372 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

17:35:58.0810 1372 circlass - ok

17:35:58.0857 1372 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

17:35:58.0888 1372 CLFS - ok

17:35:58.0919 1372 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

17:35:58.0919 1372 CmBatt - ok

17:35:58.0950 1372 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

17:35:58.0950 1372 cmdide - ok

17:35:58.0981 1372 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

17:35:58.0981 1372 Compbatt - ok

17:35:59.0013 1372 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

17:35:59.0013 1372 crcdisk - ok

17:35:59.0044 1372 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

17:35:59.0044 1372 Crusoe - ok

17:35:59.0106 1372 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

17:35:59.0106 1372 DfsC - ok

17:35:59.0184 1372 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

17:35:59.0184 1372 disk - ok

17:35:59.0200 1372 DKbFltr (73baf270d24fe726b9cd7f80bb17a23d) C:\Windows\system32\DRIVERS\DKbFltr.sys

17:35:59.0215 1372 DKbFltr - ok

17:35:59.0278 1372 Dot4 (4f59c172c094e1a1d46463a8dc061cbd) C:\Windows\system32\DRIVERS\Dot4.sys

17:35:59.0293 1372 Dot4 - ok

17:35:59.0325 1372 Dot4Print (80bf3ba09f6f2523c8f6b7cc6dbf7bd5) C:\Windows\system32\DRIVERS\Dot4Prt.sys

17:35:59.0325 1372 Dot4Print - ok

17:35:59.0356 1372 dot4usb (c55004ca6b419b6695970dfe849b122f) C:\Windows\system32\DRIVERS\dot4usb.sys

17:35:59.0371 1372 dot4usb - ok

17:35:59.0403 1372 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

17:35:59.0403 1372 drmkaud - ok

17:35:59.0449 1372 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

17:35:59.0481 1372 DXGKrnl - ok

17:35:59.0543 1372 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

17:35:59.0543 1372 E1G60 - ok

17:35:59.0605 1372 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

17:35:59.0605 1372 Ecache - ok

17:35:59.0668 1372 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

17:35:59.0668 1372 elxstor - ok

17:35:59.0730 1372 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

17:35:59.0730 1372 ErrDev - ok

17:35:59.0839 1372 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

17:35:59.0839 1372 exfat - ok

17:35:59.0886 1372 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

17:35:59.0886 1372 fastfat - ok

17:35:59.0917 1372 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

17:35:59.0917 1372 fdc - ok

17:35:59.0964 1372 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

17:35:59.0964 1372 FileInfo - ok

17:35:59.0995 1372 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

17:35:59.0995 1372 Filetrace - ok

17:36:00.0011 1372 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

17:36:00.0011 1372 flpydisk - ok

17:36:00.0058 1372 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

17:36:00.0058 1372 FltMgr - ok

17:36:00.0105 1372 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

17:36:00.0105 1372 Fs_Rec - ok

17:36:00.0120 1372 FTDIBUS - ok

17:36:00.0120 1372 FTSER2K - ok

17:36:00.0151 1372 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

17:36:00.0151 1372 gagp30kx - ok

17:36:00.0229 1372 Hardlock (c03718f2b954972a40ad75e22d159f9f) C:\Windows\system32\drivers\hardlock.sys

17:36:00.0245 1372 Hardlock - ok

17:36:00.0292 1372 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

17:36:00.0292 1372 HdAudAddService - ok

17:36:00.0354 1372 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

17:36:00.0354 1372 HDAudBus - ok

17:36:00.0385 1372 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

17:36:00.0385 1372 HidBth - ok

17:36:00.0417 1372 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

17:36:00.0417 1372 HidIr - ok

17:36:00.0463 1372 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

17:36:00.0463 1372 HidUsb - ok

17:36:00.0510 1372 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

17:36:00.0510 1372 HpCISSs - ok

17:36:00.0573 1372 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS

17:36:00.0573 1372 HSFHWAZL - ok

17:36:00.0635 1372 HSF_DPV (7bc42c65b5c6281777c1a7605b253ba8) C:\Windows\system32\DRIVERS\HSX_DPV.sys

17:36:00.0666 1372 HSF_DPV - ok

17:36:00.0729 1372 HSXHWAZL (9ebf2d102ccbb6bcdfbf1b7922f8ba2e) C:\Windows\system32\DRIVERS\HSXHWAZL.sys

17:36:00.0729 1372 HSXHWAZL - ok

17:36:00.0775 1372 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

17:36:00.0775 1372 HTTP - ok

17:36:00.0807 1372 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

17:36:00.0807 1372 i2omp - ok

17:36:00.0869 1372 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

17:36:00.0869 1372 i8042prt - ok

17:36:00.0900 1372 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

17:36:00.0900 1372 iaStorV - ok

17:36:01.0009 1372 igfx (9378d57e2b96c0a185d844770ad49948) C:\Windows\system32\DRIVERS\igdkmd32.sys

17:36:01.0056 1372 igfx - ok

17:36:01.0087 1372 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

17:36:01.0103 1372 iirsp - ok

17:36:01.0134 1372 int15 (c6e5276c00ebdeb096bb5ef4b797d1b6) C:\Windows\system32\drivers\int15.sys

17:36:01.0134 1372 int15 - ok

17:36:01.0212 1372 IntcAzAudAddService (b795745f7e51aa20d46753ec5a811aca) C:\Windows\system32\drivers\RTKVHDA.sys

17:36:01.0259 1372 IntcAzAudAddService - ok

17:36:01.0306 1372 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

17:36:01.0306 1372 intelide - ok

17:36:01.0321 1372 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

17:36:01.0321 1372 intelppm - ok

17:36:01.0353 1372 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

17:36:01.0353 1372 IpFilterDriver - ok

17:36:01.0384 1372 IpInIp - ok

17:36:01.0415 1372 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

17:36:01.0415 1372 IPMIDRV - ok

17:36:01.0462 1372 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

17:36:01.0462 1372 IPNAT - ok

17:36:01.0493 1372 irda (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys

17:36:01.0493 1372 irda - ok

17:36:01.0524 1372 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

17:36:01.0524 1372 IRENUM - ok

17:36:01.0540 1372 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

17:36:01.0540 1372 isapnp - ok

17:36:01.0587 1372 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

17:36:01.0587 1372 iScsiPrt - ok

17:36:01.0618 1372 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

17:36:01.0618 1372 iteatapi - ok

17:36:01.0665 1372 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

17:36:01.0665 1372 iteraid - ok

17:36:01.0696 1372 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

17:36:01.0696 1372 kbdclass - ok

17:36:01.0727 1372 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys

17:36:01.0727 1372 kbdhid - ok

17:36:01.0774 1372 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

17:36:01.0774 1372 KSecDD - ok

17:36:01.0836 1372 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

17:36:01.0836 1372 lltdio - ok

17:36:01.0867 1372 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

17:36:01.0867 1372 LSI_FC - ok

17:36:01.0899 1372 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

17:36:01.0899 1372 LSI_SAS - ok

17:36:01.0945 1372 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

17:36:01.0945 1372 LSI_SCSI - ok

17:36:01.0977 1372 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

17:36:01.0977 1372 luafv - ok

17:36:02.0023 1372 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys

17:36:02.0023 1372 mdmxsdk - ok

17:36:02.0055 1372 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

17:36:02.0055 1372 megasas - ok

17:36:02.0101 1372 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

17:36:02.0117 1372 MegaSR - ok

17:36:02.0148 1372 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

17:36:02.0148 1372 Modem - ok

17:36:02.0179 1372 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

17:36:02.0179 1372 monitor - ok

17:36:02.0211 1372 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

17:36:02.0211 1372 mouclass - ok

17:36:02.0242 1372 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

17:36:02.0242 1372 mouhid - ok

17:36:02.0273 1372 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

17:36:02.0273 1372 MountMgr - ok

17:36:02.0304 1372 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

17:36:02.0304 1372 mpio - ok

17:36:02.0351 1372 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

17:36:02.0351 1372 mpsdrv - ok

17:36:02.0382 1372 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

17:36:02.0382 1372 Mraid35x - ok

17:36:02.0507 1372 MREMP50 (9bd4dcb5412921864a7aacdedfbd1923) C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS

17:36:02.0507 1372 MREMP50 - ok

17:36:02.0507 1372 MREMP50a64 - ok

17:36:02.0507 1372 MREMPR5 - ok

17:36:02.0554 1372 MRENDIS5 - ok

17:36:02.0585 1372 MRESP50 (07c02c892e8e1a72d6bf35004f0e9c5e) C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS

17:36:02.0585 1372 MRESP50 - ok

17:36:02.0601 1372 MRESP50a64 - ok

17:36:02.0710 1372 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

17:36:02.0710 1372 MRxDAV - ok

17:36:02.0772 1372 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

17:36:02.0772 1372 mrxsmb - ok

17:36:02.0819 1372 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

17:36:02.0819 1372 mrxsmb10 - ok

17:36:02.0835 1372 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

17:36:02.0850 1372 mrxsmb20 - ok

17:36:02.0881 1372 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

17:36:02.0881 1372 msahci - ok

17:36:02.0913 1372 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

17:36:02.0913 1372 msdsm - ok

17:36:02.0944 1372 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

17:36:02.0959 1372 Msfs - ok

17:36:02.0975 1372 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

17:36:02.0991 1372 msisadrv - ok

17:36:03.0022 1372 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

17:36:03.0022 1372 MSKSSRV - ok

17:36:03.0053 1372 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

17:36:03.0053 1372 MSPCLOCK - ok

17:36:03.0069 1372 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

17:36:03.0069 1372 MSPQM - ok

17:36:03.0100 1372 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

17:36:03.0115 1372 MsRPC - ok

17:36:03.0131 1372 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

17:36:03.0131 1372 mssmbios - ok

17:36:03.0162 1372 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

17:36:03.0162 1372 MSTEE - ok

17:36:03.0193 1372 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

17:36:03.0193 1372 Mup - ok

17:36:03.0240 1372 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

17:36:03.0240 1372 NativeWifiP - ok

17:36:03.0318 1372 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

17:36:03.0318 1372 NDIS - ok

17:36:03.0349 1372 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

17:36:03.0349 1372 NdisTapi - ok

17:36:03.0365 1372 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

17:36:03.0365 1372 Ndisuio - ok

17:36:03.0427 1372 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

17:36:03.0427 1372 NdisWan - ok

17:36:03.0443 1372 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

17:36:03.0443 1372 NDProxy - ok

17:36:03.0490 1372 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

17:36:03.0490 1372 NetBIOS - ok

17:36:03.0537 1372 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

17:36:03.0537 1372 netbt - ok

17:36:03.0646 1372 NETw3v32 (35d5458d9a1b26b2005abffbf4c1c5e7) C:\Windows\system32\DRIVERS\NETw3v32.sys

17:36:03.0724 1372 NETw3v32 - ok

17:36:03.0802 1372 NETw4v32 (38d720e0c8b0ecb9a019980265679798) C:\Windows\system32\DRIVERS\NETw4v32.sys

17:36:03.0864 1372 NETw4v32 - ok

17:36:04.0020 1372 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys

17:36:04.0098 1372 NETw5v32 - ok

17:36:04.0129 1372 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

17:36:04.0129 1372 nfrd960 - ok

17:36:04.0176 1372 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

17:36:04.0176 1372 Npfs - ok

17:36:04.0192 1372 NSCIRDA (6d8d2e5652fc2442c810c5d8be784148) C:\Windows\system32\DRIVERS\nscirda.sys

17:36:04.0192 1372 NSCIRDA - ok

17:36:04.0223 1372 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

17:36:04.0223 1372 nsiproxy - ok

17:36:04.0285 1372 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

17:36:04.0317 1372 Ntfs - ok

17:36:04.0348 1372 NTIDrvr (7f1c1f78d709c4a54cbb46ede7e0b48d) C:\Windows\system32\DRIVERS\NTIDrvr.sys

17:36:04.0348 1372 NTIDrvr - ok

17:36:04.0379 1372 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

17:36:04.0379 1372 ntrigdigi - ok

17:36:04.0395 1372 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

17:36:04.0395 1372 Null - ok

17:36:04.0426 1372 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

17:36:04.0426 1372 nvraid - ok

17:36:04.0457 1372 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

17:36:04.0457 1372 nvstor - ok

17:36:04.0504 1372 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

17:36:04.0504 1372 nv_agp - ok

17:36:04.0551 1372 NWADI (67fb86eeb94059177642050718d57460) C:\Windows\system32\DRIVERS\NWADIenum.sys

17:36:04.0551 1372 NWADI - ok

17:36:04.0566 1372 NwlnkFlt - ok

17:36:04.0582 1372 NwlnkFwd - ok

17:36:04.0644 1372 NWUSBModem (4e651808b35656ac88a4dcdaf6cc1169) C:\Windows\system32\DRIVERS\nwusbmdm.sys

17:36:04.0644 1372 NWUSBModem - ok

17:36:04.0691 1372 NWUSBPort (4e651808b35656ac88a4dcdaf6cc1169) C:\Windows\system32\DRIVERS\nwusbser.sys

17:36:04.0691 1372 NWUSBPort - ok

17:36:04.0753 1372 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

17:36:04.0753 1372 ohci1394 - ok

17:36:04.0800 1372 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

17:36:04.0800 1372 Parport - ok

17:36:04.0831 1372 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

17:36:04.0831 1372 partmgr - ok

17:36:04.0863 1372 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

17:36:04.0863 1372 Parvdm - ok

17:36:04.0909 1372 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

17:36:04.0925 1372 pci - ok

17:36:04.0956 1372 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys

17:36:04.0956 1372 pciide - ok

17:36:05.0003 1372 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys

17:36:05.0003 1372 pcmcia - ok

17:36:05.0065 1372 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

17:36:05.0097 1372 PEAUTH - ok

17:36:05.0159 1372 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

17:36:05.0159 1372 PptpMiniport - ok

17:36:05.0190 1372 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

17:36:05.0190 1372 Processor - ok

17:36:05.0253 1372 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

17:36:05.0253 1372 PSched - ok

17:36:05.0299 1372 PSDFilter (18de162f9b83079c24cd96f59292f5ed) C:\Windows\system32\DRIVERS\psdfilter.sys

17:36:05.0299 1372 PSDFilter - ok

17:36:05.0331 1372 PSDNServ (bc1457a28e76ab3106d43802ac22a627) C:\Windows\system32\DRIVERS\PSDNServ.sys

17:36:05.0331 1372 PSDNServ - ok

17:36:05.0346 1372 psdvdisk (ac151e5b0943304e368c98ec78b5fc4f) C:\Windows\system32\DRIVERS\PSDVdisk.sys

17:36:05.0362 1372 psdvdisk - ok

17:36:05.0424 1372 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

17:36:05.0455 1372 ql2300 - ok

17:36:05.0487 1372 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

17:36:05.0487 1372 ql40xx - ok

17:36:05.0518 1372 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

17:36:05.0518 1372 QWAVEdrv - ok

17:36:05.0549 1372 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

17:36:05.0549 1372 RasAcd - ok

17:36:05.0565 1372 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

17:36:05.0580 1372 Rasl2tp - ok

17:36:05.0627 1372 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

17:36:05.0627 1372 RasPppoe - ok

17:36:05.0658 1372 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

17:36:05.0658 1372 RasSstp - ok

17:36:05.0705 1372 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

17:36:05.0721 1372 rdbss - ok

17:36:05.0736 1372 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

17:36:05.0736 1372 RDPCDD - ok

17:36:05.0767 1372 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

17:36:05.0767 1372 rdpdr - ok

17:36:05.0783 1372 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

17:36:05.0783 1372 RDPENCDD - ok

17:36:05.0814 1372 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

17:36:05.0830 1372 RDPWD - ok

17:36:05.0892 1372 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

17:36:05.0892 1372 rspndr - ok

17:36:05.0923 1372 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

17:36:05.0923 1372 sbp2port - ok

17:36:05.0970 1372 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys

17:36:05.0970 1372 sdbus - ok

17:36:06.0001 1372 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

17:36:06.0001 1372 secdrv - ok

17:36:06.0064 1372 Ser2pl (e42f03d1081c4f60d3db6c38235b1456) C:\Windows\system32\DRIVERS\ser2pl.sys

17:36:06.0079 1372 Ser2pl - ok

17:36:06.0126 1372 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys

17:36:06.0126 1372 Serenum - ok

17:36:06.0157 1372 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

17:36:06.0157 1372 Serial - ok

17:36:06.0189 1372 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

17:36:06.0189 1372 sermouse - ok

17:36:06.0235 1372 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

17:36:06.0235 1372 sffdisk - ok

17:36:06.0267 1372 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

17:36:06.0267 1372 sffp_mmc - ok

17:36:06.0298 1372 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

17:36:06.0298 1372 sffp_sd - ok

17:36:06.0345 1372 sfloppy (c33bfbd6e9e41fcd9ffef9729e9faed6) C:\Windows\system32\DRIVERS\sfloppy.sys

17:36:06.0345 1372 sfloppy - ok

17:36:06.0376 1372 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

17:36:06.0376 1372 sisagp - ok

17:36:06.0407 1372 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

17:36:06.0407 1372 SiSRaid2 - ok

17:36:06.0423 1372 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

17:36:06.0423 1372 SiSRaid4 - ok

17:36:06.0469 1372 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

17:36:06.0469 1372 Smb - ok

17:36:06.0485 1372 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

17:36:06.0501 1372 spldr - ok

17:36:06.0563 1372 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

17:36:06.0563 1372 srv - ok

17:36:06.0610 1372 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

17:36:06.0610 1372 srv2 - ok

17:36:06.0657 1372 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

17:36:06.0657 1372 srvnet - ok

17:36:06.0688 1372 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

17:36:06.0688 1372 swenum - ok

17:36:06.0719 1372 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

17:36:06.0719 1372 Symc8xx - ok

17:36:06.0735 1372 SymIM - ok

17:36:06.0750 1372 SymIMMP - ok

17:36:06.0781 1372 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

17:36:06.0781 1372 Sym_hi - ok

17:36:06.0813 1372 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

17:36:06.0813 1372 Sym_u3 - ok

17:36:06.0859 1372 SynTP (c5f25d490d0915732508fd421bf76d93) C:\Windows\system32\DRIVERS\SynTP.sys

17:36:06.0859 1372 SynTP - ok

17:36:06.0937 1372 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys

17:36:06.0953 1372 Tcpip - ok

17:36:06.0984 1372 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys

17:36:06.0984 1372 Tcpip6 - ok

17:36:07.0031 1372 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

17:36:07.0031 1372 tcpipreg - ok

17:36:07.0062 1372 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

17:36:07.0062 1372 TDPIPE - ok

17:36:07.0093 1372 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

17:36:07.0093 1372 TDTCP - ok

17:36:07.0125 1372 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

17:36:07.0125 1372 tdx - ok

17:36:07.0187 1372 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

17:36:07.0187 1372 TermDD - ok

17:36:07.0218 1372 tifm21 (78213f01ce781f93180bef5eb5b3ad81) C:\Windows\system32\drivers\tifm21.sys

17:36:07.0218 1372 tifm21 - ok

17:36:07.0265 1372 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

17:36:07.0265 1372 tssecsrv - ok

17:36:07.0312 1372 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

17:36:07.0312 1372 tunmp - ok

17:36:07.0343 1372 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

17:36:07.0343 1372 tunnel - ok

17:36:07.0374 1372 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

17:36:07.0374 1372 uagp35 - ok

17:36:07.0437 1372 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

17:36:07.0437 1372 udfs - ok

17:36:07.0468 1372 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

17:36:07.0468 1372 uliagpkx - ok

17:36:07.0515 1372 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

17:36:07.0515 1372 uliahci - ok

17:36:07.0546 1372 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

17:36:07.0546 1372 UlSata - ok

17:36:07.0577 1372 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

17:36:07.0577 1372 ulsata2 - ok

17:36:07.0608 1372 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

17:36:07.0608 1372 umbus - ok

17:36:07.0686 1372 USBAAPL - ok

17:36:07.0733 1372 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

17:36:07.0733 1372 usbccgp - ok

17:36:07.0764 1372 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

17:36:07.0764 1372 usbcir - ok

17:36:07.0795 1372 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

17:36:07.0795 1372 usbehci - ok

17:36:07.0827 1372 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

17:36:07.0827 1372 usbhub - ok

17:36:07.0858 1372 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

17:36:07.0858 1372 usbohci - ok

17:36:07.0905 1372 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

17:36:07.0905 1372 usbprint - ok

17:36:07.0936 1372 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

17:36:07.0951 1372 usbscan - ok

17:36:07.0967 1372 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

17:36:07.0983 1372 USBSTOR - ok

17:36:07.0998 1372 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

17:36:07.0998 1372 usbuhci - ok

17:36:08.0029 1372 usbvideo (e67998e8f14cb0627a769f6530bcb352) C:\Windows\system32\Drivers\usbvideo.sys

17:36:08.0029 1372 usbvideo - ok

17:36:08.0061 1372 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

17:36:08.0061 1372 vga - ok

17:36:08.0092 1372 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

17:36:08.0092 1372 VgaSave - ok

17:36:08.0123 1372 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

17:36:08.0123 1372 viaagp - ok

17:36:08.0154 1372 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

17:36:08.0154 1372 ViaC7 - ok

17:36:08.0185 1372 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

17:36:08.0185 1372 viaide - ok

17:36:08.0217 1372 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

17:36:08.0232 1372 volmgr - ok

17:36:08.0279 1372 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

17:36:08.0295 1372 volmgrx - ok

17:36:08.0341 1372 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

17:36:08.0341 1372 volsnap - ok

17:36:08.0388 1372 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

17:36:08.0388 1372 vsmraid - ok

17:36:08.0435 1372 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

17:36:08.0435 1372 WacomPen - ok

17:36:08.0482 1372 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

17:36:08.0482 1372 Wanarp - ok

17:36:08.0482 1372 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

17:36:08.0482 1372 Wanarpv6 - ok

17:36:08.0529 1372 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

17:36:08.0529 1372 Wd - ok

17:36:08.0575 1372 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

17:36:08.0591 1372 Wdf01000 - ok

17:36:08.0653 1372 winachsf (5a77ac34a0ffb70ce8b35b524fede9ba) C:\Windows\system32\DRIVERS\HSX_CNXT.sys

17:36:08.0685 1372 winachsf - ok

17:36:08.0731 1372 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys

17:36:08.0731 1372 WmiAcpi - ok

17:36:08.0825 1372 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

17:36:08.0825 1372 WpdUsb - ok

17:36:08.0856 1372 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

17:36:08.0856 1372 ws2ifsl - ok

17:36:08.0919 1372 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

17:36:08.0919 1372 WUDFRd - ok

17:36:08.0950 1372 XAudio (88af537264f2b818da15479ceeaf5d7c) C:\Windows\system32\DRIVERS\xaudio.sys

17:36:08.0950 1372 XAudio - ok

17:36:08.0997 1372 MBR (0x1B8) (a863475757cc50891aa8458c415e4b25) \Device\Harddisk0\DR0

17:36:09.0730 1372 \Device\Harddisk0\DR0 - ok

17:36:09.0792 1372 Boot (0x1200) (93de84485b3c954ad59477924640078e) \Device\Harddisk0\DR0\Partition0

17:36:09.0792 1372 \Device\Harddisk0\DR0\Partition0 - ok

17:36:09.0808 1372 Boot (0x1200) (12461fad2768dc412f97a4585333febc) \Device\Harddisk0\DR0\Partition1

17:36:09.0808 1372 \Device\Harddisk0\DR0\Partition1 - ok

17:36:09.0808 1372 ============================================================

17:36:09.0808 1372 Scan finished

17:36:09.0808 1372 ============================================================

17:36:09.0823 1364 Detected object count: 2

17:36:09.0823 1364 Actual detected object count: 2

17:37:01.0943 1364 29da49cb ( HiddenFile.Multi.Generic ) - skipped by user

17:37:01.0943 1364 29da49cb ( HiddenFile.Multi.Generic ) - User select action: Skip

17:37:07.0590 1364 Backup copy found, using it..

17:37:07.0621 1364 C:\Windows\system32\drivers\afd.sys - will be cured on reboot

17:37:07.0621 1364 AFD ( Rootkit.Win32.ZAccess.e ) - User select action: Cure

17:37:18.0432 0832 Deinitialize success

Here is the DDS logfile:

.

DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK

Internet Explorer: 9.0.8112.16421

Run by Susan at 17:43:11 on 2011-10-05

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3062.2492 [GMT -5:00]

.

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\Windows\SYSTEM32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\Explorer.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uSearch Page =

uStart Page = hxxp://www.yahoo.com/

uSearch Bar =

mStart Page = hxxp://en.us.acer.yahoo.com

mDefault_Page_URL = hxxp://en.us.acer.yahoo.com

uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - c:\program files\yahoo!\companion\installs\cpn0\YTNavAssist.dll

mURLSearchHooks: H - No File

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll

BHO: HP Print Clips: {053f9267-dc04-4294-a72c-58f732d338c0} - c:\program files\hp\smart web printing\hpswp_framework.dll

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll

BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No File

BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\acer\empowering technology\edatasecurity\x86\ActiveToolBand.dll

BHO: BrowserHelper Class: {8a9d74f9-560b-4fe7-abeb-3b2e638e5cd6} - c:\program files\sgpsa\SearchAssistant.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll

TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\acer\empowering technology\edatasecurity\x86\eDStoolbar.dll

TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File

TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [ZIBBrzONx0v2b3n8234A] c:\users\susan\appdata\roaming\yvss2obf3mg5q6w\Y8ffRL9hTqjUe.exe

uRun: [installIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [synTPStart] c:\program files\synaptics\syntp\SynTPStart.exe

mRun: [bisonInst0402] c:\windows\BR040286.exe

mRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"

mRun: [LanguageShortcut] "c:\program files\cyberlink\powerdvd\language\Language.exe"

mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\x86\eDSloader.exe

mRun: [LManager] c:\progra~1\launch~1\LManager.exe

mRun: [eRecoveryService]

mRun: [Acer Assist Launcher] c:\program files\acer\acer assist\launcher.exe

mRun: [Acer Product Registration] "c:\program files\acer\acer registration\ACE1.exe" /startup

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [skytel] Skytel.exe

mRun: [FBSSA] c:\program files\sgpsa\ie3sh.exe

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [Windows Mobile-based device management] %WINDIR%\WindowsMobile\wmdcBase.exe

mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume

mRun: [Reader Library Launcher] c:\program files\sony\reader\data\bin\launcher\Reader Library Launcher.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

StartupFolder: c:\users\susan\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\empowe~1.lnk - c:\acer\empowering technology\eAPLauncher.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {E763472E-A716-4CD9-89BD-DBDA6122F741} - c:\program files\hp\smart web printing\hpswp_extensions.dll

IE: {700259D7-1666-479a-93B1-3250410481E8} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

LSP: mswsock.dll

DPF: {321FB770-1FBE-4BFE-BDC1-6F622D4FA499} - hxxps://setup.bellsouth.net/wizlet/PWReset/static/controls/WebflowActiveXInstaller_6-1-2.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 24.177.176.38 97.81.22.195 24.178.162.3

TCP: Interfaces\{650B49CC-5E86-45BC-96CE-D1BC12B978B1} : DhcpNameServer = 24.177.176.38 97.81.22.195 24.178.162.3

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

Notify: igfxcui - igfxdev.dll

.

============= SERVICES / DRIVERS ===============

.

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2007-7-22 180736]

R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\drivers\NETw5v32.sys [2008-11-17 3668480]

S2 ASKService;ASKService;c:\program files\askbardis\bar\bin\AskService.exe [2009-11-7 464264]

S2 ASKUpgrade;ASKUpgrade;c:\program files\askbardis\bar\bin\ASKUpgrade.exe [2009-11-7 234888]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 FileOpenManagerSvc;FileOpenManagerSvc;c:\programdata\fileopen\services\FileOpenManagerSvc32.exe [2011-3-9 212352]

S2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]

S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-23 135664]

S2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe -run --> c:\windows\system32\hasplms.exe -run [?]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2011-4-22 92592]

S2 UniversalCommunicationServer;Universal Communication Server;"c:\program files\bernina\ucs\universalcommunicationserver.exe" --> c:\program files\bernina\ucs\UniversalCommunicationServer.exe [?]

S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-23 135664]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2011-10-05 22:40:14 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{7fd29e97-27ed-4912-879e-ce09daa95d00}\offreg.dll

2011-10-01 22:01:22 -------- d--h--w- c:\programdata\Common Files

2011-10-01 21:55:13 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-01 21:44:21 -------- d-----w- c:\users\susan\appdata\roaming\Malwarebytes

2011-10-01 21:44:17 -------- d-----w- c:\programdata\Malwarebytes

2011-10-01 21:44:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-10-01 21:39:21 -------- d-----w- c:\users\susan\appdata\roaming\jrrNtxxA0uc2i

2011-10-01 21:39:21 -------- d-----w- c:\users\susan\appdata\roaming\bbF3pnG5aHd

2011-10-01 21:36:49 -------- d-----w- c:\users\susan\appdata\roaming\OonG4amH6W7E8Tq

2011-10-01 21:36:49 -------- d-----w- c:\users\susan\appdata\roaming\fCwkIVrlOtPuSiD

2011-10-01 21:31:18 2417664 ----a-w- c:\users\susan\appdata\roaming\wmplayer.exe

2011-10-01 21:30:40 -------- d-----w- c:\users\susan\appdata\roaming\ByxA1uvS2b3m5Q6

2011-10-01 21:30:39 -------- d-----w- c:\users\susan\appdata\roaming\p4G5sQJ6E8R9Tez

2011-10-01 01:02:27 -------- d-----w- c:\users\susan\appdata\roaming\oonF4amH5W7E8Rq

2011-10-01 01:02:26 -------- d-----w- c:\users\susan\appdata\roaming\pibD3nG4aHsKfqY

2011-10-01 00:55:52 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{7fd29e97-27ed-4912-879e-ce09daa95d00}\mpengine.dll

2011-10-01 00:49:17 -------- d-----w- c:\users\susan\appdata\roaming\OekIBrzONx

2011-10-01 00:49:16 -------- d-----w- c:\users\susan\appdata\roaming\I2obF4mG5Q6E

2011-09-30 00:30:36 2417664 ----a-w- c:\users\susan\appdata\roaming\java.exe

2011-09-30 00:13:53 2417664 ----a-w- c:\users\susan\appdata\roaming\iexplore.exe

2011-09-30 00:10:36 -------- d-----w- c:\users\susan\appdata\roaming\O8fL9qjUkBOyAuS

2011-09-30 00:10:35 -------- d-----w- c:\users\susan\appdata\roaming\lhTXweBrzNxu

2011-09-30 00:00:51 -------- d-----w- c:\users\susan\appdata\roaming\SG4aQH6sW7E9TqY

2011-09-30 00:00:51 -------- d-----w- c:\users\susan\appdata\roaming\nXqjYCekIrNx0c2

2011-09-29 23:55:02 -------- d-----w- c:\users\susan\appdata\roaming\ZTZqhYCwkVlBx0c

2011-09-29 23:55:02 -------- d-----w- c:\users\susan\appdata\roaming\h1ivD3onFaHs

2011-09-29 20:18:04 -------- d-----w- c:\users\susan\appdata\roaming\HdEK8fRZ9TwUeI

2011-09-29 20:18:04 -------- d-----w- c:\users\susan\appdata\roaming\FzPNycA1uDoFpGs

2011-09-29 20:07:26 -------- d-----w- c:\users\susan\appdata\roaming\R9hTXqjUCkBzNx0

2011-09-29 20:07:26 -------- d-----w- c:\users\susan\appdata\roaming\qvS2ibF3pGaHdKf

2011-09-29 20:07:15 -------- d-----w- c:\users\susan\appdata\roaming\yvSS2obF3mG5Q6W

2011-09-29 20:07:14 -------- d-----w- c:\users\susan\appdata\roaming\jsQQJ6dEKfRZh

2011-09-17 13:39:58 2409784 ----a-w- c:\program files\windows mail\OESpamFilter.dat

.

==================== Find3M ====================

.

2011-10-05 22:38:02 273408 ----a-w- c:\windows\system32\drivers\afd.sys

2011-08-10 09:43:56 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-07-22 02:54:43 1797632 ----a-w- c:\windows\system32\jscript9.dll

2011-07-22 02:48:26 1126912 ----a-w- c:\windows\system32\wininet.dll

2011-07-22 02:44:36 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2011-07-11 13:25:35 2048 ----a-w- c:\windows\system32\tzres.dll

.

============= FINISH: 17:44:51.15 ===============

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.