Author Topic: [Resolved] Slow startup and connection and Trojan found during scan (Read 1726 times)

Vista-parkinlot · « **on:** April 13, 2012, 08:23:58 PM »

Hi,

Using Windows 7...ran a Malwarebytes' scan yesterday and it turned up 9 trojans. I tried to find the log again so I could tell you the name and location but was unable to find the log. Computer is slow at startup, opening files and connecting to the internet occassionaly slow.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385
Run by Carrie at 21:20:59 on 2012-04-13
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.2.1033.18.3893.2001 [GMT -5:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\dlbtcoms.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
C:\Program Files (x86)\Dell Photo AIO Printer 922\DLBTmon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Roxio\RoxioNow Player\CNRpc.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\mmc.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca/
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110318224948.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
mRun: [<NO NAME>]
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [RoxioNowMediaManagerApp] C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe -start
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Carrie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files (x86)\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\Carrie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
Trusted Zone: cinemanow.com
Trusted Zone: cineplex.com
Trusted Zone: roxio.com
Trusted Zone: roxionow.com
Trusted Zone: sonic.com
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos-beta/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://costco.pnimedia.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{6917B3F7-AD86-4436-A8E5-71458F752DB3} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{84B4DDE5-4969-405F-A38D-B8177CAFC255} : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO-X64: McAfee Phishing Filter - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110318224948.dll
BHO-X64: scriptproxy - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64: Ask Toolbar BHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - No File
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [PDVDDXSrv] "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [ContentTransferWMDetector.exe] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
mRun-x64: [(Default)]
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [RoxioNowMediaManagerApp] C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe -start
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
IE-X64: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]
R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2010-7-22 98208]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-3-18 355440]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-3-18 355440]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-3-18 355440]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-3-18 355440]
R2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-3-18 200056]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-3-18 245352]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2011-8-4 400368]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-1-21 1692480]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-1-21 2320920]
R2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012-3-29 918880]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-22 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-30 253600]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-4-22 136176]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\Windows\system32\DRIVERS\WSDPrint.sys --> C:\Windows\system32\DRIVERS\WSDPrint.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-04-13 08:06:31   5473136   ----a-w-   C:\Windows\System32\ntoskrnl.exe
2012-04-13 08:06:31   3971440   ----a-w-   C:\Windows\SysWow64\ntkrnlpa.exe
2012-04-13 08:06:30   3915632   ----a-w-   C:\Windows\SysWow64\ntoskrnl.exe
2012-04-13 08:02:19   80896   ----a-w-   C:\Windows\System32\imagehlp.dll
2012-04-13 08:02:19   22896   ----a-w-   C:\Windows\System32\drivers\fs_rec.sys
2012-04-13 08:02:19   172544   ----a-w-   C:\Windows\SysWow64\wintrust.dll
2012-04-13 08:02:19   158720   ----a-w-   C:\Windows\SysWow64\imagehlp.dll
2012-04-13 08:02:18   5120   ----a-w-   C:\Windows\SysWow64\wmi.dll
2012-04-13 08:02:18   5120   ----a-w-   C:\Windows\System32\wmi.dll
2012-04-13 08:02:18   220672   ----a-w-   C:\Windows\System32\wintrust.dll
2012-04-11 02:50:54   258048   ----a-w-   C:\Windows\System32\Spool\prtprocs\x64\hpfppw73.dll
2012-04-10 19:46:20   --------   d-----w-   C:\Users\Carrie\AppData\Roaming\Participatory Culture Foundation
2012-04-09 23:10:15   --------   d-----w-   C:\Program Files\iPod
2012-04-09 23:10:14   --------   d-----w-   C:\Program Files\iTunes
2012-04-09 23:03:21   159744   ----a-w-   C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-04-09 23:03:21   159744   ----a-w-   C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-04-09 23:03:21   159744   ----a-w-   C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-04-09 23:03:21   159744   ----a-w-   C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-04-09 23:03:21   159744   ----a-w-   C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-04-09 23:03:21   159744   ----a-w-   C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-04-09 23:03:21   159744   ----a-w-   C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-03-30 23:04:33   418464   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
.
==================== Find3M ====================
.
2012-03-30 23:04:33   70304   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-28 06:35:54   1197568   ----a-w-   C:\Windows\System32\wininet.dll
2012-02-28 06:33:03   57856   ----a-w-   C:\Windows\System32\licmgr10.dll
2012-02-28 05:40:21   981504   ----a-w-   C:\Windows\SysWow64\wininet.dll
2012-02-28 05:38:16   44544   ----a-w-   C:\Windows\SysWow64\licmgr10.dll
2012-02-28 05:17:41   482816   ----a-w-   C:\Windows\System32\html.iec
2012-02-28 04:35:01   1638912   ----a-w-   C:\Windows\System32\mshtml.tlb
2012-02-28 04:31:46   386048   ----a-w-   C:\Windows\SysWow64\html.iec
2012-02-28 03:57:55   1638912   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2012-02-15 16:01:50   52736   ----a-w-   C:\Windows\System32\drivers\usbaapl64.sys
2012-02-15 16:01:50   4547944   ----a-w-   C:\Windows\System32\usbaaplrc.dll
2012-02-15 06:27:54   1031680   ----a-w-   C:\Windows\System32\rdpcore.dll
2012-02-15 05:44:57   826368   ----a-w-   C:\Windows\SysWow64\rdpcore.dll
2012-02-15 04:47:21   204800   ----a-w-   C:\Windows\System32\drivers\rdpwd.sys
2012-02-15 04:46:59   23552   ----a-w-   C:\Windows\System32\drivers\tdtcp.sys
2012-02-14 17:09:44   1070352   ----a-w-   C:\Windows\SysWow64\MSCOMCTL.OCX
2012-02-10 06:18:10   1541120   ----a-w-   C:\Windows\System32\DWrite.dll
2012-02-10 06:17:55   1837568   ----a-w-   C:\Windows\System32\d3d10warp.dll
2012-02-10 06:17:54   902656   ----a-w-   C:\Windows\System32\d2d1.dll
2012-02-10 06:17:54   320512   ----a-w-   C:\Windows\System32\d3d10_1core.dll
2012-02-10 06:17:54   197120   ----a-w-   C:\Windows\System32\d3d10_1.dll
2012-02-10 05:41:38   1074176   ----a-w-   C:\Windows\SysWow64\DWrite.dll
2012-02-10 05:41:20   218624   ----a-w-   C:\Windows\SysWow64\d3d10_1core.dll
2012-02-10 05:41:20   161792   ----a-w-   C:\Windows\SysWow64\d3d10_1.dll
2012-02-10 05:41:20   1170944   ----a-w-   C:\Windows\SysWow64\d3d10warp.dll
2012-02-10 05:41:19   739840   ----a-w-   C:\Windows\SysWow64\d2d1.dll
2012-02-03 04:16:03   3143168   ----a-w-   C:\Windows\System32\win32k.sys
2012-01-25 06:27:11   76288   ----a-w-   C:\Windows\System32\rdpwsx.dll
2012-01-25 06:27:11   149504   ----a-w-   C:\Windows\System32\rdpcorekmts.dll
2012-01-25 06:20:59   9216   ----a-w-   C:\Windows\System32\rdrmemptylst.exe
.
============= FINISH: 21:21:26.01 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 18/03/2011 4:59:37 PM
System Uptime: 13/04/2012 12:05:47 PM (9 hours ago)
.
Motherboard: Dell Inc. | | 0TKV96
Processor: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz | U2E1 | 1992/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 451 GiB total, 370.934 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Dell Wireless 1520 Wireless-N WLAN Mini-Card
Device ID: PCI\VEN_14E4&DEV_4353&SUBSYS_000E1028&REV_01\4&E872D9D&0&00E1
Manufacturer: Broadcom
Name: Dell Wireless 1520 Wireless-N WLAN Mini-Card
PNP Device ID: PCI\VEN_14E4&DEV_4353&SUBSYS_000E1028&REV_01\4&E872D9D&0&00E1
Service: BCM43XX
.
==== System Restore Points ===================
.
RP91: 23/03/2012 9:28:33 AM - Scheduled Checkpoint
RP92: 28/03/2012 11:12:06 PM - Windows Update
RP93: 05/04/2012 6:55:34 PM - Scheduled Checkpoint
RP94: 13/04/2012 3:00:55 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player Plugin
Adobe Reader X (10.1.2)
Adobe Shockwave Player 11.5
Advanced Audio FX Engine
Akamai NetSession Interface Service
Apple Application Support
Apple Software Update
Ask Toolbar
Ask Toolbar Updater
AVG Security Toolbar
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Citrix XenApp Web Plugin
Content Transfer
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Dock
Dell Webcam Central
EpicBot
Free Audio CD Burner version 1.4.7
Free YouTube to MP3 Converter version 3.9.35.324
FrostWire 4.21.6
FrostWire 5.2.9
Google Toolbar for Internet Explorer
Google Update Helper
GoToAssist 8.0.0.514
HiJackThis
Intel(R) Graphics Media Accelerator Driver
Intel(R) Management Engine Components
Java Auto Updater
Java(TM) 6 Update 29
Junk Mail filter update
Live! Cam Avatar Creator
Malwarebytes Anti-Malware version 1.60.1.1000
MapleStory
McAfee SecurityCenter
Mesh Runtime
Messenger Companion
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable - KB2467175
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Miro
MSVCRT
MSVCRT_amd64
Nexon Game Manager
NWZ-E340 WALKMAN Guide
Pando Media Booster
PokerStars
PowerDVD DX
QuickTime
Realtek High Definition Audio Driver
Roxio Burn
RoxioNow Player
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition
TuneUp Companion 2.0.10
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
vGrabber
VoiceOver Kit
WildTangent Games
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
13/04/2012 7:54:13 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
13/04/2012 3:52:00 AM, Error: Service Control Manager [7034] - The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).
13/04/2012 3:29:48 AM, Error: Service Control Manager [7023] - The Akamai NetSession Interface service terminated with the following error: The specified module could not be found.
12/04/2012 8:44:45 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service MCODS with arguments "" in order to run the server: {C98F04D7-CD30-4BB0-B7D7-8DD7448520F2}
12/04/2012 8:44:44 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Scanner service to connect.
12/04/2012 8:44:44 AM, Error: Service Control Manager [7000] - The McAfee Scanner service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/04/2012 9:01:38 AM, Error: Service Control Manager [7031] - The McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
11/04/2012 7:01:09 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
11/04/2012 7:01:09 AM, Error: Service Control Manager [7000] - The Application Information service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/04/2012 7:00:39 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
11/04/2012 6:59:36 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
11/04/2012 6:59:36 AM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
09/04/2012 6:08:02 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
08/04/2012 8:52:00 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The pipe has been ended.
08/04/2012 8:52:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "109" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
07/04/2012 5:36:32 PM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
.
==== End Of File ===========================

Hoov · « **Reply #1 on:** April 13, 2012, 11:10:39 PM »

My name is Hoov and I will be helping you with your problem. As you have been helped here before, you know how we work so I will skip all of that.

Please open Malwarebytes' Anti-Malware and go to the logs tab. Then you should be able to open the log that removed the Trojans. Please copy it and post it up. Let me know i fit is no listed.

Vista-parkinlot · « **Reply #2 on:** April 14, 2012, 07:26:03 AM »

Hi,

I opened the tab but it only lists files for 2011, that is what is so strange. When I open the Quarantine tab it shows Trojan.Tracur.S and Trojan.Agent 3 or more times with files beginning with the name like RunIMFPlaywow.exe, Runlsqleeoledb30.wow.exe, Runlbitsprx6wow.exe, in the HKCU\Software\Microsoft\Windows\CurrentVersion\ and also in the HKLM\Software\Microsoft\WindowsNT\CurrentVersion\WindowslAppInit_DLLS

Thanks

Hoov · « **Reply #3 on:** April 14, 2012, 11:42:03 AM »

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on click on the change parameters option.
Once you are in there, check all four boxes and then click on the OK button.
Now click the Start Scan button.
This is what you will see during the scan,

and this is what you will see when the scan is done if any threats are found. Don't change any of the recommended actions. Click the continue button.
Once the fix is done you might see this,

or it may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Vista-parkinlot · « **Reply #4 on:** April 15, 2012, 10:45:13 AM »

Hi, I have to post the message in a couple of parts because I get an error that I've exceeded the max number of char.

11:29:41.0866 6816   TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05
11:29:42.0927 6816   ============================================================
11:29:42.0927 6816   Current date / time: 2012/04/15 11:29:42.0927
11:29:42.0927 6816   SystemInfo:
11:29:42.0927 6816
11:29:42.0927 6816   OS Version: 6.1.7600 ServicePack: 0.0
11:29:42.0927 6816   Product type: Workstation
11:29:42.0927 6816   ComputerName: PARKIN-PC
11:29:42.0927 6816   UserName: Carrie
11:29:42.0927 6816   Windows directory: C:\Windows
11:29:42.0927 6816   System windows directory: C:\Windows
11:29:42.0927 6816   Running under WOW64
11:29:42.0927 6816   Processor architecture: Intel x64
11:29:42.0927 6816   Number of processors: 4
11:29:42.0927 6816   Page size: 0x1000
11:29:42.0927 6816   Boot type: Normal boot
11:29:42.0927 6816   ============================================================
11:29:44.0487 6816   Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:29:44.0503 6816   \Device\Harddisk0\DR0:
11:29:44.0503 6816   MBR used
11:29:44.0503 6816   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000
11:29:44.0503 6816   \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x38607030
11:29:44.0549 6816   Initialize success
11:29:44.0549 6816   ============================================================
11:30:11.0118 3284   ============================================================
11:30:11.0118 3284   Scan started
11:30:11.0118 3284   Mode: Manual; SigCheck; TDLFS;
11:30:11.0118 3284   ============================================================
11:30:11.0805 3284   1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\Windows\system32\DRIVERS\1394ohci.sys
11:30:11.0976 3284   1394ohci - ok
11:30:12.0085 3284   ACPI (794ff35015209b9d44f1360c42c9776d) C:\Windows\system32\DRIVERS\ACPI.sys
11:30:12.0132 3284   ACPI - ok
11:30:12.0163 3284   AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
11:30:12.0241 3284   AcpiPmi - ok
11:30:12.0366 3284   AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:30:12.0413 3284   AdobeARMservice - ok
11:30:12.0585 3284   AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:30:12.0647 3284   AdobeFlashPlayerUpdateSvc - ok
11:30:12.0741 3284   adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:30:12.0803 3284   adp94xx - ok
11:30:12.0912 3284   adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:30:12.0975 3284   adpahci - ok
11:30:13.0084 3284   adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:30:13.0131 3284   adpu320 - ok
11:30:13.0146 3284   AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
11:30:13.0302 3284   AeLookupSvc - ok
11:30:13.0349 3284   AERTFilters (d1e343bc00136ce03c4d403194d06a80) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
11:30:13.0411 3284   AERTFilters - ok
11:30:13.0536 3284   AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
11:30:13.0599 3284   AFD - ok
11:30:13.0708 3284   agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
11:30:13.0739 3284   agp440 - ok
11:30:13.0833 3284   Akamai - ok
11:30:13.0926 3284   ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
11:30:14.0004 3284   ALG - ok
11:30:14.0067 3284   aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
11:30:14.0129 3284   aliide - ok
11:30:14.0207 3284   amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
11:30:14.0238 3284   amdide - ok
11:30:14.0285 3284   AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:30:14.0363 3284   AmdK8 - ok
11:30:14.0457 3284   AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:30:14.0503 3284   AmdPPM - ok
11:30:14.0628 3284   amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
11:30:14.0706 3284   amdsata - ok
11:30:14.0769 3284   amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:30:14.0800 3284   amdsbs - ok
11:30:14.0831 3284   amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
11:30:14.0878 3284   amdxata - ok
11:30:14.0971 3284   ApfiltrService (8655a2983a86d6675135b1ff6892055d) C:\Windows\system32\DRIVERS\Apfiltr.sys
11:30:15.0049 3284   ApfiltrService - ok
11:30:15.0159 3284   AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
11:30:15.0268 3284   AppID - ok
11:30:15.0361 3284   AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
11:30:15.0424 3284   AppIDSvc - ok
11:30:15.0455 3284   Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
11:30:15.0517 3284   Appinfo - ok
11:30:15.0642 3284   Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:30:15.0705 3284   Apple Mobile Device - ok
11:30:15.0845 3284   arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:30:15.0876 3284   arc - ok
11:30:15.0907 3284   arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:30:15.0939 3284   arcsas - ok
11:30:15.0970 3284   AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:30:16.0048 3284   AsyncMac - ok
11:30:16.0126 3284   atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
11:30:16.0157 3284   atapi - ok
11:30:16.0204 3284   AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:30:16.0297 3284   AudioEndpointBuilder - ok
11:30:16.0313 3284   AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
11:30:16.0360 3284   AudioSrv - ok
11:30:16.0438 3284   AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
11:30:16.0547 3284   AxInstSV - ok
11:30:16.0672 3284   b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:30:16.0734 3284   b06bdrv - ok
11:30:16.0843 3284   b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:30:16.0890 3284   b57nd60a - ok
11:30:16.0937 3284   BCM42RLY (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
11:30:16.0999 3284   BCM42RLY - ok
11:30:17.0109 3284   BCM43XX (f4cd5f52850bf2c978de178f256ba372) C:\Windows\system32\DRIVERS\bcmwl664.sys
11:30:17.0171 3284   BCM43XX - ok
11:30:17.0280 3284   BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
11:30:17.0343 3284   BDESVC - ok
11:30:17.0452 3284   Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:30:17.0530 3284   Beep - ok
11:30:17.0639 3284   BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
11:30:17.0764 3284   BFE - ok
11:30:17.0873 3284   BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
11:30:17.0967 3284   BITS - ok
11:30:18.0060 3284   blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:30:18.0107 3284   blbdrive - ok
11:30:18.0201 3284   Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
11:30:18.0263 3284   Bonjour Service - ok
11:30:18.0372 3284   bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
11:30:18.0466 3284   bowser - ok
11:30:18.0513 3284   BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:30:18.0559 3284   BrFiltLo - ok
11:30:18.0653 3284   BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:30:18.0700 3284   BrFiltUp - ok
11:30:18.0762 3284   Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
11:30:18.0856 3284   Browser - ok
11:30:18.0965 3284   Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:30:19.0043 3284   Brserid - ok
11:30:19.0137 3284   BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:30:19.0183 3284   BrSerWdm - ok
11:30:19.0246 3284   BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:30:19.0308 3284   BrUsbMdm - ok
11:30:19.0402 3284   BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:30:19.0449 3284   BrUsbSer - ok
11:30:19.0464 3284   BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:30:19.0527 3284   BTHMODEM - ok
11:30:19.0636 3284   bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
11:30:19.0698 3284   bthserv - ok
11:30:19.0792 3284   cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:30:19.0871 3284   cdfs - ok
11:30:19.0980 3284   cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
11:30:20.0027 3284   cdrom - ok
11:30:20.0136 3284   CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:30:20.0276 3284   CertPropSvc - ok
11:30:20.0448 3284   cfwids (e02c9cdb15f13de4eb2ff67660e62317) C:\Windows\system32\drivers\cfwids.sys
11:30:20.0510 3284   cfwids - ok
11:30:20.0635 3284   circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:30:20.0682 3284   circlass - ok
11:30:20.0807 3284   CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:30:20.0838 3284   CLFS - ok
11:30:20.0932 3284   clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:30:20.0963 3284   clr_optimization_v2.0.50727_32 - ok
11:30:20.0994 3284   clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:30:21.0025 3284   clr_optimization_v2.0.50727_64 - ok
11:30:21.0166 3284   clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:30:21.0181 3284   clr_optimization_v4.0.30319_32 - ok
11:30:21.0306 3284   clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:30:21.0322 3284   clr_optimization_v4.0.30319_64 - ok
11:30:21.0400 3284   CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:30:21.0431 3284   CmBatt - ok
11:30:21.0493 3284   cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
11:30:21.0524 3284   cmdide - ok
11:30:21.0634 3284   CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
11:30:21.0696 3284   CNG - ok
11:30:21.0821 3284   Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:30:21.0852 3284   Compbatt - ok
11:30:21.0961 3284   CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
11:30:22.0008 3284   CompositeBus - ok
11:30:22.0070 3284   COMSysApp - ok
11:30:22.0117 3284   crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:30:22.0148 3284   crcdisk - ok
11:30:22.0258 3284   CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
11:30:22.0336 3284   CryptSvc - ok
11:30:22.0445 3284   CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
11:30:22.0538 3284   CtClsFlt - ok
11:30:22.0648 3284   DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:30:22.0710 3284   DcomLaunch - ok
11:30:22.0819 3284   defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
11:30:22.0897 3284   defragsvc - ok
11:30:22.0944 3284   DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
11:30:23.0038 3284   DfsC - ok
11:30:23.0131 3284   Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
11:30:23.0225 3284   Dhcp - ok
11:30:23.0334 3284   discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:30:23.0396 3284   discache - ok
11:30:23.0521 3284   Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:30:23.0552 3284   Disk - ok
11:30:23.0630 3284   dlbt_device - ok
11:30:23.0724 3284   Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
11:30:23.0849 3284   Dnscache - ok
11:30:23.0958 3284   DockLoginService (0840abbbdf438691ee65a20040635cbe) C:\Program Files\Dell\DellDock\DockLogin.exe
11:30:24.0036 3284   DockLoginService ( UnsignedFile.Multi.Generic ) - warning
11:30:24.0036 3284   DockLoginService - detected UnsignedFile.Multi.Generic (1)
11:30:24.0114 3284   dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
11:30:24.0208 3284   dot3svc - ok
11:30:24.0488 3284   DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
11:30:24.0598 3284   DPS - ok
11:30:24.0691 3284   drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:30:24.0738 3284   drmkaud - ok
11:30:24.0878 3284   DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
11:30:24.0941 3284   DXGKrnl - ok
11:30:24.0988 3284   EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
11:30:25.0050 3284   EapHost - ok
11:30:25.0206 3284   ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:30:25.0362 3284   ebdrv - ok
11:30:25.0658 3284   EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
11:30:25.0830 3284   EFS - ok
11:30:25.0924 3284   ehRecvr (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
11:30:26.0033 3284   ehRecvr - ok
11:30:26.0095 3284   ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
11:30:26.0142 3284   ehSched - ok
11:30:26.0251 3284   elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:30:26.0298 3284   elxstor - ok
11:30:26.0329 3284   ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
11:30:26.0407 3284   ErrDev - ok
11:30:26.0501 3284   EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
11:30:26.0579 3284   EventSystem - ok
11:30:26.0626 3284   exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:30:26.0719 3284   exfat - ok
11:30:26.0797 3284   fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:30:26.0875 3284   fastfat - ok
11:30:26.0969 3284   Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
11:30:27.0047 3284   Fax - ok
11:30:27.0125 3284   fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:30:27.0172 3284   fdc - ok
11:30:27.0281 3284   fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
11:30:27.0359 3284   fdPHost - ok
11:30:27.0374 3284   FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
11:30:27.0421 3284   FDResPub - ok
11:30:27.0452 3284   FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:30:27.0468 3284   FileInfo - ok
11:30:27.0499 3284   Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:30:27.0530 3284   Filetrace - ok
11:30:27.0562 3284   flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:30:27.0577 3284   flpydisk - ok
11:30:27.0593 3284   FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
11:30:27.0624 3284   FltMgr - ok
11:30:27.0686 3284   FontCache (8ac4cb4ea61e41009fae9ae7b2b5da3a) C:\Windows\system32\FntCache.dll
11:30:27.0780 3284   FontCache - ok
11:30:27.0889 3284   FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:30:27.0920 3284   FontCache3.0.0.0 - ok
11:30:27.0967 3284   FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:30:27.0998 3284   FsDepends - ok
11:30:28.0061 3284   Fs_Rec (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
11:30:28.0108 3284   Fs_Rec - ok
11:30:28.0232 3284   fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:30:28.0264 3284   fvevol - ok
11:30:28.0310 3284   gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:30:28.0342 3284   gagp30kx - ok
11:30:28.0451 3284   GameConsoleService (c1bbce4b30b45410178ee674c818d10c) C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
11:30:28.0513 3284   GameConsoleService - ok
11:30:28.0622 3284   GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:30:28.0685 3284   GEARAspiWDM - ok
11:30:28.0763 3284   GoToAssist (d3316f6e3c011435f36e3d6e49b3196c) C:\Program Files (x86)\Citrix\GoToAssist\514\g2aservice.exe
11:30:28.0810 3284   GoToAssist - ok
11:30:28.0919 3284   gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
11:30:28.0981 3284   gpsvc - ok
11:30:29.0106 3284   gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:30:29.0137 3284   gupdate - ok
11:30:29.0168 3284   gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:30:29.0200 3284   gupdatem - ok
11:30:29.0231 3284   gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:30:29.0293 3284   gusvc - ok
11:30:29.0371 3284   hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:30:29.0434 3284   hcw85cir - ok
11:30:29.0527 3284   HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:30:29.0590 3284   HDAudBus - ok
11:30:29.0714 3284   HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
11:30:29.0777 3284   HECIx64 - ok
11:30:29.0808 3284   HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:30:29.0855 3284   HidBatt - ok
11:30:29.0870 3284   HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:30:29.0917 3284   HidBth - ok
11:30:29.0933 3284   HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:30:29.0995 3284   HidIr - ok
11:30:30.0042 3284   hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
11:30:30.0120 3284   hidserv - ok
11:30:30.0260 3284   HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
11:30:30.0338 3284   HidUsb - ok
11:30:30.0448 3284   hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
11:30:30.0541 3284   hkmsvc - ok
11:30:30.0588 3284   HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
11:30:30.0650 3284   HomeGroupListener - ok
11:30:30.0760 3284   HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
11:30:30.0806 3284   HomeGroupProvider - ok
11:30:31.0134 3284   HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
11:30:31.0165 3284   HpSAMD - ok
11:30:31.0290 3284   HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
11:30:31.0352 3284   HTTP - ok
11:30:31.0462 3284   hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
11:30:31.0493 3284   hwpolicy - ok
11:30:31.0602 3284   i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
11:30:31.0649 3284   i8042prt - ok
11:30:31.0789 3284   iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
11:30:31.0852 3284   iaStorV - ok
11:30:31.0961 3284   idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:30:32.0023 3284   idsvc - ok
11:30:32.0320 3284   igfx (09ce164afa8483e41808784d7fca154e) C:\Windows\system32\DRIVERS\igdkmd64.sys
11:30:32.0757 3284   igfx - ok
11:30:32.0866 3284   iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:30:32.0897 3284   iirsp - ok
11:30:32.0975 3284   IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
11:30:33.0100 3284   IKEEXT - ok
11:30:33.0178 3284   Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\DRIVERS\Impcd.sys
11:30:33.0303 3284   Impcd - ok
11:30:33.0443 3284   IntcAzAudAddService (697c927e0de2abaf1a5f455033f687cd) C:\Windows\system32\drivers\RTKVHD64.sys
11:30:33.0537 3284   IntcAzAudAddService - ok
11:30:33.0646 3284   IntcDAud (58cf58dee26c909bd6f977b61d246295) C:\Windows\system32\DRIVERS\IntcDAud.sys
11:30:33.0739 3284   IntcDAud - ok
11:30:33.0817 3284   intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
11:30:33.0849 3284   intelide - ok
11:30:33.0895 3284   intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:30:33.0942 3284   intelppm - ok
11:30:34.0036 3284   IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
11:30:34.0129 3284   IPBusEnum - ok
11:30:34.0223 3284   IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:30:34.0332 3284   IpFilterDriver - ok
11:30:34.0379 3284   iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
11:30:34.0457 3284   iphlpsvc - ok
11:30:34.0504 3284   IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
11:30:34.0535 3284   IPMIDRV - ok
11:30:34.0566 3284   IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:30:34.0629 3284   IPNAT - ok
11:30:34.0769 3284   iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe
11:30:34.0800 3284   iPod Service - ok
11:30:34.0878 3284   IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:30:34.0909 3284   IRENUM - ok
11:30:35.0003 3284   isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
11:30:35.0034 3284   isapnp - ok
11:30:35.0050 3284   iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
11:30:35.0065 3284   iScsiPrt - ok
11:30:35.0097 3284   kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:30:35.0112 3284   kbdclass - ok
11:30:35.0143 3284   kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
11:30:35.0175 3284   kbdhid - ok
11:30:35.0268 3284   KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:30:35.0299 3284   KeyIso - ok
11:30:35.0346 3284   KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
11:30:35.0409 3284   KSecDD - ok
11:30:35.0424 3284   KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
11:30:35.0487 3284   KSecPkg - ok
11:30:35.0533 3284   ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:30:35.0627 3284   ksthunk - ok
11:30:35.0674 3284   KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
11:30:35.0767 3284   KtmRm - ok
11:30:35.0877 3284   LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
11:30:35.0986 3284   LanmanServer - ok
11:30:36.0064 3284   LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
11:30:36.0157 3284   LanmanWorkstation - ok
11:30:36.0501 3284   lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:30:36.0579 3284   lltdio - ok
11:30:36.0703 3284   lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
11:30:36.0813 3284   lltdsvc - ok
11:30:36.0906 3284   lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
11:30:36.0969 3284   lmhosts - ok
11:30:37.0062 3284   LMS (7485fbcef9136f530953575e2977859d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:30:37.0156 3284   LMS - ok
11:30:37.0296 3284   LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:30:37.0327 3284   LSI_FC - ok
11:30:37.0405 3284   LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:30:37.0437 3284   LSI_SAS - ok
11:30:37.0515 3284   LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:30:37.0546 3284   LSI_SAS2 - ok
11:30:37.0671 3284   LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:30:37.0702 3284   LSI_SCSI - ok
11:30:37.0842 3284   luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:30:37.0920 3284   luafv - ok
11:30:38.0045 3284   McAfee SiteAdvisor Service (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:30:38.0076 3284   McAfee SiteAdvisor Service - ok
11:30:38.0092 3284   McMPFSvc (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:30:38.0123 3284   McMPFSvc - ok
11:30:38.0123 3284   mcmscsvc (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:30:38.0139 3284   mcmscsvc - ok
11:30:38.0154 3284   McNaiAnn (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:30:38.0170 3284   McNaiAnn - ok
11:30:38.0185 3284   McNASvc (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:30:38.0201 3284   McNASvc - ok
11:30:38.0248 3284   McODS (3809b77eb1734cd5fb317425f188abc1) C:\Program Files\McAfee\VirusScan\mcods.exe
11:30:38.0295 3284   McODS - ok
11:30:38.0357 3284   McProxy (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:30:38.0388 3284   McProxy - ok
11:30:38.0451 3284   McShield (461eabb62f1827b965f508092160eddc) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
11:30:38.0513 3284   McShield - ok
11:30:38.0607 3284   Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
11:30:38.0653 3284   Mcx2Svc - ok
11:30:38.0685 3284   megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:30:38.0716 3284   megasas - ok
11:30:38.0809 3284   MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:30:38.0841 3284   MegaSR - ok
11:30:38.0887 3284   mfeapfk (c1556ca9695fcd6bbd23d75d402fd43d) C:\Windows\system32\drivers\mfeapfk.sys
11:30:38.0903 3284   mfeapfk - ok
11:30:39.0012 3284   mfeavfk (8857ee8b49f3338fc1fad476bfcca146) C:\Windows\system32\drivers\mfeavfk.sys
11:30:39.0075 3284   mfeavfk - ok
11:30:39.0153 3284   mfeavfk01 - ok
11:30:39.0262 3284   mfefire (dd92e94e265864306377f091b100d0d0) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
11:30:39.0324 3284   mfefire - ok
11:30:39.0418 3284   mfefirek (19c44295f6bf085c83352d48397f7870) C:\Windows\system32\drivers\mfefirek.sys
11:30:39.0496 3284   mfefirek - ok
11:30:39.0605 3284   mfehidk (5f915e20ab56121c41c6bf9a91a83bda) C:\Windows\system32\drivers\mfehidk.sys
11:30:39.0683 3284   mfehidk - ok
11:30:39.0979 3284   mfenlfk (23ae332e32ff615ca5e5224c8d91af11) C:\Windows\system32\DRIVERS\mfenlfk.sys
11:30:40.0026 3284   mfenlfk - ok
11:30:40.0151 3284   mferkdet (9c7a9273e345f8d653394b5c542bf86a) C:\Windows\system32\drivers\mferkdet.sys
11:30:40.0213 3284   mferkdet - ok
11:30:40.0260 3284   mfevtp (aecd0c9abdfdc61be31163b624c4170f) C:\Windows\system32\mfevtps.exe
11:30:40.0323 3284   mfevtp - ok
11:30:40.0432 3284   mfewfpk (3140b2c56d7119ba314f68fc785683f0) C:\Windows\system32\drivers\mfewfpk.sys
11:30:40.0494 3284   mfewfpk - ok

Vista-parkinlot · « **Reply #5 on:** April 15, 2012, 10:46:57 AM »

11:30:40.0572 3284   Microsoft SharePoint Workspace Audit Service - ok
11:30:40.0666 3284   MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:30:40.0744 3284   MMCSS - ok
11:30:40.0853 3284   Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:30:40.0947 3284   Modem - ok
11:30:41.0056 3284   monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:30:41.0103 3284   monitor - ok
11:30:41.0212 3284   mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:30:41.0243 3284   mouclass - ok
11:30:41.0259 3284   mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:30:41.0290 3284   mouhid - ok
11:30:41.0305 3284   mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
11:30:41.0321 3284   mountmgr - ok
11:30:41.0337 3284   mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
11:30:41.0368 3284   mpio - ok
11:30:41.0399 3284   mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:30:41.0461 3284   mpsdrv - ok
11:30:41.0586 3284   MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
11:30:41.0711 3284   MpsSvc - ok
11:30:41.0742 3284   MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
11:30:41.0805 3284   MRxDAV - ok
11:30:41.0836 3284   mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:30:41.0929 3284   mrxsmb - ok
11:30:41.0976 3284   mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:30:42.0039 3284   mrxsmb10 - ok
11:30:42.0085 3284   mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:30:42.0163 3284   mrxsmb20 - ok
11:30:42.0210 3284   msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys
11:30:42.0273 3284   msahci - ok
11:30:42.0304 3284   msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
11:30:42.0335 3284   msdsm - ok
11:30:42.0366 3284   MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
11:30:42.0397 3284   MSDTC - ok
11:30:42.0460 3284   Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:30:42.0522 3284   Msfs - ok
11:30:42.0585 3284   mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:30:42.0631 3284   mshidkmdf - ok
11:30:42.0741 3284   msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
11:30:42.0772 3284   msisadrv - ok
11:30:42.0897 3284   MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
11:30:42.0959 3284   MSiSCSI - ok
11:30:42.0975 3284   msiserver - ok
11:30:43.0084 3284   MSK80Service (458a013df72eaab91877fa03533e2c8b) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
11:30:43.0115 3284   MSK80Service - ok
11:30:43.0224 3284   MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:30:43.0318 3284   MSKSSRV - ok
11:30:43.0443 3284   MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:30:43.0505 3284   MSPCLOCK - ok
11:30:43.0645 3284   MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:30:43.0739 3284   MSPQM - ok
11:30:43.0848 3284   MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
11:30:43.0895 3284   MsRPC - ok
11:30:43.0942 3284   mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
11:30:43.0973 3284   mssmbios - ok
11:30:44.0051 3284   MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:30:44.0129 3284   MSTEE - ok
11:30:44.0223 3284   MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:30:44.0269 3284   MTConfig - ok
11:30:44.0363 3284   Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:30:44.0394 3284   Mup - ok
11:30:44.0457 3284   napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
11:30:44.0535 3284   napagent - ok
11:30:44.0613 3284   NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:30:44.0691 3284   NativeWifiP - ok
11:30:44.0815 3284   NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
11:30:44.0847 3284   NDIS - ok
11:30:44.0909 3284   NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:30:44.0971 3284   NdisCap - ok
11:30:45.0127 3284   NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:30:45.0190 3284   NdisTapi - ok
11:30:45.0315 3284   Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
11:30:45.0393 3284   Ndisuio - ok
11:30:45.0486 3284   NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:30:45.0549 3284   NdisWan - ok
11:30:45.0595 3284   NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
11:30:45.0673 3284   NDProxy - ok
11:30:45.0783 3284   NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:30:45.0845 3284   NetBIOS - ok
11:30:45.0970 3284   NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
11:30:46.0048 3284   NetBT - ok
11:30:46.0110 3284   Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:30:46.0141 3284   Netlogon - ok
11:30:46.0188 3284   Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
11:30:46.0266 3284   Netman - ok
11:30:46.0297 3284   netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
11:30:46.0360 3284   netprofm - ok
11:30:46.0422 3284   NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
11:30:46.0438 3284   NetTcpPortSharing - ok
11:30:46.0563 3284   nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:30:46.0594 3284   nfrd960 - ok
11:30:46.0859 3284   NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
11:30:46.0937 3284   NlaSvc - ok
11:30:47.0046 3284   Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:30:47.0124 3284   Npfs - ok
11:30:47.0233 3284   nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
11:30:47.0311 3284   nsi - ok
11:30:47.0421 3284   nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:30:47.0467 3284   nsiproxy - ok
11:30:47.0592 3284   Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
11:30:47.0717 3284   Ntfs - ok
11:30:47.0826 3284   Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:30:47.0889 3284   Null - ok
11:30:48.0013 3284   nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
11:30:48.0076 3284   nvraid - ok
11:30:48.0201 3284   nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
11:30:48.0247 3284   nvstor - ok
11:30:48.0403 3284   nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
11:30:48.0435 3284   nv_agp - ok
11:30:48.0497 3284   ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
11:30:48.0528 3284   ohci1394 - ok
11:30:48.0591 3284   ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:30:48.0622 3284   ose - ok
11:30:48.0793 3284   osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
11:30:48.0981 3284   osppsvc - ok
11:30:49.0090 3284   p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:30:49.0152 3284   p2pimsvc - ok
11:30:49.0261 3284   p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
11:30:49.0293 3284   p2psvc - ok
11:30:49.0386 3284   Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:30:49.0417 3284   Parport - ok
11:30:49.0464 3284   partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
11:30:49.0495 3284   partmgr - ok
11:30:49.0573 3284   PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
11:30:49.0636 3284   PcaSvc - ok
11:30:49.0761 3284   pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
11:30:49.0792 3284   pci - ok
11:30:49.0932 3284   pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
11:30:49.0963 3284   pciide - ok
11:30:50.0026 3284   pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:30:50.0057 3284   pcmcia - ok
11:30:50.0244 3284   pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:30:50.0275 3284   pcw - ok
11:30:50.0338 3284   PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:30:50.0431 3284   PEAUTH - ok
11:30:50.0525 3284   PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
11:30:50.0572 3284   PerfHost - ok
11:30:50.0697 3284   pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
11:30:50.0821 3284   pla - ok
11:30:50.0946 3284   PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
11:30:51.0024 3284   PlugPlay - ok
11:30:51.0087 3284   PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
11:30:51.0133 3284   PNRPAutoReg - ok
11:30:51.0196 3284   PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
11:30:51.0227 3284   PNRPsvc - ok
11:30:51.0274 3284   PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
11:30:51.0367 3284   PolicyAgent - ok
11:30:51.0399 3284   Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
11:30:51.0477 3284   Power - ok
11:30:51.0523 3284   PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
11:30:51.0570 3284   PptpMiniport - ok
11:30:51.0601 3284   Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:30:51.0648 3284   Processor - ok
11:30:51.0679 3284   ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
11:30:51.0789 3284   ProfSvc - ok
11:30:51.0820 3284   ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:30:51.0851 3284   ProtectedStorage - ok
11:30:51.0898 3284   Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
11:30:51.0960 3284   Psched - ok
11:30:52.0241 3284   PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
11:30:52.0319 3284   PxHlpa64 - ok
11:30:52.0444 3284   ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:30:52.0522 3284   ql2300 - ok
11:30:52.0631 3284   ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:30:52.0662 3284   ql40xx - ok
11:30:52.0787 3284   QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
11:30:52.0834 3284   QWAVE - ok
11:30:52.0912 3284   QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:30:52.0959 3284   QWAVEdrv - ok
11:30:53.0068 3284   RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:30:53.0130 3284   RasAcd - ok
11:30:53.0255 3284   RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:30:53.0317 3284   RasAgileVpn - ok
11:30:53.0380 3284   RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
11:30:53.0458 3284   RasAuto - ok
11:30:53.0583 3284   Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:30:53.0645 3284   Rasl2tp - ok
11:30:53.0723 3284   RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
11:30:53.0832 3284   RasMan - ok
11:30:53.0957 3284   RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:30:54.0035 3284   RasPppoe - ok
11:30:54.0144 3284   RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:30:54.0222 3284   RasSstp - ok
11:30:54.0347 3284   rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
11:30:54.0409 3284   rdbss - ok
11:30:54.0456 3284   rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:30:54.0503 3284   rdpbus - ok
11:30:54.0612 3284   RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:30:54.0659 3284   RDPCDD - ok
11:30:54.0721 3284   RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:30:54.0784 3284   RDPENCDD - ok
11:30:54.0846 3284   RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:30:54.0909 3284   RDPREFMP - ok
11:30:54.0971 3284   RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
11:30:55.0049 3284   RDPWD - ok
11:30:55.0143 3284   rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
11:30:55.0174 3284   rdyboost - ok
11:30:55.0236 3284   RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
11:30:55.0314 3284   RemoteAccess - ok
11:30:55.0361 3284   RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
11:30:55.0439 3284   RemoteRegistry - ok
11:30:55.0548 3284   RoxioNow Service (f7e69a05751b24360bf2a17e9ef001b1) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
11:30:55.0626 3284   RoxioNow Service - ok
11:30:55.0735 3284   RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
11:30:55.0829 3284   RpcEptMapper - ok
11:30:55.0938 3284   RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
11:30:56.0001 3284   RpcLocator - ok
11:30:56.0110 3284   RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
11:30:56.0172 3284   RpcSs - ok
11:30:56.0281 3284   rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:30:56.0359 3284   rspndr - ok
11:30:56.0484 3284   RSUSBSTOR (502b316947ea887cddd325d4745eb7d0) C:\Windows\system32\Drivers\RtsUStor.sys
11:30:56.0578 3284   RSUSBSTOR - ok
11:30:56.0718 3284   RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:30:56.0843 3284   RTL8167 - ok
11:30:56.0952 3284   SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:30:56.0983 3284   SamSs - ok
11:30:57.0061 3284   sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
11:30:57.0093 3284   sbp2port - ok
11:30:57.0171 3284   SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
11:30:57.0249 3284   SCardSvr - ok
11:30:57.0514 3284   scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
11:30:57.0576 3284   scfilter - ok
11:30:57.0717 3284   Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
11:30:57.0841 3284   Schedule - ok
11:30:57.0951 3284   SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
11:30:57.0997 3284   SCPolicySvc - ok
11:30:58.0075 3284   SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
11:30:58.0122 3284   SDRSVC - ok
11:30:58.0185 3284   secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:30:58.0263 3284   secdrv - ok
11:30:58.0325 3284   seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
11:30:58.0419 3284   seclogon - ok
11:30:58.0512 3284   SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
11:30:58.0590 3284   SENS - ok
11:30:58.0699 3284   SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
11:30:58.0746 3284   SensrSvc - ok
11:30:58.0887 3284   Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:30:58.0918 3284   Serenum - ok
11:30:59.0043 3284   Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:30:59.0089 3284   Serial - ok
11:30:59.0214 3284   sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:30:59.0245 3284   sermouse - ok
11:30:59.0355 3284   SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
11:30:59.0433 3284   SessionEnv - ok
11:30:59.0495 3284   sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
11:30:59.0557 3284   sffdisk - ok
11:30:59.0667 3284   sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
11:30:59.0698 3284   sffp_mmc - ok
11:30:59.0807 3284   sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:30:59.0885 3284   sffp_sd - ok
11:30:59.0947 3284   sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:30:59.0979 3284   sfloppy - ok
11:31:00.0119 3284   SftService (74ec60e20516aaa573be74f31175270f) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
11:31:00.0228 3284   SftService - ok
11:31:00.0462 3284   SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
11:31:00.0603 3284   SharedAccess - ok
11:31:00.0743 3284   ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
11:31:00.0821 3284   ShellHWDetection - ok
11:31:00.0961 3284   SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:31:00.0993 3284   SiSRaid2 - ok
11:31:01.0102 3284   SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:31:01.0133 3284   SiSRaid4 - ok
11:31:01.0289 3284   Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:31:01.0351 3284   Smb - ok
11:31:01.0492 3284   SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
11:31:01.0523 3284   SNMPTRAP - ok
11:31:01.0663 3284   spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:31:01.0695 3284   spldr - ok
11:31:01.0882 3284   Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
11:31:01.0991 3284   Spooler - ok
11:31:02.0178 3284   sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
11:31:02.0256 3284   sppsvc - ok
11:31:02.0365 3284   sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
11:31:02.0443 3284   sppuinotify - ok
11:31:02.0615 3284   srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
11:31:02.0740 3284   srv - ok
11:31:02.0896 3284   srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
11:31:02.0974 3284   srv2 - ok

Vista-parkinlot · « **Reply #6 on:** April 15, 2012, 10:50:09 AM »

11:31:03.0130 3284   srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
11:31:03.0192 3284   srvnet - ok
11:31:03.0317 3284   SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
11:31:03.0395 3284   SSDPSRV - ok
11:31:03.0489 3284   SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
11:31:03.0551 3284   SstpSvc - ok
11:31:03.0613 3284   stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:31:03.0645 3284   stexstor - ok
11:31:03.0769 3284   stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
11:31:03.0863 3284   stisvc - ok
11:31:03.0972 3284   swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
11:31:04.0003 3284   swenum - ok
11:31:04.0097 3284   swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
11:31:04.0191 3284   swprv - ok
11:31:04.0331 3284   SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
11:31:04.0378 3284   SysMain - ok
11:31:04.0425 3284   TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
11:31:04.0487 3284   TabletInputService - ok
11:31:04.0612 3284   TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
11:31:04.0690 3284   TapiSrv - ok
11:31:04.0799 3284   TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
11:31:04.0861 3284   TBS - ok
11:31:04.0971 3284   Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
11:31:05.0049 3284   Tcpip - ok
11:31:05.0111 3284   TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
11:31:05.0142 3284   TCPIP6 - ok
11:31:05.0189 3284   tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
11:31:05.0220 3284   tcpipreg - ok
11:31:05.0251 3284   TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:31:05.0314 3284   TDPIPE - ok
11:31:05.0439 3284   TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
11:31:05.0501 3284   TDTCP - ok
11:31:05.0579 3284   tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
11:31:05.0673 3284   tdx - ok
11:31:05.0797 3284   TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
11:31:05.0829 3284   TermDD - ok
11:31:05.0969 3284   TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
11:31:06.0063 3284   TermService - ok
11:31:06.0172 3284   Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
11:31:06.0219 3284   Themes - ok
11:31:06.0265 3284   THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
11:31:06.0328 3284   THREADORDER - ok
11:31:06.0390 3284   TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
11:31:06.0453 3284   TrkWks - ok
11:31:06.0546 3284   TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
11:31:06.0577 3284   TrustedInstaller - ok
11:31:06.0655 3284   tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:31:06.0765 3284   tssecsrv - ok
11:31:06.0905 3284   tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
11:31:06.0999 3284   tunnel - ok
11:31:07.0155 3284   TurboB (825e7a1f48fb8bcfba27c178aab4e275) C:\Windows\system32\DRIVERS\TurboB.sys
11:31:07.0233 3284   TurboB - ok
11:31:07.0295 3284   TurboBoost (b206be1174d5964d49a56bb6c4e0524a) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
11:31:07.0357 3284   TurboBoost - ok
11:31:07.0498 3284   uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:31:07.0529 3284   uagp35 - ok
11:31:07.0794 3284   udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys
11:31:07.0950 3284   udfs - ok
11:31:08.0106 3284   UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
11:31:08.0137 3284   UI0Detect - ok
11:31:08.0309 3284   uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
11:31:08.0340 3284   uliagpkx - ok
11:31:08.0512 3284   umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
11:31:08.0543 3284   umbus - ok
11:31:08.0699 3284   UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:31:08.0746 3284   UmPass - ok
11:31:08.0933 3284   UNS (765f2dd351ba064f657751d8d75e58c0) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
11:31:08.0995 3284   UNS - ok
11:31:09.0120 3284   upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
11:31:09.0183 3284   upnphost - ok
11:31:09.0323 3284   USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys
11:31:09.0385 3284   USBAAPL64 - ok
11:31:09.0541 3284   usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
11:31:09.0635 3284   usbccgp - ok
11:31:09.0807 3284   usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
11:31:09.0853 3284   usbcir - ok
11:31:10.0041 3284   usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
11:31:10.0134 3284   usbehci - ok
11:31:10.0337 3284   usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
11:31:10.0399 3284   usbhub - ok
11:31:10.0571 3284   usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
11:31:10.0680 3284   usbohci - ok
11:31:10.0945 3284   usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:31:10.0992 3284   usbprint - ok
11:31:11.0164 3284   usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:31:11.0211 3284   usbscan - ok
11:31:11.0335 3284   USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:31:11.0429 3284   USBSTOR - ok
11:31:11.0569 3284   usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
11:31:11.0647 3284   usbuhci - ok
11:31:11.0788 3284   usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
11:31:11.0866 3284   usbvideo - ok
11:31:11.0991 3284   UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
11:31:12.0053 3284   UxSms - ok
11:31:12.0178 3284   VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
11:31:12.0209 3284   VaultSvc - ok
11:31:12.0349 3284   vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
11:31:12.0381 3284   vdrvroot - ok
11:31:12.0505 3284   vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
11:31:12.0552 3284   vds - ok
11:31:12.0677 3284   vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:31:12.0708 3284   vga - ok
11:31:12.0849 3284   VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:31:12.0927 3284   VgaSave - ok
11:31:13.0145 3284   vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
11:31:13.0192 3284   vhdmp - ok
11:31:13.0317 3284   viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
11:31:13.0348 3284   viaide - ok
11:31:13.0473 3284   volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
11:31:13.0504 3284   volmgr - ok
11:31:13.0597 3284   volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
11:31:13.0629 3284   volmgrx - ok
11:31:13.0691 3284   volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
11:31:13.0738 3284   volsnap - ok
11:31:13.0863 3284   vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:31:13.0894 3284   vsmraid - ok
11:31:14.0003 3284   VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
11:31:14.0112 3284   VSS - ok
11:31:14.0268 3284   vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
11:31:14.0346 3284   vToolbarUpdater10.2.0 - ok
11:31:14.0440 3284   vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
11:31:14.0471 3284   vwifibus - ok
11:31:14.0502 3284   vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
11:31:14.0518 3284   vwififlt - ok
11:31:14.0549 3284   W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
11:31:14.0611 3284   W32Time - ok
11:31:14.0658 3284   WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:31:14.0689 3284   WacomPen - ok
11:31:14.0814 3284   WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:31:14.0877 3284   WANARP - ok
11:31:14.0892 3284   Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
11:31:14.0923 3284   Wanarpv6 - ok
11:31:15.0079 3284   WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
11:31:15.0204 3284   WatAdminSvc - ok
11:31:15.0267 3284   wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
11:31:15.0391 3284   wbengine - ok
11:31:15.0485 3284   WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
11:31:15.0532 3284   WbioSrvc - ok
11:31:15.0579 3284   wcncsvc (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
11:31:15.0657 3284   wcncsvc - ok
11:31:15.0688 3284   WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
11:31:15.0750 3284   WcsPlugInService - ok
11:31:15.0906 3284   Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:31:15.0937 3284   Wd - ok
11:31:15.0969 3284   Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:31:16.0000 3284   Wdf01000 - ok
11:31:16.0031 3284   WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:31:16.0078 3284   WdiServiceHost - ok
11:31:16.0093 3284   WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
11:31:16.0109 3284   WdiSystemHost - ok
11:31:16.0156 3284   WebClient (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
11:31:16.0234 3284   WebClient - ok
11:31:16.0281 3284   Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
11:31:16.0374 3284   Wecsvc - ok
11:31:16.0405 3284   wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
11:31:16.0499 3284   wercplsupport - ok
11:31:16.0515 3284   WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
11:31:16.0561 3284   WerSvc - ok
11:31:16.0624 3284   WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:31:16.0686 3284   WfpLwf - ok
11:31:16.0811 3284   WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
11:31:16.0873 3284   WimFltr - ok
11:31:16.0905 3284   WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:31:16.0936 3284   WIMMount - ok
11:31:16.0951 3284   WinDefend - ok
11:31:16.0951 3284   WinHttpAutoProxySvc - ok
11:31:17.0076 3284   Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
11:31:17.0139 3284   Winmgmt - ok
11:31:17.0232 3284   WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
11:31:17.0388 3284   WinRM - ok
11:31:17.0513 3284   WinUsb (4d52c872018af7e18d078978dcc3f6f2) C:\Windows\system32\DRIVERS\WinUsb.sys
11:31:17.0591 3284   WinUsb - ok
11:31:17.0638 3284   Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
11:31:17.0763 3284   Wlansvc - ok
11:31:17.0856 3284   wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
11:31:17.0919 3284   wlcrasvc - ok
11:31:18.0012 3284   wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:31:18.0137 3284   wlidsvc - ok
11:31:18.0293 3284   wltrysvc (13b0a570e1ae451c92da550085d72cf3) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
11:31:18.0340 3284   wltrysvc ( UnsignedFile.Multi.Generic ) - warning
11:31:18.0340 3284   wltrysvc - detected UnsignedFile.Multi.Generic (1)
11:31:18.0511 3284   WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
11:31:18.0543 3284   WmiAcpi - ok
11:31:18.0605 3284   wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
11:31:18.0652 3284   wmiApSrv - ok
11:31:18.0683 3284   WMPNetworkSvc - ok
11:31:18.0761 3284   WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
11:31:18.0823 3284   WPCSvc - ok
11:31:18.0917 3284   WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
11:31:18.0979 3284   WPDBusEnum - ok
11:31:19.0026 3284   ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:31:19.0104 3284   ws2ifsl - ok
11:31:19.0151 3284   wscsvc (8f9f3969933c02da96eb0f84576db43e) C:\Windows\system32\wscsvc.dll
11:31:19.0213 3284   wscsvc - ok
11:31:19.0276 3284   WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys
11:31:19.0323 3284   WSDPrintDevice - ok
11:31:19.0385 3284   WSearch - ok
11:31:19.0494 3284   wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
11:31:19.0572 3284   wuauserv - ok
11:31:19.0666 3284   WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys
11:31:19.0806 3284   WudfPf - ok
11:31:19.0915 3284   WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:31:19.0993 3284   WUDFRd - ok
11:31:20.0025 3284   wudfsvc (27b9bee5aac00139e3a3af5d6227a0dc) C:\Windows\System32\WUDFSvc.dll
11:31:20.0071 3284   wudfsvc - ok
11:31:20.0103 3284   WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
11:31:20.0165 3284   WwanSvc - ok
11:31:20.0274 3284   YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
11:31:20.0352 3284   YahooAUService - ok
11:31:20.0383 3284   MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
11:31:20.0617 3284   \Device\Harddisk0\DR0 - ok
11:31:20.0617 3284   Boot (0x1200) (1502bc53ceb0327ff419bf635d449195) \Device\Harddisk0\DR0\Partition0
11:31:20.0617 3284   \Device\Harddisk0\DR0\Partition0 - ok
11:31:20.0649 3284   Boot (0x1200) (c1740bac022275dc192dbcbf79e59d7c) \Device\Harddisk0\DR0\Partition1
11:31:20.0649 3284   \Device\Harddisk0\DR0\Partition1 - ok
11:31:20.0649 3284   ============================================================
11:31:20.0649 3284   Scan finished
11:31:20.0649 3284   ============================================================
11:31:20.0664 2744   Detected object count: 2
11:31:20.0664 2744   Actual detected object count: 2
11:31:38.0885 2744   DockLoginService ( UnsignedFile.Multi.Generic ) - skipped by user
11:31:38.0885 2744   DockLoginService ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:31:38.0885 2744   wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
11:31:38.0885 2744   wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:34:14.0497 2720   Deinitialize success

Hoov · « **Reply #7 on:** April 15, 2012, 01:35:26 PM »

Posting in multiple responses is sometimes needed.

* Anyone other than the originator of this thread, you would be best advised to not run combofix without guidance from someone trained in its use. It is a very powerful tool that can cause damage to your computer if used wrong.

Run comboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Also make sure you close all your browsers just before the instructions tell you to start the scanner.

Please include the C:\ComboFix.txt in your next reply for further review.

Note:
Do not mouseclick combofix''s window while it''s running. That may cause it to stall

Vista-parkinlot · « **Reply #8 on:** April 15, 2012, 03:56:11 PM »

ComboFix 12-04-15.02 - Carrie 15/04/2012 16:29:53.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.2.1033.18.3893.2721 [GMT -5:00]
Running from: c:\users\Carrie\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
FW: McAfee Firewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Brett\AppData\Local\Microsoft\Windows\Temporary Internet Files\{EE3C685D-1E5C-4A27-8019-2032598DAC31}.xps
c:\users\Parkin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{052D2333-A838-4FE6-943E-6D437E88720A}.xps
c:\users\Parkin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{1453D29C-C297-4044-A125-8DE114B3C0B9}.xps
c:\users\Parkin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{DEBA8AF7-B555-4DBB-B464-FEF5D7FF60BB}.xps
c:\users\Parkin\AppData\Local\Microsoft\Windows\Temporary Internet Files\{E94B9723-EB00-4367-B8CF-FCCF25AE6097}.xps
.
.
((((((((((((((((((((((((( Files Created from 2012-03-15 to 2012-04-15 )))))))))))))))))))))))))))))))
.
.
2012-04-15 21:37 . 2012-04-15 21:37   --------   d-----w-   c:\users\Public\AppData\Local\temp
2012-04-15 21:37 . 2012-04-15 21:37   --------   d-----w-   c:\users\Default\AppData\Local\temp
2012-04-15 21:37 . 2012-04-15 21:37   --------   d-----w-   c:\users\Brett\AppData\Local\temp
2012-04-15 21:37 . 2012-04-15 21:37   --------   d-----w-   c:\users\Parkin\AppData\Local\temp
2012-04-15 21:37 . 2012-04-15 21:37   --------   d-----w-   c:\users\Courtney\AppData\Local\temp
2012-04-14 04:52 . 2012-04-14 04:52   8766112   ----a-w-   c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-13 08:06 . 2012-03-06 06:51   5473136   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-04-13 08:06 . 2012-03-06 05:59   3971440   ----a-w-   c:\windows\SysWow64\ntkrnlpa.exe
2012-04-13 08:06 . 2012-03-06 05:59   3915632   ----a-w-   c:\windows\SysWow64\ntoskrnl.exe
2012-04-13 08:02 . 2012-03-01 06:54   22896   ----a-w-   c:\windows\system32\drivers\fs_rec.sys
2012-04-13 08:02 . 2012-03-01 06:40   80896   ----a-w-   c:\windows\system32\imagehlp.dll
2012-04-13 08:02 . 2012-03-01 05:49   172544   ----a-w-   c:\windows\SysWow64\wintrust.dll
2012-04-13 08:02 . 2012-03-01 05:45   158720   ----a-w-   c:\windows\SysWow64\imagehlp.dll
2012-04-13 08:02 . 2012-03-01 06:45   220672   ----a-w-   c:\windows\system32\wintrust.dll
2012-04-13 08:02 . 2012-03-01 06:35   5120   ----a-w-   c:\windows\system32\wmi.dll
2012-04-13 08:02 . 2012-03-01 05:40   5120   ----a-w-   c:\windows\SysWow64\wmi.dll
2012-04-11 02:50 . 2009-07-14 01:41   258048   ----a-w-   c:\windows\system32\Spool\prtprocs\x64\hpfppw73.dll
2012-04-10 19:46 . 2012-04-10 19:46   --------   d-----w-   c:\users\Carrie\AppData\Roaming\Participatory Culture Foundation
2012-04-09 23:10 . 2012-04-09 23:10   --------   d-----w-   c:\program files\iPod
2012-04-09 23:10 . 2012-04-09 23:10   --------   d-----w-   c:\program files\iTunes
2012-04-09 23:03 . 2012-04-09 23:03   159744   ----a-w-   c:\program files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
2012-04-09 23:03 . 2012-04-09 23:03   159744   ----a-w-   c:\program files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
2012-04-09 23:03 . 2012-04-09 23:03   159744   ----a-w-   c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2012-04-09 23:03 . 2012-04-09 23:03   159744   ----a-w-   c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2012-04-09 23:03 . 2012-04-09 23:03   159744   ----a-w-   c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2012-04-09 23:03 . 2012-04-09 23:03   159744   ----a-w-   c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2012-04-09 23:03 . 2012-04-09 23:03   159744   ----a-w-   c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2012-04-09 23:03 . 2012-04-09 23:03   --------   d-----w-   c:\program files (x86)\QuickTime
2012-03-30 23:04 . 2012-04-14 04:53   418464   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-14 04:53 . 2011-05-12 22:56   70304   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-15 16:01 . 2012-02-15 16:01   52736   ----a-w-   c:\windows\system32\drivers\usbaapl64.sys
2012-02-15 16:01 . 2012-02-15 16:01   4547944   ----a-w-   c:\windows\system32\usbaaplrc.dll
2012-02-15 06:27 . 2012-03-14 21:05   1031680   ----a-w-   c:\windows\system32\rdpcore.dll
2012-02-15 05:44 . 2012-03-14 21:05   826368   ----a-w-   c:\windows\SysWow64\rdpcore.dll
2012-02-15 04:47 . 2012-03-14 21:05   204800   ----a-w-   c:\windows\system32\drivers\rdpwd.sys
2012-02-15 04:46 . 2012-03-14 21:05   23552   ----a-w-   c:\windows\system32\drivers\tdtcp.sys
2012-02-14 17:09 . 2012-02-14 17:09   1070352   ----a-w-   c:\windows\SysWow64\MSCOMCTL.OCX
2012-02-10 06:18 . 2012-03-14 21:06   1541120   ----a-w-   c:\windows\system32\DWrite.dll
2012-02-10 06:17 . 2012-03-14 21:06   1837568   ----a-w-   c:\windows\system32\d3d10warp.dll
2012-02-10 06:17 . 2012-03-14 21:06   902656   ----a-w-   c:\windows\system32\d2d1.dll
2012-02-10 06:17 . 2012-03-14 21:06   320512   ----a-w-   c:\windows\system32\d3d10_1core.dll
2012-02-10 06:17 . 2012-03-14 21:06   197120   ----a-w-   c:\windows\system32\d3d10_1.dll
2012-02-10 05:41 . 2012-03-14 21:06   1074176   ----a-w-   c:\windows\SysWow64\DWrite.dll
2012-02-10 05:41 . 2012-03-14 21:06   218624   ----a-w-   c:\windows\SysWow64\d3d10_1core.dll
2012-02-10 05:41 . 2012-03-14 21:06   161792   ----a-w-   c:\windows\SysWow64\d3d10_1.dll
2012-02-10 05:41 . 2012-03-14 21:06   1170944   ----a-w-   c:\windows\SysWow64\d3d10warp.dll
2012-02-10 05:41 . 2012-03-14 21:06   739840   ----a-w-   c:\windows\SysWow64\d2d1.dll
2012-02-03 04:16 . 2012-03-14 21:06   3143168   ----a-w-   c:\windows\system32\win32k.sys
2012-01-25 06:27 . 2012-03-14 21:05   76288   ----a-w-   c:\windows\system32\rdpwsx.dll
2012-01-25 06:27 . 2012-03-14 21:05   149504   ----a-w-   c:\windows\system32\rdpcorekmts.dll
2012-01-25 06:20 . 2012-03-14 21:05   9216   ----a-w-   c:\windows\system32\rdrmemptylst.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-03-29 20:25   1869152   ----a-w-   c:\program files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-03 22:31   1514152   ----a-w-   c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll" [2012-03-29 1869152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-04-23 39408]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-02-23 59240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-06-24 409744]
"PDVDDXSrv"="c:\program files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-12-29 140520]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-01-17 1484856]
"ContentTransferWMDetector.exe"="c:\program files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-19 583016]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-01-03 1391272]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe" [2009-12-16 498160]
"RoxioNowMediaManagerApp"="c:\program files (x86)\Roxio\RoxioNow Player\RNowShell.exe" [2011-08-05 3288560]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-03-29 982880]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-27 421736]
.
c:\users\Courtney\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]
.
c:\users\Parkin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]
.
c:\users\Carrie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2010-5-28 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages   REG_MULTI_SZ     kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-23 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-14 253088]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-23 136176]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys

R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe [2009-11-02 126352]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe

R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys

S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys

S1 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [2010-03-10 355440]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2010-10-14 245352]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe

S2 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2011-08-05 400368]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys

S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2320920]
S2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe [2012-03-29 918880]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys

S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys

S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys

.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeavfk01
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 04:53]
.
2012-04-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-23 00:06]
.
2012-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-23 00:06]
.
2012-04-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-235349717-1925416339-2435016315-1003Core.job
- c:\users\Brett\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-03 23:24]
.
2012-04-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-235349717-1925416339-2435016315-1003UA.job
- c:\users\Brett\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-03 23:24]
.
2012-04-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-235349717-1925416339-2435016315-1004Core.job
- c:\users\Courtney\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-27 09:16]
.
2012-04-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-235349717-1925416339-2435016315-1004UA.job
- c:\users\Courtney\AppData\Local\Google\Update\GoogleUpdate.exe [2011-06-27 09:16]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-06-04 392048]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-03 10038304]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-07 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-07 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-07 413720]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
"dlbtmon.exe"="c:\program files (x86)\Dell Photo AIO Printer 922\dlbtmon.exe" [2007-02-28 431600]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.ca/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
Trusted Zone: cinemanow.com
Trusted Zone: cineplex.com
Trusted Zone: roxio.com
Trusted Zone: roxionow.com
Trusted Zone: sonic.com
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-PokerStars - c:\program files (x86)\PokerStars\PokerStarsUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_3c5db2f.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_233_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_233.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Roxio\RoxioNow Player\CNRpc.exe
.
**************************************************************************
.
Completion time: 2012-04-15 16:52:47 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-15 21:52
.
Pre-Run: 399,388,073,984 bytes free
Post-Run: 401,882,763,264 bytes free
.
- - End Of File - - 98177C1BE333DB76E8387805769A9D8D

Hoov · « **Reply #9 on:** April 15, 2012, 05:27:25 PM »

How is your computer running now?

Vista-parkinlot · « **Reply #10 on:** April 15, 2012, 06:29:42 PM »

I haven't used it....I was waiting to see if there were any new steps to do. With whatever the trojan/virus was, should I be worried that my info could be comprimised? Not sure what the trojan/virus was doing.

Thanks

Hoov · « **Reply #11 on:** April 15, 2012, 06:50:47 PM »

Just don't log in to any financial sites, or any site that they could get your personal information from. Just reboot a couple times to check the startup time, and browse around general sites and see how your connection works. Let me know.

Vista-parkinlot · « **Reply #12 on:** April 15, 2012, 08:01:34 PM »

Hi,,

So far seems fine.

Vista-parkinlot · « **Reply #13 on:** April 15, 2012, 08:11:08 PM »

Answered too quick, I went to restart and McAfee poped up with Artemis!dd4ba2d1b33e virus

Hoov · « **Reply #14 on:** April 15, 2012, 08:17:33 PM »

Can you give me the log from McAfee, or at least the location of the file?

News:

Author Topic: [Resolved] Slow startup and connection and Trojan found during scan (Read 1726 times)

Vista-parkinlot

[Resolved] Slow startup and connection and Trojan found during scan

Hoov

Re: [In Progress] Slow startup and connection and Trojan found during scan

Vista-parkinlot

Re: [In Progress] Slow startup and connection and Trojan found during scan

Hoov

Re: [In Progress] Slow startup and connection and Trojan found during scan

Vista-parkinlot

Re: [In Progress] Slow startup and connection and Trojan found during scan

Vista-parkinlot

Re: [In Progress] Slow startup and connection and Trojan found during scan

Vista-parkinlot

Re: [In Progress] Slow startup and connection and Trojan found during scan

Hoov

Re: [In Progress] Slow startup and connection and Trojan found during scan

Vista-parkinlot

Re: [In Progress] Slow startup and connection and Trojan found during scan

Hoov

Re: [In Progress] Slow startup and connection and Trojan found during scan

Vista-parkinlot

Re: [In Progress] Slow startup and connection and Trojan found during scan

Hoov

Re: [In Progress] Slow startup and connection and Trojan found during scan

Vista-parkinlot

Re: [In Progress] Slow startup and connection and Trojan found during scan

Vista-parkinlot

Re: [In Progress] Slow startup and connection and Trojan found during scan

Hoov

Re: [In Progress] Slow startup and connection and Trojan found during scan