Author Topic: [Resolved-B]Cannot Enable Real Time Anti-virus (Read 1572 times)

sean · « **on:** May 19, 2012, 10:41:03 AM »

Hi!

I cannot enable the real time anti-virus. Machine also runs extremely slow. The following are the dds logs:
Thanks in advance!

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by steve brophy at 12:24:47 on 2012-05-19
.
============== Running Processes ===============
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\mfevtps.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\steve brophy\Desktop\dds.com
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120425200238.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ISMModule2] "c:\program files\ism\ISMModule2.exe"
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [IntelWireless] c:\program files\intel\wireless\bin\ifrmewrk.exe /tf Intel PROSet/Wireless
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [SSBkgdUpdate] "c:\program files\common files\scansoft shared\ssbkgdupdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] c:\program files\scansoft\paperport\pptd40nt.exe
mRun: [IndexSearch] c:\program files\scansoft\paperport\IndexSearch.exe
mRun: [SetDefPrt] c:\program files\brother\brmfl04a\BrStDvPt.exe
mRun: [ControlCenter2.0] c:\program files\brother\controlcenter2\brctrcen.exe /autorun
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: musicmatch.com\online
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.1 71.243.0.12
TCP: Interfaces\{8B6DCE1D-1612-4A6A-B1C3-FE4F246D9648} : DhcpNameServer = 192.168.1.1 71.243.0.12
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
Notify: IntelWireless - c:\program files\intel\wireless\bin\LgNotify.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
============= SERVICES / DRIVERS ===============
.
R? AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service
R? mfebopk;McAfee Inc. mfebopk
R? mfendisk;McAfee Core NDIS Intermediate Filter
R? mferkdet;McAfee Inc. mferkdet
R? mferkdk;McAfee Inc. mferkdk
R? mfesmfk;McAfee Inc. mfesmfk
S? cfwids;McAfee Inc. cfwids
S? IHA_MessageCenter;IHA_MessageCenter
S? McAfee SiteAdvisor Service;McAfee SiteAdvisor Service
S? McMPFSvc;McAfee Personal Firewall Service
S? McNaiAnn;McAfee VirusScan Announcer
S? McProxy;McAfee Proxy Service
S? McShield;McAfee McShield
S? mfeavfk;McAfee Inc. mfeavfk
S? mfefire;McAfee Firewall Core Service
S? mfefirek;McAfee Inc. mfefirek
S? mfehidk;McAfee Inc. mfehidk
S? mfendiskmp;mfendiskmp
S? mfetdi2k;McAfee Inc. mfetdi2k
S? mfevtp;McAfee Validation Trust Protection Service
.
=============== Created Last 30 ================
.
2012-05-16 23:46:13   70304   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-16 23:46:13   419488   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
.
==================== Find3M ====================
.
2012-04-22 19:05:06   56   --sh--r-   c:\windows\system32\555A3632F5.sys
2012-04-22 19:05:06   5538   --sha-w-   c:\windows\system32\KGyGaAvL.sys
2012-04-11 13:12:06   1862272   ----a-w-   c:\windows\system32\win32k.sys
2012-04-11 13:10:58   2192640   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-04-11 12:35:52   2069120   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2012-03-20 17:11:32   151880   ----a-w-   c:\windows\system32\mfevtps.exe
2012-03-01 11:01:32   916992   ----a-w-   c:\windows\system32\wininet.dll
2012-03-01 11:01:32   43520   ----a-w-   c:\windows\system32\licmgr10.dll
2012-03-01 11:01:32   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2012-02-29 14:10:16   177664   ----a-w-   c:\windows\system32\wintrust.dll
2012-02-29 14:10:16   148480   ----a-w-   c:\windows\system32\imagehlp.dll
2012-02-29 12:17:40   385024   ----a-w-   c:\windows\system32\html.iec
2012-02-22 17:29:46   9608   ----a-w-   c:\windows\system32\drivers\mfeclnk.sys
2012-02-22 17:29:46   89792   ----a-w-   c:\windows\system32\drivers\mfetdi2k.sys
2012-02-22 17:29:46   87656   ----a-w-   c:\windows\system32\drivers\mferkdet.sys
2012-02-22 17:29:46   83856   ----a-w-   c:\windows\system32\drivers\mfendisk.sys
2012-02-22 17:29:46   59456   ----a-w-   c:\windows\system32\drivers\mfebopk.sys
2012-02-22 17:29:46   57600   ----a-w-   c:\windows\system32\drivers\cfwids.sys
2012-02-22 17:29:46   464304   ----a-w-   c:\windows\system32\drivers\mfehidk.sys
2012-02-22 17:29:46   340920   ----a-w-   c:\windows\system32\drivers\mfefirek.sys
2012-02-22 17:29:46   180848   ----a-w-   c:\windows\system32\drivers\mfeavfk.sys
2012-02-22 17:29:46   121544   ----a-w-   c:\windows\system32\drivers\mfeapfk.sys
.
============= FINISH: 12:26:49.07 ===============

.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Reader 9.5.1
AOLIcon
Broadcom Management Programs
Brother MFL-Pro Suite
CCleaner
Conexant HDA D110 MDC V.92 Modem
Critical Update for Windows Media Player 11 (KB959772)
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Game Console
Dell Support Center (Support Software)
Dell System Restore
DellSupport
Digital Content Portal
Digital Line Detect
Documentation & Support Launcher
EducateU
ELIcon
Games, Music, & Photos Launcher
Get High Speed Internet!
High Definition Audio Driver Package - KB835221
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
IHA_MessageCenter
Intel(R) Graphics Media Accelerator Driver for Mobile
Intel(R) PROSet/Wireless Software
Java Auto Updater
Java(TM) 6 Update 21
Learn2 Player (Uninstall Only)
Malwarebytes' Anti-Malware
McAfee SecurityCenter
McAfee Virtual Technician
mCore
MCU
mDrWiFi
mHlpDell
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
mIWA
mIWCA
mLogView
mMHouse
Modem Helper
mPfMgr
mPfWiz
mProSafe
MSN
mSSO
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
mToolkit
Musicmatch for Windows Media Player
Musicmatch® Jukebox
mWlsSafe
mXML
mZConfig
NetWaiting
NetZeroInstallers
OLYMPUS Digital Camera Updater
OLYMPUS Viewer 2
PaperPort
PowerDVD 5.5
QuickSet
QuickTime
RealPlayer Basic
Search Assist
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Sonic DLA
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Synaptics Pointing Device Driver
ToolkitCMA
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Virtual Earth 3D (Beta)
VisualTour Studio
VT Remote Support
Vz In Home Agent
WebCyberCoach 3.2 Dell
WebFldrs XP
WildTangent Web Driver
Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows XP Service Pack 3
WordPerfect Office 12
.
==== End Of File ===========================

Bear · « **Reply #1 on:** May 19, 2012, 01:22:57 PM »

Hello and welcome to SpywareHammer.

I go by Bear, and I will be helping you with your problem. I understand that having malware on your system is disruptive, annoying and can even be frightening. I also understand the urgency of getting your computer functioning again. Working as a team, you and I will be able to confront this problem and hopefully bring it to a successful conclusion. But you need to do a few things to help me understand your situation.

First, tell me everything and anything that you have already tried to fix this problem.

Second, tell me the symptoms that of infection that you are seeing in your computer and when you first notice them. If the symptoms were progressive, let me know that.

Third, please only use one forum to help resolve your problem. Posting on more than one forum or trying other things in between our procedures will confuse and lengthen the process and may even make a positive solution impossible.

Fourth, please follow my instructions exactly. If you cannot follow them or don't understand something, let me know immediately and do NOTHING until you hear from me. If for any reason you have deviated from my instructions, PLEASE let me know at once.

Fifth, Understand that malware gets into your computer system very easily but can be very, very difficult to remove. It could take a while and we may have to try several processes to fix the problem. So please "keep the faith". I will do all I can to get your computer operating properly, and if I can't fix it we have many very bright individuals here who will help us.

Sixth, do not send anything to me as an attachment unless I specifically ask for it. Please copy and paste all of your responses to me by replying to my post on this forum. If the response is too long (the forum has size limits), please send it in portions, sequentially.

Seventh let me know of any software you have running that encrypts your hard drive, such as Windows BitLocker or any others.

Eighth If your PC is set to automatically update, DISABLE, this function and do not update until we have disinfected your PC.

And lastly, before we do anything else, please back up you data, if possible on an external media such as DVD's, CD's, memory sticks or external hard drives.

I will analyze your data and post instructions back to you.

Bear · « **Reply #2 on:** May 19, 2012, 01:55:09 PM »

Hi Sean

Yes there seem to have some suspicious files on your PC, so let's start with ComboFix.

Please read carefully and follow these steps:

1. Download Combofix from any of the links below, and save it to your desktop. For information regarding this download, please visit this webpage: Combofix use

Link 1
Link 2
Link 3

**Note: It is important that it is saved directly to your desktop**

Close all open browsers.

2. Disable all of your Anti-Virus, Anti-Spyware programs. If you need help to disable them go to Disable Anti Malware, be sure to re-enable them before posting your reply.

3. Double click combofix.exe. For XP, if ComboFix offers to install a Recovery Console, you must permit it to do so. It is very dangerous to permit ComboFix to run unless the Recovery Console is installed.

When finished, it will produce a report for you at C:\ComboFix.txt.

Please always check to be sure Word Wrap is NOT turned on in any Notepad files you post. This is done by opening the Notepad file and clicking on Format to be sure Word Wrap is not checked.

Note: This site has size limits on posts. Please be sure to check that all the data you entered was posted. If not, use multiple posts.

Now please post the following to me as a reply to this post:
ComboFix.txt
Let me know how your computer and browser are operating
If you have any questions or problems, let me know that as well

sean · « **Reply #3 on:** May 20, 2012, 01:33:16 PM »

Hi Bear,
Thanks for your help.
I ran combofix, per your instructions, and I encountered a blue screen error stating:

A problem has been detected and windows has been shut down
Plug and play detected an error most likely caused by a faulty driver…

I restarted the computer and noticed an alert stating:

Windows – corrupt file
The file or directory C:\system volume information\_restore {202550A8-7A33-4BCA-9586051D24DDBF8F}\rp1546 is corrupt and unreadable. Please run the chkdsk utility

I tried running combofix again. This time it ran all the way through, and here is the resulting log:

ComboFix 12-05-20.06 - steve brophy 05/20/2012 14:26:24.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.503.145 [GMT -4:00]
Running from: c:\documents and settings\steve brophy\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Disabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
.
.
((((((((((((((((((((((((( Files Created from 2012-04-20 to 2012-05-20 )))))))))))))))))))))))))))))))
.
.
2012-05-16 23:46 . 2012-05-16 23:46   70304   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-16 23:46 . 2012-05-16 23:46   419488   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-11 13:12 . 2004-08-10 17:51   1862272   ----a-w-   c:\windows\system32\win32k.sys
2012-04-11 13:10 . 2004-08-10 17:51   2192640   ----a-w-   c:\windows\system32\ntoskrnl.exe
2012-04-11 12:35 . 2004-08-04 03:59   2069120   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2012-03-20 17:11 . 2011-01-21 01:02   151880   ----a-w-   c:\windows\system32\mfevtps.exe
2012-03-01 11:01 . 2004-08-10 17:51   916992   ----a-w-   c:\windows\system32\wininet.dll
2012-03-01 11:01 . 2004-08-10 17:51   43520   ----a-w-   c:\windows\system32\licmgr10.dll
2012-03-01 11:01 . 2004-08-10 17:51   1469440   ------w-   c:\windows\system32\inetcpl.cpl
2012-02-29 14:10 . 2004-08-10 17:51   177664   ----a-w-   c:\windows\system32\wintrust.dll
2012-02-29 14:10 . 2004-08-10 17:51   148480   ----a-w-   c:\windows\system32\imagehlp.dll
2012-02-29 12:17 . 2004-08-10 17:51   385024   ----a-w-   c:\windows\system32\html.iec
2012-02-22 17:29 . 2011-01-21 01:03   9608   ----a-w-   c:\windows\system32\drivers\mfeclnk.sys
2012-02-22 17:29 . 2011-01-21 01:02   89792   ----a-w-   c:\windows\system32\drivers\mfetdi2k.sys
2012-02-22 17:29 . 2011-01-21 01:02   83856   ----a-w-   c:\windows\system32\drivers\mfendisk.sys
2012-02-22 17:29 . 2011-01-21 01:02   87656   ----a-w-   c:\windows\system32\drivers\mferkdet.sys
2012-02-22 17:29 . 2011-01-21 01:02   57600   ----a-w-   c:\windows\system32\drivers\cfwids.sys
2012-02-22 17:29 . 2011-01-21 01:02   464304   ----a-w-   c:\windows\system32\drivers\mfehidk.sys
2012-02-22 17:29 . 2011-01-21 01:02   340920   ----a-w-   c:\windows\system32\drivers\mfefirek.sys
2012-02-22 17:29 . 2011-01-21 01:02   180848   ----a-w-   c:\windows\system32\drivers\mfeavfk.sys
2012-02-22 17:29 . 2011-01-21 01:02   121544   ----a-w-   c:\windows\system32\drivers\mfeapfk.sys
2012-02-22 17:29 . 2008-11-29 00:15   59456   ----a-w-   c:\windows\system32\drivers\mfebopk.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-15 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-10-15 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-15 114688]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-08 761947]
"IntelWireless"="c:\program files\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-30 385024]
"SigmatelSysTrayApp"="stsystra.exe" [2006-03-25 282624]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2004-12-06 127035]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-04-14 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-04-14 40960]
"SetDefPrt"="c:\program files\Brother\Brmfl04a\BrStDvPt.exe" [2004-05-25 49152]
"ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2004-07-20 851968]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-22 1318816]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2006-07-18 98304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Status Monitor.lnk - c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [2006-7-27 819200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless]
2004-09-07 21:08   110592   ----a-w-   c:\program files\Intel\Wireless\Bin\LgNotify.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ     \0
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41   37296   ----a-w-   c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 15:09   460784   ----a-w-   c:\program files\DellSupport\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupportCenter]
2009-05-21 14:55   206064   ----a-w-   c:\program files\Dell Support Center\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2007-11-15 14:24   16384   ----a-w-   c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2005-02-23 21:19   53248   ------w-   c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-06-10 15:44   249856   ----a-w-   c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-06-10 15:44   81920   ----a-w-   c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemOnHold]
2003-09-10 07:24   20480   ------w-   c:\program files\NetWaiting\netwaiting.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12   1695232   ----a-w-   c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2006-07-18 00:57   98304   ----a-w-   c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2010-05-14 15:44   248552   ----a-w-   c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Common Files\\McAfee\\McSvcHost\\McSvHost.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"50000:UDP"= 50000:UDP:IHA_MessageCenter
.
R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [1/20/2011 9:02 PM 89792]
R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe [10/28/2011 7:20 PM 286736]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [9/20/2010 11:15 AM 203280]
R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [1/20/2011 9:02 PM 214904]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [1/20/2011 9:02 PM 57600]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [1/20/2011 9:02 PM 340920]
R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [1/20/2011 9:02 PM 83856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [5/16/2012 7:46 PM 257696]
S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [1/20/2011 9:02 PM 83856]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [1/20/2011 9:02 PM 87656]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - mfeavfk01
.
Contents of the 'Scheduled Tasks' folder
.
2012-05-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-16 23:46]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = <local>
uSearchURL,(Default) = hxxp://search.yahoo.com/search?fr=mcafee&p=%s
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: musicmatch.com\online
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-ToolkitCMA - c:\windows\system32\tkuninst.exe
AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-05-20 14:41
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(960)
c:\program files\Intel\Wireless\Bin\LgNotify.dll
.
- - - - - - - > 'explorer.exe'(1852)
c:\windows\system32\WININET.dll
c:\program files\McAfee\SiteAdvisor\saHook.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2012-05-20 14:46:20
ComboFix-quarantined-files.txt 2012-05-20 18:46
.
Pre-Run: 10,855,616,512 bytes free
Post-Run: 11,694,919,680 bytes free
.
- - End Of File - - B8A6BA00C93E8B39264A00BBD104931A

Bear · « **Reply #4 on:** May 20, 2012, 01:51:59 PM »

Hi Sean

Please read carefully and follow these steps:

1. Download TDSSKiller and save it to your Desktop.

2. Double click on TDSSKiller.exe to run the application. Now click Start Scan.

3. Click on Change parameters and place a checkmark next to Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

4. If an infected file is detected, the default action will be Cure, click on Continue. If a suspicious file is detected, the default action will be Skip, click on Continue.

Click on Reboot Now if you are asked to reboot the computer.

5. If reboot is NOT required, click on Report. Please copy that file. If a reboot IS required, the report can also be found in your root directory (usually C:\ folder). It's file name will take the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt]". Please copy that file.

6. Download OTL from any of the following links and save to your Desktop.
OTL1
OTL2
OTL3

Rename the program google.exe.

7. Disable all of your Anti-Virus, Anti-Spyware programs. If you need help to disable them go to Disable Anti Malware, be sure to re-enable them before posting your reply.

8. Double click on the google.exe icon to run it (Vista and Windows 7 users right click and select Run as Administrator). Make sure all other windows are closed and to let it run uninterrupted.

9. In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check". On the upper right be sure Use Company-Name WhiteList and Skip Microsoft Files are checked. Copy the code in the code box below and paste it into the Custom Scan box .

Code: [Select]

 netsvcs
drivers32
CREATERESTOREPOINT 
msconfig
%systemroot%\*. /rp /s

10. Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
As always please be sure Word Wrap is disabled in Notepad. Also be sure to check that the data you posted was not cut off by the sites posting size limits.

Please post the following as a reply to this post:
TDSSKiller log
OTL.txt
Extras.txt
Let me know how your computer and browser are operating
If you have any questions or problems, let me know that as well

sean · « **Reply #5 on:** May 21, 2012, 09:31:19 AM »

Hi Bear,

Here are the logs:

10:46:25.0984 2108   TDSS rootkit removing tool 2.7.35.0 May 16 2012 07:37:57
10:46:26.0171 2108   ============================================================
10:46:26.0171 2108   Current date / time: 2012/05/21 10:46:26.0171
10:46:26.0171 2108   SystemInfo:
10:46:26.0171 2108
10:46:26.0171 2108   OS Version: 5.1.2600 ServicePack: 3.0
10:46:26.0171 2108   Product type: Workstation
10:46:26.0171 2108   ComputerName: STEVE
10:46:26.0171 2108   UserName: steve brophy
10:46:26.0171 2108   Windows directory: C:\WINDOWS
10:46:26.0171 2108   System windows directory: C:\WINDOWS
10:46:26.0171 2108   Processor architecture: Intel x86
10:46:26.0171 2108   Number of processors: 1
10:46:26.0171 2108   Page size: 0x1000
10:46:26.0171 2108   Boot type: Normal boot
10:46:26.0171 2108   ============================================================
10:46:29.0531 2108   Drive \Device\Harddisk0\DR0 - Size: 0x950A60000 (37.26 Gb), SectorSize: 0x200, Cylinders: 0x1300, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:46:29.0531 2108   Drive \Device\Harddisk1\DR4 - Size: 0xEF300000 (3.74 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:46:29.0531 2108   ============================================================
10:46:29.0531 2108   \Device\Harddisk0\DR0:
10:46:29.0562 2108   MBR partitions:
10:46:29.0562 2108   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x4464570
10:46:29.0562 2108   \Device\Harddisk1\DR4:
10:46:29.0562 2108   MBR partitions:
10:46:29.0562 2108   \Device\Harddisk1\DR4\Partition0: MBR, Type 0xB, StartLBA 0x20, BlocksNum 0x7797E0
10:46:29.0562 2108   ============================================================
10:46:29.0640 2108   C: <-> \Device\Harddisk0\DR0\Partition0
10:46:29.0640 2108   ============================================================
10:46:29.0640 2108   Initialize success
10:46:29.0640 2108   ============================================================
10:48:08.0296 3184   ============================================================
10:48:08.0296 3184   Scan started
10:48:08.0296 3184   Mode: Manual; SigCheck; TDLFS;
10:48:08.0296 3184   ============================================================
10:48:09.0718 3184   Abiosdsk - ok
10:48:09.0750 3184   abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
10:48:14.0828 3184   abp480n5 - ok
10:48:14.0921 3184   ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:48:15.0109 3184   ACPI - ok
10:48:15.0187 3184   ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
10:48:15.0359 3184   ACPIEC - ok
10:48:15.0484 3184   AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:48:15.0531 3184   AdobeFlashPlayerUpdateSvc - ok
10:48:15.0562 3184   adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
10:48:15.0781 3184   adpu160m - ok
10:48:15.0812 3184   aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
10:48:16.0015 3184   aec - ok
10:48:16.0062 3184   AegisP (076394a345ee5e9e3911fc0f058f4f38) C:\WINDOWS\system32\DRIVERS\AegisP.sys
10:48:16.0078 3184   AegisP ( UnsignedFile.Multi.Generic ) - warning
10:48:16.0078 3184   AegisP - detected UnsignedFile.Multi.Generic (1)
10:48:16.0125 3184   AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
10:48:16.0421 3184   AFD - ok
10:48:16.0484 3184   agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
10:48:16.0890 3184   agp440 - ok
10:48:16.0921 3184   agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
10:48:17.0125 3184   agpCPQ - ok
10:48:17.0203 3184   Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
10:48:17.0281 3184   Aha154x - ok
10:48:17.0296 3184   aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
10:48:17.0484 3184   aic78u2 - ok
10:48:17.0515 3184   aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
10:48:17.0671 3184   aic78xx - ok
10:48:17.0703 3184   Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
10:48:17.0890 3184   Alerter - ok
10:48:17.0921 3184   ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
10:48:18.0093 3184   ALG - ok
10:48:18.0156 3184   AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
10:48:18.0359 3184   AliIde - ok
10:48:18.0406 3184   alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
10:48:18.0546 3184   alim1541 - ok
10:48:18.0593 3184   amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
10:48:18.0750 3184   amdagp - ok
10:48:18.0781 3184   amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
10:48:18.0890 3184   amsint - ok
10:48:18.0953 3184   APPDRV (ec94e05b76d033b74394e7b2175103cf) C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
10:48:18.0968 3184   APPDRV ( UnsignedFile.Multi.Generic ) - warning
10:48:18.0968 3184   APPDRV - detected UnsignedFile.Multi.Generic (1)
10:48:18.0984 3184   AppMgmt - ok
10:48:19.0031 3184   asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
10:48:19.0250 3184   asc - ok
10:48:19.0281 3184   asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
10:48:19.0390 3184   asc3350p - ok
10:48:19.0390 3184   asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
10:48:19.0625 3184   asc3550 - ok
10:48:19.0687 3184   ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
10:48:19.0765 3184   ASCTRM ( UnsignedFile.Multi.Generic ) - warning
10:48:19.0765 3184   ASCTRM - detected UnsignedFile.Multi.Generic (1)
10:48:19.0953 3184   aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:48:20.0031 3184   aspnet_state - ok
10:48:20.0093 3184   AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:48:20.0265 3184   AsyncMac - ok
10:48:20.0296 3184   atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
10:48:20.0578 3184   atapi - ok
10:48:20.0578 3184   Atdisk - ok
10:48:20.0640 3184   Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:48:20.0921 3184   Atmarpc - ok
10:48:21.0000 3184   AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
10:48:21.0281 3184   AudioSrv - ok
10:48:21.0359 3184   audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
10:48:21.0515 3184   audstub - ok
10:48:21.0531 3184   bcm4sbxp (c768c8a463d32c219ce291645a0621a4) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
10:48:21.0625 3184   bcm4sbxp - ok
10:48:21.0640 3184   Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
10:48:21.0796 3184   Beep - ok
10:48:21.0890 3184   BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
10:48:22.0218 3184   BITS - ok
10:48:22.0281 3184   brmfrmps (bb192385661daf7f3d48b586f6e1d166) C:\WINDOWS\system32\Brmfrmps.exe
10:48:22.0296 3184   brmfrmps ( UnsignedFile.Multi.Generic ) - warning
10:48:22.0296 3184   brmfrmps - detected UnsignedFile.Multi.Generic (1)
10:48:22.0328 3184   Brother XP spl Service (d3facb34fff5db91adb70987838f8ba7) C:\WINDOWS\system32\brsvc01a.exe
10:48:22.0437 3184   Brother XP spl Service - ok
10:48:22.0515 3184   Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
10:48:22.0781 3184   Browser - ok
10:48:22.0843 3184   BrScnUsb (6cf3aed19c2185c60de2ae50ee37a342) C:\WINDOWS\system32\Drivers\BrScnUsb.sys
10:48:22.0875 3184   BrScnUsb - ok
10:48:22.0890 3184   BrSerIf (26051d886f3333cb41857d6f52248de1) C:\WINDOWS\system32\Drivers\BrSerIf.sys
10:48:22.0921 3184   BrSerIf - ok
10:48:22.0937 3184   BrUsbSer (7ac85cdc03befd78908b3b6a73d201d0) C:\WINDOWS\system32\Drivers\BrUsbSer.sys
10:48:22.0953 3184   BrUsbSer - ok
10:48:23.0109 3184   catchme - ok
10:48:23.0156 3184   cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
10:48:23.0343 3184   cbidf - ok
10:48:23.0359 3184   cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
10:48:23.0562 3184   cbidf2k - ok
10:48:23.0609 3184   cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
10:48:23.0687 3184   cd20xrnt - ok
10:48:23.0718 3184   Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
10:48:23.0875 3184   Cdaudio - ok
10:48:23.0937 3184   Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
10:48:24.0078 3184   Cdfs - ok
10:48:24.0140 3184   Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:48:24.0312 3184   Cdrom - ok
10:48:24.0375 3184   cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\WINDOWS\system32\drivers\cfwids.sys
10:48:24.0437 3184   cfwids - ok
10:48:24.0437 3184   Changer - ok
10:48:24.0500 3184   CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
10:48:24.0687 3184   CiSvc - ok
10:48:24.0718 3184   ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
10:48:24.0906 3184   ClipSrv - ok
10:48:25.0109 3184   clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:48:25.0265 3184   clr_optimization_v2.0.50727_32 - ok
10:48:25.0312 3184   CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys
10:48:25.0484 3184   CmBatt - ok
10:48:25.0531 3184   CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
10:48:25.0828 3184   CmdIde - ok
10:48:25.0843 3184   Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
10:48:25.0984 3184   Compbatt - ok
10:48:26.0000 3184   COMSysApp - ok
10:48:26.0046 3184   Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
10:48:26.0218 3184   Cpqarray - ok
10:48:26.0281 3184   CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
10:48:26.0437 3184   CryptSvc - ok
10:48:26.0484 3184   dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
10:48:26.0640 3184   dac2w2k - ok
10:48:26.0656 3184   dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
10:48:26.0828 3184   dac960nt - ok
10:48:26.0906 3184   DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
10:48:27.0078 3184   DcomLaunch - ok
10:48:27.0156 3184   Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
10:48:27.0312 3184   Dhcp - ok
10:48:27.0328 3184   Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
10:48:27.0593 3184   Disk - ok
10:48:27.0609 3184   dmadmin - ok
10:48:27.0703 3184   dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
10:48:27.0890 3184   dmboot - ok
10:48:27.0953 3184   dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
10:48:28.0078 3184   dmio - ok
10:48:28.0187 3184   dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
10:48:28.0375 3184   dmload - ok
10:48:28.0406 3184   dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
10:48:28.0562 3184   dmserver - ok
10:48:28.0640 3184   DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
10:48:28.0796 3184   DMusic - ok
10:48:28.0812 3184   Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
10:48:28.0953 3184   Dnscache - ok
10:48:29.0031 3184   Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
10:48:29.0218 3184   Dot3svc - ok
10:48:29.0250 3184   dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
10:48:29.0500 3184   dpti2o - ok
10:48:29.0531 3184   drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
10:48:29.0703 3184   drmkaud - ok
10:48:29.0781 3184   drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
10:48:29.0781 3184   drvmcdb ( UnsignedFile.Multi.Generic ) - warning
10:48:29.0781 3184   drvmcdb - detected UnsignedFile.Multi.Generic (1)
10:48:29.0812 3184   drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
10:48:29.0828 3184   drvnddm ( UnsignedFile.Multi.Generic ) - warning
10:48:29.0828 3184   drvnddm - detected UnsignedFile.Multi.Generic (1)
10:48:29.0984 3184   DSBrokerService (fe80901578e7e3da70299a5aeb2b7fbd) C:\Program Files\DellSupport\brkrsvc.exe
10:48:30.0000 3184   DSBrokerService - ok
10:48:30.0125 3184   DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
10:48:30.0171 3184   DSproct ( UnsignedFile.Multi.Generic ) - warning
10:48:30.0171 3184   DSproct - detected UnsignedFile.Multi.Generic (1)
10:48:30.0218 3184   dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
10:48:30.0250 3184   dsunidrv - ok
10:48:30.0328 3184   E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
10:48:30.0656 3184   E100B - ok
10:48:30.0734 3184   EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
10:48:30.0890 3184   EapHost - ok
10:48:30.0937 3184   ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
10:48:31.0078 3184   ERSvc - ok
10:48:31.0140 3184   Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
10:48:31.0187 3184   Eventlog - ok
10:48:31.0281 3184   EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
10:48:31.0328 3184   EventSystem - ok
10:48:31.0406 3184   EvtEng (d335183519e6814dfab4ed3dd806a943) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
10:48:31.0437 3184   EvtEng ( UnsignedFile.Multi.Generic ) - warning
10:48:31.0437 3184   EvtEng - detected UnsignedFile.Multi.Generic (1)
10:48:31.0609 3184   Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
10:48:31.0828 3184   Fastfat - ok
10:48:31.0875 3184   FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
10:48:31.0984 3184   FastUserSwitchingCompatibility - ok
10:48:32.0062 3184   Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
10:48:32.0312 3184   Fax - ok
10:48:32.0343 3184   Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
10:48:32.0625 3184   Fdc - ok
10:48:32.0671 3184   Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
10:48:32.0796 3184   Fips - ok
10:48:32.0843 3184   Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:48:33.0000 3184   Flpydisk - ok
10:48:33.0062 3184   FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
10:48:33.0203 3184   FltMgr - ok
10:48:33.0328 3184   FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:48:33.0359 3184   FontCache3.0.0.0 - ok
10:48:33.0406 3184   Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:48:33.0546 3184   Fs_Rec - ok
10:48:33.0562 3184   Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:48:33.0734 3184   Ftdisk - ok
10:48:33.0781 3184   Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:48:33.0953 3184   Gpc - ok
10:48:34.0000 3184   HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:48:34.0171 3184   HDAudBus - ok
10:48:34.0296 3184   helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:48:34.0484 3184   helpsvc - ok
10:48:34.0546 3184   HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
10:48:34.0750 3184   HidServ - ok
10:48:34.0765 3184   HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:48:34.0953 3184   HidUsb - ok
10:48:35.0000 3184   hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
10:48:35.0140 3184   hkmsvc - ok
10:48:35.0203 3184   hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
10:48:35.0343 3184   hpn - ok
10:48:35.0406 3184   HSFHWAZL (1c8caa80e91fb71864e9426f9eed048d) C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
10:48:35.0453 3184   HSFHWAZL - ok
10:48:35.0531 3184   HSF_DPV (698204d9c2832e53633e53a30a53fc3d) C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
10:48:35.0671 3184   HSF_DPV - ok
10:48:35.0750 3184   HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
10:48:35.0843 3184   HTTP - ok
10:48:35.0890 3184   HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
10:48:36.0171 3184   HTTPFilter - ok
10:48:36.0234 3184   i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
10:48:36.0390 3184   i2omgmt - ok
10:48:36.0437 3184   i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
10:48:36.0593 3184   i2omp - ok
10:48:36.0625 3184   i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:48:36.0781 3184   i8042prt - ok
10:48:36.0937 3184   ialm (5a8e05f1d5c36abd58cffa111eb325ea) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
10:48:37.0203 3184   ialm - ok
10:48:37.0453 3184   idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:48:37.0656 3184   idsvc - ok
10:48:38.0671 3184   IHA_MessageCenter (7f82358baf1e5b940664e601037d0b0c) C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
10:48:38.0718 3184   IHA_MessageCenter - ok
10:48:39.0250 3184   Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
10:48:39.0390 3184   Imapi - ok
10:48:39.0453 3184   ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
10:48:39.0609 3184   ImapiService - ok
10:48:39.0625 3184   ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
10:48:39.0843 3184   ini910u - ok
10:48:39.0875 3184   IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
10:48:40.0062 3184   IntelIde - ok
10:48:40.0125 3184   intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:48:40.0281 3184   intelppm - ok
10:48:40.0296 3184   Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
10:48:40.0468 3184   Ip6Fw - ok
10:48:40.0484 3184   IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:48:40.0625 3184   IpFilterDriver - ok
10:48:40.0656 3184   IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:48:40.0781 3184   IpInIp - ok
10:48:40.0812 3184   IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:48:40.0953 3184   IpNat - ok
10:48:40.0984 3184   IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:48:41.0125 3184   IPSec - ok
10:48:41.0171 3184   IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
10:48:41.0328 3184   IRENUM - ok
10:48:41.0390 3184   isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:48:41.0531 3184   isapnp - ok
10:48:41.0609 3184   IWCA (872d090ca5c306f62d1982bce6302376) C:\WINDOWS\system32\DRIVERS\iwca.sys
10:48:41.0671 3184   IWCA - ok
10:48:41.0812 3184   JavaQuickStarterService (126a16f569122ae00ad3d12ef831d651) C:\Program Files\Java\jre6\bin\jqs.exe
10:48:41.0828 3184   JavaQuickStarterService - ok
10:48:41.0843 3184   Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:48:41.0984 3184   Kbdclass - ok
10:48:42.0031 3184   kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
10:48:42.0265 3184   kmixer - ok
10:48:42.0328 3184   KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
10:48:42.0484 3184   KSecDD - ok
10:48:42.0562 3184   lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
10:48:42.0609 3184   lanmanserver - ok
10:48:42.0687 3184   lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
10:48:42.0781 3184   lanmanworkstation - ok
10:48:42.0796 3184   lbrtfdc - ok
10:48:42.0859 3184   LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
10:48:43.0093 3184   LmHosts - ok
10:48:43.0312 3184   McAfee SiteAdvisor Service (aac3b33ba020d2af530d694a5a920180) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
10:48:43.0328 3184   McAfee SiteAdvisor Service - ok
10:48:43.0531 3184   McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
10:48:43.0578 3184   McMPFSvc - ok
10:48:43.0578 3184   mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:48:43.0609 3184   mcmscsvc - ok
10:48:43.0609 3184   McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:48:43.0640 3184   McNaiAnn - ok
10:48:43.0640 3184   McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:48:43.0703 3184   McNASvc - ok
10:48:43.0921 3184   McODS (42117cbc4849a5cf11129912dabbdeca) C:\Program Files\McAfee\VirusScan\mcods.exe
10:48:44.0000 3184   McODS - ok
10:48:44.0000 3184   McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
10:48:44.0062 3184   McProxy - ok
10:48:44.0156 3184   McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
10:48:44.0203 3184   McShield - ok
10:48:44.0281 3184   mdmxsdk (3c318b9cd391371bed62126581ee9961) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
10:48:44.0328 3184   mdmxsdk - ok
10:48:44.0390 3184   Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
10:48:44.0703 3184   Messenger - ok
10:48:44.0765 3184   mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\WINDOWS\system32\drivers\mfeapfk.sys
10:48:44.0796 3184   mfeapfk - ok
10:48:44.0828 3184   mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\WINDOWS\system32\drivers\mfeavfk.sys
10:48:44.0859 3184   mfeavfk - ok
10:48:44.0859 3184   mfeavfk01 - ok
10:48:44.0890 3184   mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\WINDOWS\system32\drivers\mfebopk.sys
10:48:44.0906 3184   mfebopk - ok
10:48:44.0953 3184   mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
10:48:44.0968 3184   mfefire - ok
10:48:45.0031 3184   mfefirek (4ea6ff90015424517843e931448e00f1) C:\WINDOWS\system32\drivers\mfefirek.sys
10:48:45.0078 3184   mfefirek - ok
10:48:45.0187 3184   mfehidk (d1e998748ba24a731106611d535c6bbf) C:\WINDOWS\system32\drivers\mfehidk.sys
10:48:45.0265 3184   mfehidk - ok
10:48:45.0312 3184   mfendisk (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
10:48:45.0343 3184   mfendisk - ok
10:48:45.0343 3184   mfendiskmp (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys
10:48:45.0375 3184   mfendiskmp - ok
10:48:45.0437 3184   mferkdet (f454a13377f0a006d20a8c14a753c432) C:\WINDOWS\system32\drivers\mferkdet.sys
10:48:45.0468 3184   mferkdet - ok
10:48:45.0546 3184   mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys
10:48:45.0578 3184   mferkdk - ok
10:48:45.0625 3184   mfesmfk (096b52ea918aa909ba5903d79e129005) C:\WINDOWS\system32\drivers\mfesmfk.sys
10:48:45.0656 3184   mfesmfk - ok
10:48:45.0703 3184   mfetdi2k (070d3faf2eac417c59d8674a8752f7a6) C:\WINDOWS\system32\drivers\mfetdi2k.sys
10:48:45.0734 3184   mfetdi2k - ok
10:48:45.0828 3184   mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\WINDOWS\system32\mfevtps.exe
10:48:45.0859 3184   mfevtp - ok
10:48:45.0906 3184   mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
10:48:46.0156 3184   mnmdd - ok
10:48:46.0218 3184   mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
10:48:46.0390 3184   mnmsrvc - ok
10:48:46.0437 3184   Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
10:48:46.0593 3184   Modem - ok
10:48:46.0593 3184   Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:48:46.0750 3184   Mouclass - ok
10:48:46.0781 3184   mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:48:46.0968 3184   mouhid - ok
10:48:47.0000 3184   MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
10:48:47.0140 3184   MountMgr - ok
10:48:47.0187 3184   mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
10:48:47.0359 3184   mraid35x - ok
10:48:47.0421 3184   MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:48:47.0562 3184   MRxDAV - ok
10:48:47.0656 3184   MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:48:47.0828 3184   MRxSmb - ok
10:48:47.0843 3184   MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
10:48:48.0031 3184   MSDTC - ok
10:48:48.0046 3184   Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
10:48:48.0265 3184   Msfs - ok
10:48:48.0265 3184   MSIServer - ok
10:48:48.0343 3184   MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:48:48.0546 3184   MSKSSRV - ok
10:48:48.0609 3184   MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:48:48.0843 3184   MSPCLOCK - ok
10:48:48.0875 3184   MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
10:48:49.0125 3184   MSPQM - ok
10:48:49.0203 3184   mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:48:49.0406 3184   mssmbios - ok
10:48:49.0468 3184   Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
10:48:49.0515 3184   Mup - ok
10:48:49.0640 3184   napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
10:48:49.0890 3184   napagent - ok
10:48:49.0984 3184   NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
10:48:50.0265 3184   NDIS - ok
10:48:50.0328 3184   NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:48:50.0421 3184   NdisTapi - ok
10:48:50.0453 3184   Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:48:50.0718 3184   Ndisuio - ok
10:48:50.0750 3184   NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:48:51.0031 3184   NdisWan - ok
10:48:51.0125 3184   NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
10:48:51.0218 3184   NDProxy - ok
10:48:51.0250 3184   NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
10:48:51.0515 3184   NetBIOS - ok
10:48:51.0562 3184   NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
10:48:51.0828 3184   NetBT - ok
10:48:51.0906 3184   NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
10:48:52.0171 3184   NetDDE - ok
10:48:52.0187 3184   NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
10:48:52.0406 3184   NetDDEdsdm - ok
10:48:52.0453 3184   Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
10:48:52.0578 3184   Netlogon - ok
10:48:52.0609 3184   Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
10:48:52.0750 3184   Netman - ok
10:48:52.0921 3184   NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:48:52.0953 3184   NetTcpPortSharing - ok
10:48:53.0078 3184   NICCONFIGSVC (11d8a00c7eff1aaec8e8464769c84a3d) C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
10:48:53.0171 3184   NICCONFIGSVC ( UnsignedFile.Multi.Generic ) - warning
10:48:53.0171 3184   NICCONFIGSVC - detected UnsignedFile.Multi.Generic (1)
10:48:53.0250 3184   Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
10:48:53.0312 3184   Nla - ok
10:48:53.0328 3184   Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
10:48:53.0625 3184   Npfs - ok
10:48:53.0718 3184   Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
10:48:53.0937 3184   Ntfs - ok
10:48:54.0015 3184   NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
10:48:54.0140 3184   NtLmSsp - ok
10:48:54.0203 3184   NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
10:48:54.0468 3184   NtmsSvc - ok
10:48:54.0515 3184   NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
10:48:54.0531 3184   NuidFltr - ok
10:48:54.0593 3184   Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
10:48:54.0781 3184   Null - ok
10:48:54.0968 3184   nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:48:55.0359 3184   nv - ok
10:48:55.0500 3184   NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:48:55.0843 3184   NwlnkFlt - ok
10:48:55.0890 3184   NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:48:56.0062 3184   NwlnkFwd - ok
10:48:56.0171 3184   Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
10:48:56.0328 3184   Parport - ok
10:48:56.0359 3184   PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
10:48:56.0546 3184   PartMgr - ok
10:48:56.0609 3184   ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
10:48:56.0781 3184   ParVdm - ok
10:48:56.0812 3184   PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
10:48:56.0953 3184   PCI - ok
10:48:56.0968 3184   PCIDump - ok
10:48:57.0015 3184   PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
10:48:57.0171 3184   PCIIde - ok
10:48:57.0218 3184   Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
10:48:57.0375 3184   Pcmcia - ok
10:48:57.0375 3184   PDCOMP - ok
10:48:57.0390 3184   PDFRAME - ok

sean · « **Reply #6 on:** May 21, 2012, 09:32:16 AM »

(cont.)

10:48:57.0406 3184   PDRELI - ok
10:48:57.0406 3184   PDRFRAME - ok
10:48:57.0437 3184   perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
10:48:57.0609 3184   perc2 - ok
10:48:57.0656 3184   perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
10:48:57.0859 3184   perc2hib - ok
10:48:57.0937 3184   PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
10:48:57.0984 3184   PlugPlay - ok
10:48:58.0046 3184   PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
10:48:58.0203 3184   PolicyAgent - ok
10:48:58.0250 3184   PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:48:58.0406 3184   PptpMiniport - ok
10:48:58.0421 3184   ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
10:48:58.0593 3184   ProtectedStorage - ok
10:48:58.0671 3184   PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
10:48:58.0843 3184   PSched - ok
10:48:58.0875 3184   Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:48:59.0078 3184   Ptilink - ok
10:48:59.0156 3184   PxHelp20 (86724469cd077901706854974cd13c3e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:48:59.0171 3184   PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
10:48:59.0171 3184   PxHelp20 - detected UnsignedFile.Multi.Generic (1)
10:48:59.0234 3184   ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
10:48:59.0437 3184   ql1080 - ok
10:48:59.0484 3184   Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
10:48:59.0703 3184   Ql10wnt - ok
10:48:59.0750 3184   ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
10:48:59.0968 3184   ql12160 - ok
10:48:59.0984 3184   ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
10:49:00.0156 3184   ql1240 - ok
10:49:00.0203 3184   ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
10:49:00.0375 3184   ql1280 - ok
10:49:00.0390 3184   RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:49:00.0546 3184   RasAcd - ok
10:49:00.0609 3184   RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
10:49:00.0765 3184   RasAuto - ok
10:49:00.0781 3184   Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:49:00.0921 3184   Rasl2tp - ok
10:49:00.0984 3184   RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
10:49:01.0125 3184   RasMan - ok
10:49:01.0171 3184   RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:49:01.0312 3184   RasPppoe - ok
10:49:01.0328 3184   Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
10:49:01.0484 3184   Raspti - ok
10:49:01.0515 3184   Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:49:01.0671 3184   Rdbss - ok
10:49:01.0734 3184   RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:49:01.0875 3184   RDPCDD - ok
10:49:01.0937 3184   rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:49:02.0078 3184   rdpdr - ok
10:49:02.0171 3184   RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys
10:49:02.0281 3184   RDPWD - ok
10:49:02.0328 3184   RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
10:49:02.0515 3184   RDSessMgr - ok
10:49:02.0578 3184   redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
10:49:02.0734 3184   redbook - ok
10:49:02.0875 3184   RegSrvc (15ba3bceeb32c4279b27f5c3389e4847) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
10:49:02.0906 3184   RegSrvc ( UnsignedFile.Multi.Generic ) - warning
10:49:02.0906 3184   RegSrvc - detected UnsignedFile.Multi.Generic (1)
10:49:02.0968 3184   RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
10:49:03.0203 3184   RemoteAccess - ok
10:49:03.0234 3184   RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
10:49:03.0515 3184   RpcLocator - ok
10:49:03.0609 3184   RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
10:49:03.0640 3184   RpcSs - ok
10:49:03.0718 3184   RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
10:49:03.0875 3184   RSVP - ok
10:49:03.0937 3184   S24EventMonitor (79a647519ca3e700e9738153f788fb7d) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
10:49:04.0046 3184   S24EventMonitor ( UnsignedFile.Multi.Generic ) - warning
10:49:04.0046 3184   S24EventMonitor - detected UnsignedFile.Multi.Generic (1)
10:49:04.0140 3184   s24trans (81aa6f0d6a2be1c550f814b036215888) C:\WINDOWS\system32\DRIVERS\s24trans.sys
10:49:04.0171 3184   s24trans ( UnsignedFile.Multi.Generic ) - warning
10:49:04.0171 3184   s24trans - detected UnsignedFile.Multi.Generic (1)
10:49:04.0218 3184   SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
10:49:04.0421 3184   SamSs - ok
10:49:04.0484 3184   SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
10:49:04.0750 3184   SCardSvr - ok
10:49:04.0828 3184   Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
10:49:04.0968 3184   Schedule - ok
10:49:05.0031 3184   Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:49:05.0156 3184   Secdrv - ok
10:49:05.0234 3184   seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
10:49:05.0390 3184   seclogon - ok
10:49:05.0406 3184   SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
10:49:05.0578 3184   SENS - ok
10:49:05.0640 3184   serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
10:49:05.0796 3184   serenum - ok
10:49:05.0859 3184   Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
10:49:06.0015 3184   Serial - ok
10:49:06.0078 3184   Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
10:49:06.0234 3184   Sfloppy - ok
10:49:06.0328 3184   SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
10:49:06.0593 3184   SharedAccess - ok
10:49:06.0656 3184   ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
10:49:06.0687 3184   ShellHWDetection - ok
10:49:06.0703 3184   Simbad - ok
10:49:06.0765 3184   sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
10:49:07.0031 3184   sisagp - ok
10:49:07.0078 3184   Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
10:49:07.0234 3184   Sparrow - ok
10:49:07.0296 3184   splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
10:49:07.0562 3184   splitter - ok
10:49:07.0640 3184   Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
10:49:07.0734 3184   Spooler - ok
10:49:07.0843 3184   sprtsvc_dellsupportcenter - ok
10:49:07.0875 3184   sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
10:49:08.0015 3184   sr - ok
10:49:08.0078 3184   srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
10:49:08.0296 3184   srservice - ok
10:49:08.0390 3184   Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
10:49:08.0546 3184   Srv - ok
10:49:08.0593 3184   sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
10:49:08.0609 3184   sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning
10:49:08.0609 3184   sscdbhk5 - detected UnsignedFile.Multi.Generic (1)
10:49:08.0640 3184   SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
10:49:08.0781 3184   SSDPSRV - ok
10:49:08.0843 3184   ssmdrv (3d2829fde1c52fc64da5413889ce4dee) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
10:49:08.0875 3184   ssmdrv - ok
10:49:08.0906 3184   ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
10:49:08.0921 3184   ssrtln ( UnsignedFile.Multi.Generic ) - warning
10:49:08.0921 3184   ssrtln - detected UnsignedFile.Multi.Generic (1)
10:49:09.0093 3184   STHDA (3ad78e22210d3fbd9f76de84a8df19b5) C:\WINDOWS\system32\drivers\sthda.sys
10:49:09.0515 3184   STHDA - ok
10:49:09.0906 3184   stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
10:49:10.0125 3184   stisvc - ok
10:49:10.0421 3184   swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
10:49:10.0625 3184   swenum - ok
10:49:10.0796 3184   swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
10:49:10.0984 3184   swmidi - ok
10:49:11.0000 3184   SwPrv - ok
10:49:11.0125 3184   symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
10:49:11.0390 3184   symc810 - ok
10:49:11.0484 3184   symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
10:49:11.0718 3184   symc8xx - ok
10:49:11.0765 3184   sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
10:49:11.0984 3184   sym_hi - ok
10:49:12.0000 3184   sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
10:49:12.0218 3184   sym_u3 - ok
10:49:12.0296 3184   SynTP (fa2daa32bed908023272a0f77d625dae) C:\WINDOWS\system32\DRIVERS\SynTP.sys
10:49:12.0359 3184   SynTP - ok
10:49:12.0406 3184   sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
10:49:12.0593 3184   sysaudio - ok
10:49:12.0656 3184   SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
10:49:12.0859 3184   SysmonLog - ok
10:49:12.0906 3184   TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
10:49:13.0125 3184   TapiSrv - ok
10:49:13.0234 3184   Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:49:13.0343 3184   Tcpip - ok
10:49:13.0406 3184   TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
10:49:13.0640 3184   TDPIPE - ok
10:49:13.0703 3184   TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
10:49:13.0984 3184   TDTCP - ok
10:49:14.0031 3184   TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
10:49:14.0281 3184   TermDD - ok
10:49:14.0375 3184   TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
10:49:14.0546 3184   TermService - ok
10:49:14.0609 3184   tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
10:49:14.0625 3184   tfsnboio ( UnsignedFile.Multi.Generic ) - warning
10:49:14.0625 3184   tfsnboio - detected UnsignedFile.Multi.Generic (1)
10:49:14.0625 3184   tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
10:49:14.0656 3184   tfsncofs ( UnsignedFile.Multi.Generic ) - warning
10:49:14.0656 3184   tfsncofs - detected UnsignedFile.Multi.Generic (1)
10:49:14.0671 3184   tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
10:49:14.0671 3184   tfsndrct ( UnsignedFile.Multi.Generic ) - warning
10:49:14.0671 3184   tfsndrct - detected UnsignedFile.Multi.Generic (1)
10:49:14.0703 3184   tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
10:49:14.0703 3184   tfsndres ( UnsignedFile.Multi.Generic ) - warning
10:49:14.0703 3184   tfsndres - detected UnsignedFile.Multi.Generic (1)
10:49:14.0718 3184   tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
10:49:14.0750 3184   tfsnifs ( UnsignedFile.Multi.Generic ) - warning
10:49:14.0750 3184   tfsnifs - detected UnsignedFile.Multi.Generic (1)
10:49:14.0765 3184   tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
10:49:14.0781 3184   tfsnopio ( UnsignedFile.Multi.Generic ) - warning
10:49:14.0781 3184   tfsnopio - detected UnsignedFile.Multi.Generic (1)
10:49:14.0796 3184   tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
10:49:14.0812 3184   tfsnpool ( UnsignedFile.Multi.Generic ) - warning
10:49:14.0812 3184   tfsnpool - detected UnsignedFile.Multi.Generic (1)
10:49:14.0843 3184   tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
10:49:14.0859 3184   tfsnudf ( UnsignedFile.Multi.Generic ) - warning
10:49:14.0859 3184   tfsnudf - detected UnsignedFile.Multi.Generic (1)
10:49:14.0890 3184   tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
10:49:14.0890 3184   tfsnudfa ( UnsignedFile.Multi.Generic ) - warning
10:49:14.0890 3184   tfsnudfa - detected UnsignedFile.Multi.Generic (1)
10:49:14.0953 3184   Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
10:49:14.0984 3184   Themes - ok
10:49:15.0046 3184   TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
10:49:15.0234 3184   TosIde - ok
10:49:15.0296 3184   TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
10:49:15.0515 3184   TrkWks - ok
10:49:15.0562 3184   Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
10:49:15.0765 3184   Udfs - ok
10:49:15.0812 3184   ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
10:49:15.0937 3184   ultra - ok
10:49:16.0031 3184   Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
10:49:16.0328 3184   Update - ok
10:49:16.0390 3184   upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
10:49:16.0656 3184   upnphost - ok
10:49:16.0687 3184   UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
10:49:16.0937 3184   UPS - ok
10:49:17.0015 3184   usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:49:17.0156 3184   usbccgp - ok
10:49:17.0203 3184   usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:49:17.0343 3184   usbehci - ok
10:49:17.0406 3184   usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:49:17.0546 3184   usbhub - ok
10:49:17.0609 3184   usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:49:17.0781 3184   usbprint - ok
10:49:17.0843 3184   USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:49:18.0000 3184   USBSTOR - ok
10:49:18.0046 3184   usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:49:18.0203 3184   usbuhci - ok
10:49:18.0265 3184   VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
10:49:18.0453 3184   VgaSave - ok
10:49:18.0515 3184   viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
10:49:18.0656 3184   viaagp - ok
10:49:18.0671 3184   ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
10:49:18.0828 3184   ViaIde - ok
10:49:18.0859 3184   VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
10:49:19.0015 3184   VolSnap - ok
10:49:19.0078 3184   VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
10:49:19.0265 3184   VSS - ok
10:49:19.0578 3184   w29n51 (f0f902220910c4fbe42a51964bd33599) C:\WINDOWS\system32\DRIVERS\w29n51.sys
10:49:20.0031 3184   w29n51 - ok
10:49:20.0203 3184   Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:49:20.0531 3184   Wanarp - ok
10:49:20.0546 3184   wanatw - ok
10:49:20.0656 3184   Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
10:49:20.0718 3184   Wdf01000 - ok
10:49:20.0734 3184   WDICA - ok
10:49:20.0781 3184   wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
10:49:20.0937 3184   wdmaud - ok
10:49:21.0031 3184   WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
10:49:21.0187 3184   WebClient - ok
10:49:21.0281 3184   winachsf (74cf3f2e4e40c4a2e18d39d6300a5c24) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
10:49:21.0421 3184   winachsf - ok
10:49:21.0531 3184   winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
10:49:21.0718 3184   winmgmt - ok
10:49:21.0906 3184   WLANKEEPER (43ed73f10de96e0a23244bd9cf04f5c2) C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
10:49:21.0921 3184   WLANKEEPER ( UnsignedFile.Multi.Generic ) - warning
10:49:21.0921 3184   WLANKEEPER - detected UnsignedFile.Multi.Generic (1)
10:49:22.0015 3184   WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
10:49:22.0203 3184   WmdmPmSN - ok
10:49:22.0296 3184   WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:49:22.0640 3184   WmiApSrv - ok
10:49:22.0828 3184   WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
10:49:22.0968 3184   WMPNetworkSvc - ok
10:49:23.0078 3184   WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:49:23.0250 3184   WS2IFSL - ok
10:49:23.0312 3184   wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
10:49:23.0609 3184   wscsvc - ok
10:49:23.0640 3184   wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
10:49:23.0921 3184   wuauserv - ok
10:49:24.0000 3184   WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:49:24.0078 3184   WudfPf - ok
10:49:24.0140 3184   WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:49:24.0218 3184   WudfRd - ok
10:49:24.0234 3184   WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
10:49:24.0281 3184   WudfSvc - ok
10:49:24.0375 3184   WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
10:49:24.0734 3184   WZCSVC - ok
10:49:24.0843 3184   xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
10:49:25.0125 3184   xmlprov - ok
10:49:25.0171 3184   MBR (0x1B8) (5cb90281d1a59b251f6603134774eec3) \Device\Harddisk0\DR0
10:49:25.0906 3184   \Device\Harddisk0\DR0 - ok
10:49:25.0921 3184   MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR4
10:49:26.0046 3184   \Device\Harddisk1\DR4 - ok
10:49:26.0062 3184   Boot (0x1200) (a64c9e50ffe73917724861ff76c77c43) \Device\Harddisk0\DR0\Partition0
10:49:26.0062 3184   \Device\Harddisk0\DR0\Partition0 - ok
10:49:26.0078 3184   Boot (0x1200) (3cf0a2824fb62933b031e34b54b84939) \Device\Harddisk1\DR4\Partition0
10:49:26.0078 3184   \Device\Harddisk1\DR4\Partition0 - ok
10:49:26.0078 3184   ============================================================
10:49:26.0078 3184   Scan finished
10:49:26.0078 3184   ============================================================
10:49:26.0203 3168   Detected object count: 25
10:49:26.0203 3168   Actual detected object count: 25
10:51:15.0890 3168   AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0890 3168   AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0890 3168   APPDRV ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0890 3168   APPDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0890 3168   ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0890 3168   ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0906 3168   brmfrmps ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0906 3168   brmfrmps ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0906 3168   drvmcdb ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0906 3168   drvmcdb ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0906 3168   drvnddm ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0906 3168   drvnddm ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0906 3168   DSproct ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0906 3168   DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0921 3168   EvtEng ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0921 3168   EvtEng ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0921 3168   NICCONFIGSVC ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0921 3168   NICCONFIGSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0921 3168   PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0921 3168   PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0921 3168   RegSrvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0921 3168   RegSrvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0937 3168   S24EventMonitor ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0937 3168   S24EventMonitor ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0937 3168   s24trans ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0937 3168   s24trans ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0937 3168   sscdbhk5 ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0937 3168   sscdbhk5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0953 3168   ssrtln ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0953 3168   ssrtln ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0953 3168   tfsnboio ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0953 3168   tfsnboio ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0953 3168   tfsncofs ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0953 3168   tfsncofs ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0953 3168   tfsndrct ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0953 3168   tfsndrct ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0968 3168   tfsndres ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0968 3168   tfsndres ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0968 3168   tfsnifs ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0968 3168   tfsnifs ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0968 3168   tfsnopio ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0968 3168   tfsnopio ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0968 3168   tfsnpool ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0968 3168   tfsnpool ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0984 3168   tfsnudf ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0984 3168   tfsnudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0984 3168   tfsnudfa ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0984 3168   tfsnudfa ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:51:15.0984 3168   WLANKEEPER ( UnsignedFile.Multi.Generic ) - skipped by user
10:51:15.0984 3168   WLANKEEPER ( UnsignedFile.Multi.Generic ) - User select action: Skip

sean · « **Reply #7 on:** May 21, 2012, 09:33:10 AM »

OTL logfile created on: 5/21/2012 11:02:11 AM - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Documents and Settings\steve brophy\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.37 Mb Total Physical Memory | 241.53 Mb Available Physical Memory | 47.98% Memory free
1.20 Gb Paging File | 0.72 Gb Available in Paging File | 59.73% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.20 Gb Total Space | 10.92 Gb Free Space | 31.94% Space Free | Partition Type: NTFS
Drive E: | 3.74 Gb Total Space | 2.89 Gb Free Space | 77.30% Space Free | Partition Type: FAT32

Computer Name: STEVE | User Name: steve brophy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/20 16:10:02 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\steve brophy\Desktop\google.exe
PRC - [2012/03/21 21:16:10 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/10/28 19:20:16 | 000,286,736 | ---- | M] (Verizon) -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2009/01/23 10:46:14 | 000,203,280 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/04/06 15:57:54 | 000,380,928 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2006/03/25 00:30:44 | 000,282,624 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2004/10/30 15:59:54 | 000,385,024 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2004/09/07 17:12:32 | 000,225,353 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2004/09/07 17:08:02 | 000,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2004/07/20 09:34:28 | 000,851,968 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter2\brctrcen.exe
PRC - [2003/05/05 19:30:22 | 000,065,536 | ---- | M] (Brother Industries, Ltd.) -- C:\WINDOWS\system32\Brmfrmps.exe

========== Modules (No Company Name) ==========

MOD - [2012/05/12 15:32:32 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\8dc4a28c456f81ee7399da21bd9d55aa\System.ServiceProcess.ni.dll
MOD - [2012/05/12 15:28:32 | 000,220,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\bb26dd100d656605c576881a1a823667\CustomMarshalers.ni.dll
MOD - [2012/05/12 15:27:01 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\9080c8e8e7b6dfb502c1328673d636f8\System.Management.ni.dll
MOD - [2012/05/12 00:24:20 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012/05/12 00:12:46 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012/05/12 00:03:33 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012/05/12 00:02:08 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012/05/11 23:57:25 | 000,069,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2009/01/29 12:27:06 | 000,310,800 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\saset.dll
MOD - [2009/01/29 12:27:04 | 000,652,304 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\sacore.dll
MOD - [2009/01/29 12:27:02 | 000,071,696 | ---- | M] () -- c:\Program Files\McAfee\SiteAdvisor\mcfrmwk.dll
MOD - [2009/01/29 12:27:00 | 000,207,376 | ---- | M] () -- c:\Program Files\McAfee\SiteAdvisor\cntscan.dll
MOD - [2009/01/29 12:26:58 | 000,117,264 | ---- | M] () -- c:\Program Files\McAfee\SiteAdvisor\apengine.dll
MOD - [2009/01/23 10:46:22 | 000,351,248 | ---- | M] () -- c:\Program Files\McAfee\SiteAdvisor\saupkeep.dll
MOD - [2009/01/23 10:46:18 | 000,013,840 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2009/01/23 10:46:14 | 000,203,280 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
MOD - [2009/01/23 10:46:14 | 000,056,336 | ---- | M] () -- c:\Program Files\McAfee\SiteAdvisor\McSACorePS.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/16 19:46:14 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/22 19:29:08 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2012/03/20 13:11:32 | 000,151,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2012/03/20 13:05:00 | 000,161,632 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2012/03/20 13:04:32 | 000,166,288 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/10/28 19:20:16 | 000,286,736 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2009/01/23 10:46:14 | 000,203,280 | ---- | M] () [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2008/08/13 18:32:40 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter) SupportSoft Sprocket Service (dellsupportcenter)
SRV - [2007/03/07 15:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2006/04/06 15:57:54 | 000,380,928 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2004/09/07 17:12:32 | 000,225,353 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER)
SRV - [2003/05/05 19:30:22 | 000,065,536 | ---- | M] (Brother Industries, Ltd.) [Auto | Running] -- C:\WINDOWS\system32\Brmfrmps.exe -- (brmfrmps)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (mfeavfk01)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\STEVEB~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/02/22 13:29:46 | 000,464,304 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2012/02/22 13:29:46 | 000,340,920 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2012/02/22 13:29:46 | 000,180,848 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2012/02/22 13:29:46 | 000,121,544 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2012/02/22 13:29:46 | 000,089,792 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2012/02/22 13:29:46 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2012/02/22 13:29:46 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2012/02/22 13:29:46 | 000,083,856 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2012/02/22 13:29:46 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2012/02/22 13:29:46 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2010/02/17 16:52:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/11/04 17:53:40 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2007/03/01 11:34:36 | 000,028,352 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007/02/25 12:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2006/10/05 16:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/07/17 20:57:13 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/03/25 00:34:30 | 001,156,648 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2005/08/12 18:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)
DRV - [2005/08/05 04:32:16 | 000,045,312 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2005/07/22 04:02:12 | 001,035,008 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/07/22 04:01:08 | 000,201,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2005/07/22 04:01:00 | 000,717,952 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/10/21 21:56:04 | 003,210,496 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2004/08/31 09:53:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/08/12 09:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{0A733796-F16E-4068-8D8A-EB581730EC5F}: "URL" = http://shopping.yahoo.com/search?p={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{245E95D0-CB47-430A-B965-06A33A7D49BF}: "URL" = http://answers.yahoo.com/search/search_result?p={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{554252D7-BE8E-48FC-B01C-2206A0DDE861}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{71094FA3-823C-4D27-A57A-08C9574FE8CB}: "URL" = http://images.search.yahoo.com/search/images?p={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{7C1F6446-8548-4B22-A8A0-3237496D9E8D}: "URL" = http://news.search.yahoo.com/search/news?p={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{A37B4E6E-C8B5-4D36-AF83-385D641A39A5}: "URL" = http://local.yahoo.com/results?stx={searchTerms}&fr=yie7c
IE - HKLM\..\SearchScopes\{C18D2806-E8FB-40A2-A3C8-AD299157CD83}: "URL" = http://video.yahoo.com/video/search?p={searchTerms}&fr=yie7c

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {DECA3892-BA8F-44b8-A993-A466AD694AE4}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{2AE0B5D8-5D6A-4547-B5E1-F893B854C996}: "URL" = http://answers.yahoo.com/search/search_result?p={searchTerms}&fr=yie7c
IE - HKCU\..\SearchScopes\{704CDBD6-594C-46AF-A0BA-1CE2393AC96E}: "URL" = http://images.search.yahoo.com/search/images?p={searchTerms}&fr=yie7c
IE - HKCU\..\SearchScopes\{B895907B-7F66-46D9-B5CF-5302EC90D04F}: "URL" = http://local.yahoo.com/results?stx={searchTerms}&fr=yie7c
IE - HKCU\..\SearchScopes\{C6327812-B13A-4868-B24D-3FFB7DDE3D7E}: "URL" = http://video.yahoo.com/video/search?p={searchTerms}&fr=yie7c
IE - HKCU\..\SearchScopes\{D1E7BC01-E325-4D30-86C8-75EC22F35B33}: "URL" = http://news.search.yahoo.com/search/news?p={searchTerms}&fr=yie7c
IE - HKCU\..\SearchScopes\{DA90BD50-78DF-460A-881F-98286534F60D}: "URL" = http://shopping.yahoo.com/search?p={searchTerms}&fr=yie7c
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={searchTerms}
IE - HKCU\..\SearchScopes\{F92CF050-53D4-41AF-84FD-BA149483E4B4}: "URL" = http://search.yahoo.com/search?p={searchTerms}&fr=yie7c
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MVT: C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=2.0: C:\Program Files\Virtual Earth 3D\ [2007/12/31 11:53:12 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2012/04/25 22:37:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/05/21 10:41:35 | 000,000,000 | ---D | M]

O1 HOSTS File: ([2004/08/04 06:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120425200238.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe (Brother Industories, Ltd.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKLM\..Trusted Domains: musicmatch.com ([online] https in Trusted sites)
O15 - HKCU\..Trusted Domains: Interealty.com ([]* is out of zone range - 5)
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Domains: MLXchange.com ([]* is out of zone range - 5)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - (C:\Program Files\Intel\Wireless\Bin\LgNotify.dll) - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\WINDOWS\Coffee Bean.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Coffee Bean.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 14:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Unable to start System Restore Service. Error code 1056

MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: DellSupport - hkey= - key= - C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
MsConfig - StartUpReg: DellSupportCenter - hkey= - key= - C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
MsConfig - StartUpReg: dscactivate - hkey= - key= - C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
MsConfig - StartUpReg: DVDLauncher - hkey= - key= - C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe (CyberLink Corp.)
MsConfig - StartUpReg: ISUSPM Startup - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: ISUSScheduler - hkey= - key= - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
MsConfig - StartUpReg: KernelFaultCheck - hkey= - key= - File not found
MsConfig - StartUpReg: ModemOnHold - hkey= - key= - C:\Program Files\NetWaiting\netwaiting.exe ()
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Computer, Inc.)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 2

========== Files/Folders - Created Within 30 Days ==========

[2012/05/21 10:57:25 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\steve brophy\Desktop\google.exe
[2012/05/21 10:44:53 | 002,126,424 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\steve brophy\Desktop\tdsskiller.exe
[2012/05/21 10:42:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2012/05/20 12:53:41 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/05/20 12:50:18 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/05/20 12:50:18 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/05/20 12:50:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/05/20 12:50:18 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/05/20 12:50:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/05/20 12:50:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/05/20 12:00:17 | 004,499,706 | R--- | C] (Swearware) -- C:\Documents and Settings\steve brophy\Desktop\ComboFix.exe

========== Files - Modified Within 30 Days ==========

[2012/05/21 10:38:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/21 10:37:28 | 527,892,480 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/21 10:37:28 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/20 20:09:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/20 16:10:02 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\steve brophy\Desktop\google.exe
[2012/05/20 16:09:22 | 002,126,424 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\steve brophy\Desktop\tdsskiller.exe
[2012/05/20 14:20:22 | 004,499,706 | R--- | M] (Swearware) -- C:\Documents and Settings\steve brophy\Desktop\ComboFix.exe
[2012/05/20 12:53:59 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/05/20 11:58:17 | 000,015,872 | ---- | M] () -- C:\Documents and Settings\steve brophy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/05/16 20:06:50 | 000,001,729 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2012/05/12 15:19:00 | 000,177,856 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/11 23:59:39 | 000,488,868 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/05/11 23:59:39 | 000,091,166 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/05/11 23:48:36 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/04/22 15:07:35 | 000,155,594 | ---- | M] () -- C:\Documents and Settings\steve brophy\Desktop\Steve Resume 04-12.pdf
[2012/04/22 15:07:11 | 000,155,594 | ---- | M] () -- C:\Documents and Settings\steve brophy\My Documents\Steve Resume 04-12.pdf
[2012/04/22 15:05:06 | 000,005,538 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2012/04/22 15:05:06 | 000,000,056 | RHS- | M] () -- C:\WINDOWS\System32\555A3632F5.sys
[2012/04/22 13:36:08 | 000,003,049 | ---- | M] () -- C:\Documents and Settings\steve brophy\My Documents\Addendum to 2102 Resume Steve.eml

========== Files Created - No Company Name ==========

[2012/05/20 12:53:59 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2012/05/20 12:53:48 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/05/20 12:50:18 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/05/20 12:50:18 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/05/20 12:50:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/05/20 12:50:18 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/05/20 12:50:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/05/16 19:46:15 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/04/22 15:07:35 | 000,155,594 | ---- | C] () -- C:\Documents and Settings\steve brophy\Desktop\Steve Resume 04-12.pdf
[2012/04/22 15:07:11 | 000,155,594 | ---- | C] () -- C:\Documents and Settings\steve brophy\My Documents\Steve Resume 04-12.pdf
[2012/04/22 13:36:08 | 000,003,049 | ---- | C] () -- C:\Documents and Settings\steve brophy\My Documents\Addendum to 2102 Resume Steve.eml
[2012/02/14 19:45:55 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

========== LOP Check ==========

[2006/07/27 11:14:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2008/02/18 11:54:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2008/06/01 11:03:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VisualTour
[2006/09/19 11:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\steve brophy\Application Data\PlayFirst
[2006/09/23 12:08:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\steve brophy\Application Data\ScanSoft
[2011/11/18 16:21:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\steve brophy\Application Data\TechWizard
[2009/09/04 11:07:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\steve brophy\Application Data\ToolkitCMA

========== Purity Check ==========

========== Custom Scans ==========

< %systemroot%\*. /rp /s >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790 -> Junction
[C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a] -> C:\WINDOWS\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e -> Junction

< End of report >

sean · « **Reply #8 on:** May 21, 2012, 09:34:20 AM »

(cont.)

OTL Extras logfile created on: 5/21/2012 11:02:11 AM - Run 1
OTL by OldTimer - Version 3.2.43.0 Folder = C:\Documents and Settings\steve brophy\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

503.37 Mb Total Physical Memory | 241.53 Mb Available Physical Memory | 47.98% Memory free
1.20 Gb Paging File | 0.72 Gb Available in Paging File | 59.73% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.20 Gb Total Space | 10.92 Gb Free Space | 31.94% Space Free | Partition Type: NTFS
Drive E: | 3.74 Gb Total Space | 2.89 Gb Free Space | 77.30% Space Free | Partition Type: FAT32

Computer Name: STEVE | User Name: steve brophy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"9051:UDP" = 9051:UDP:LocalSubNet:Enabled:FiOS Tech Wizard
"50000:UDP" = 50000:UDP:*:Enabled:IHA_MessageCenter

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:AOL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}" = mSSO
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{149C2374-E707-4B53-A487-A2DA2064E03D}" = Vz In Home Agent
"{166E180E-9A3F-41AE-8B40-22D8FFF4AF87}" = McAfee Virtual Technician
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{26E1BFB0-E87E-4696-9F89-B467F01F81E5}" = Broadcom Management Programs
"{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}" = OLYMPUS Digital Camera Updater
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZeroInstallers
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{40A6C96D-808E-41DD-8716-617AB6B0F1F1}" = Brother MFL-Pro Suite
"{4667B940-BB01-428B-986E-A0CC46497BF7}" = ELIcon
"{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}" = mHlpDell
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.5
"{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}" = Digital Content Portal
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{797808CA-1563-4EA0-A280-1371AC2F2310}" = OLYMPUS Viewer 2
"{7A3F0566-5E05-4919-9C98-456F6B5CF831}" = Get High Speed Internet!
"{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}" = DellSupport
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{859963C1-E908-49E8-9FA3-9E833D717563}" = IHA_MessageCenter
"{85D3CC30-8859-481A-9654-FD9B74310BEF}" = Musicmatch® Jukebox
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A683A2C0-821C-486F-858C-FA634DB5E864}" = EducateU
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{AF19F291-F22F-4798-9662-525305AE9E48}" = WordPerfect Office 12
"{B0DF58A2-40DF-4465-AA56-38623EC9938C}" = Documentation & Support Launcher
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B6884A07-0305-47AE-9969-8F26FADC17DE}" = Games, Music, & Photos Launcher
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C5074CC4-0E26-4716-A307-960272A90040}" = QuickSet
"{CA9BAADB-C262-4E05-B2E2-CEE8CE9809EC}" = mToolkit
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D2988E9B-C73F-422C-AD4B-A66EBE257120}" = MCU
"{D76D1828-BBA0-4BD9-8181-5ACC617DC5F2}" = Virtual Earth 3D (Beta)
"{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}" = Search Assist
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E93E5EF6-D361-481E-849D-F16EF5C78EBC}" = Musicmatch for Windows Media Player
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"CCleaner" = CCleaner
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3" = Conexant HDA D110 MDC V.92 Modem
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"Dell Game Console" = Dell Game Console
"E77704EF5E71F4F18CADFBFA68595AFE036D5D97" = Windows Driver Package - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"HijackThis" = HijackThis 2.0.2
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSC" = McAfee SecurityCenter
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSNINST" = MSN
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"ProInst" = Intel(R) PROSet/Wireless Software
"QuickTime" = QuickTime
"RealPlayer 6.0" = RealPlayer Basic
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VisualTour Studio" = VisualTour Studio
"VT Remote Support" = VT Remote Support
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"ToolkitCMA" = ToolkitCMA

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/13/2012 10:43:06 AM | Computer Name = STEVE | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.

Error - 5/16/2012 7:40:19 PM | Computer Name = STEVE | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed. Engine returned error : 8

Error - 5/16/2012 7:42:16 PM | Computer Name = STEVE | Source = McLogEvent | ID = 5019
Description = Exception in McShield.Exe! Exception details follow : VSCORE.14.4.0.387
Exception
Code : 0XC0000005 Exception Address : 00000000 Exception Parameters : 2
Param 1 = 00000000 Param 2 = 00000000 More information :

Error - 5/16/2012 8:07:44 PM | Computer Name = STEVE | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed. Engine returned error : 8

Error - 5/16/2012 8:08:33 PM | Computer Name = STEVE | Source = McLogEvent | ID = 5019
Description = Exception in McShield.Exe! Exception details follow : VSCORE.14.4.0.387
Exception
Code : 0XC0000005 Exception Address : 00000000 Exception Parameters : 2
Param 1 = 00000000 Param 2 = 00000000 More information :

Error - 5/17/2012 7:38:36 AM | Computer Name = STEVE | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed. Engine returned error : 8

Error - 5/17/2012 7:48:51 AM | Computer Name = STEVE | Source = McLogEvent | ID = 5019
Description = Exception in McShield.Exe! Exception details follow : VSCORE.14.4.0.387
Exception
Code : 0XC0000005 Exception Address : 00000000 Exception Parameters : 2
Param 1 = 00000000 Param 2 = 00000000 More information :

Error - 5/17/2012 6:58:29 PM | Computer Name = STEVE | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed. Engine returned error : 8

Error - 5/18/2012 6:42:48 PM | Computer Name = STEVE | Source = McLogEvent | ID = 5022
Description = MCSCAN32 Engine Initialisation failed. Engine returned error : 8

Error - 5/19/2012 9:56:44 AM | Computer Name = STEVE | Source = McLogEvent | ID = 5019
Description = Exception in McShield.Exe! Exception details follow : VSCORE.14.4.0.387
Exception
Code : 0XC0000005 Exception Address : 00000000 Exception Parameters : 2
Param 1 = 00000000 Param 2 = 00000000 More information :

[ System Events ]
Error - 5/17/2012 7:51:44 AM | Computer Name = STEVE | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{8B6DCE1D-1612-4A6A-B1C3-FE4F246D9648}. The
backup browser is stopping.

Error - 5/17/2012 7:25:30 PM | Computer Name = STEVE | Source = sr | ID = 1
Description = The System Restore filter encountered the unexpected error '0xC000007F'
while processing the file 'vso' on the volume 'HarddiskVolume2'. It has stopped
monitoring the volume.

Error - 5/18/2012 6:39:54 PM | Computer Name = STEVE | Source = NetBT | ID = 4321
Description = The name "1 :1d" could not be registered on the Interface
with IP address 192.168.1.5. The machine with the IP address 192.168.1.3 did not
allow the name to be claimed by this machine.

Error - 5/18/2012 6:47:17 PM | Computer Name = STEVE | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{8B6DCE1D-1612-4A6A-B1C3-FE4F246D9648}. The
backup browser is stopping.

Error - 5/19/2012 11:53:19 AM | Computer Name = STEVE | Source = DCOM | ID = 10010
Description = The server {0002DF01-0000-0000-C000-000000000046} did not register
with DCOM within the required timeout.

Error - 5/19/2012 11:55:19 AM | Computer Name = STEVE | Source = DCOM | ID = 10010
Description = The server {0002DF01-0000-0000-C000-000000000046} did not register
with DCOM within the required timeout.

Error - 5/19/2012 12:24:52 PM | Computer Name = STEVE | Source = Service Control Manager | ID = 7016
Description = The BrSplService service has reported an invalid current state 0.

Error - 5/20/2012 2:12:21 PM | Computer Name = STEVE | Source = System Error | ID = 1003
Description = Error code 000000ca, parameter1 00000004, parameter2 81f64b10, parameter3
00000000, parameter4 00000000.

Error - 5/20/2012 2:23:06 PM | Computer Name = STEVE | Source = BROWSER | ID = 8032
Description = The browser service has failed to retrieve the backup list too many
times on transport \Device\NetBT_Tcpip_{8B6DCE1D-1612-4A6A-B1C3-FE4F246D9648}. The
backup browser is stopping.

Error - 5/20/2012 2:44:33 PM | Computer Name = STEVE | Source = Service Control Manager | ID = 7016
Description = The BrSplService service has reported an invalid current state 0.

< End of report >

Thank you.

Bear · « **Reply #9 on:** May 22, 2012, 12:32:19 AM »

Hi Sean

I'm seeing a few problems but no major malware at this point. Is the real time AV the only problem your PC is having? If not, please describe the others.

Let's clean up what I have seen to this point.

1. Double click on the OTL icon to run it (Vista and Windows 7 users right click and select Run as Administrator). Make sure all other windows are closed and to let it run uninterrupted.

2. In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check". On the upper right be sure Use Company-Name WhiteList and Skip Microsoft Files are checked. Copy the code in the code box below and paste it into the Custom Scan box .

Code: [Select]

:OTL
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
[2012/04/22 15:05:06 | 000,005,538 | -HS- | M] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2012/04/22 15:05:06 | 000,000,056 | RHS- | M] () -- C:\WINDOWS\System32\555A3632F5.sys

:Services
WDICA
wanatw
PCIDump
PDRELI
PDFRAME
PDCOM
PDRFRAME

:FILES

:Commands
[REBOOT]
[EMPTYTEMP]
[EMPTYJAVA]

3. Click on the Run Fix button. The fix log is saved on your C: drive under OTL\Moved Files as date-some number.log. Reboot you PC.

4. Now click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long. When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.

5. Run MBAM again. Be sure to update the program and run a full system scan. And be sure to fix all problems found.

6. Download ESET Online Scanner ESET Online Scanner and save it to your desktop.

7. Double-click on esetsmartinstaller and then click Run. Click Yes on the license and then Start.

8. Be sure that ONLY the following items are checked:
   Remove found threats
   Scan for potentially unwanted applications
   Enable Anti-Stealth technology

Click Start.

It may take some time for the virus definitions to download and the scan to finish. Do not click on the interface, download or install anything until the scan completes. When the scan completes click Finish.

9. Navigate to the following file path, C:\Program Files\ESET\ESET Online Scanner and Double-click on the log.txt file. Click File/Save As and name the file ESETLog.txt and save it to your desktop.ve As and name the file ESETLog.txt and save it to your desktop.

As always please check to be sure Word Wrap is NOT turned on in any Notepad files you post and please be sure to check that all the data you entered was posted. If not, use multiple posts.

Now please post the following to me as a reply to this post:
OTL Fix Log
mbam-log-latest date
EsetLog.txt
Let me know how your computer and browser are operating
If you have any questions or problems, let me know that as well

sean · « **Reply #10 on:** May 22, 2012, 02:32:11 PM »

Hi Bear,

A quick question:
I ran OTL and clicked "run fix". I rebooted the pc and went to run the OTL scan. Your instructions state "do not change any settings unless otherwise told to do so". However the "LOP Check" and "Purity Check" are both not checked and the "Use Company-Name WhiteList" and "Skip Microsoft Files" are not checked.
Is this correct? Just wanted to make sure before I continued.

Thanks!

Bear · « **Reply #11 on:** May 22, 2012, 04:29:56 PM »

Hi Sean

Just skip step 4 above. I don't think we'll need it.

sean · « **Reply #12 on:** May 24, 2012, 06:59:57 AM »

Hi Bear,

Thanks! Here are the logs:

All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\internet\ deleted successfully.
C:\WINDOWS\system32\KGyGaAvL.sys moved successfully.
C:\WINDOWS\system32\555A3632F5.sys moved successfully.
========== SERVICES/DRIVERS ==========
Service WDICA stopped successfully!
Service WDICA deleted successfully!
Service wanatw stopped successfully!
Service wanatw deleted successfully!
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
Error: No service named PDCOM was found to stop!
Service\Driver key PDCOM not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56504 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: Owner
->Temp folder emptied: 0 bytes

User: steve brophy
->Temp folder emptied: 2180 bytes
->Temporary Internet Files folder emptied: 3110646 bytes
->Java cache emptied: 223610 bytes
->Flash cache emptied: 470 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3736 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 3.00 mb

[EMPTYJAVA]

User: Administrator

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: Owner

User: steve brophy
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb

OTL by OldTimer - Version 3.2.43.0 log created on 05222012_160127

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Database version: v2012.05.23.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
steve brophy :: STEVE [administrator]

5/23/2012 4:08:15 PM
mbam-log-2012-05-23 (16-08-15).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 276343
Time elapsed: 1 hour(s), 7 minute(s),

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=49d02ddc3bce934d872284b1228ca8b3
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-05-23 11:46:37
# local_time=2012-05-23 07:46:37 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 105110026 105110026 0 0
# compatibility_mode=5121 16777189 100 75 0 38196816 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=71248
# found=0
# cleaned=0
# scan_time=3446

Bear · « **Reply #13 on:** May 24, 2012, 01:33:09 PM »

Hi Sean

It looks like your PC is pretty clean to me. Are you still having problems with your AV? Are you having any other problems with the PC or browser?

sean · « **Reply #14 on:** May 25, 2012, 12:51:40 PM »

Hi Bear,

Everything seems ok.

News:

Author Topic: [Resolved-B]Cannot Enable Real Time Anti-virus (Read 1572 times)

sean

[Resolved-B]Cannot Enable Real Time Anti-virus

Bear

Re: [In Progress-B]Cannot Enable Real Time Anti-virus

Bear

Re: [In Progress-B]Cannot Enable Real Time Anti-virus

sean

Re: [In Progress-B]Cannot Enable Real Time Anti-virus

Bear

Re: [In Progress-B]Cannot Enable Real Time Anti-virus

sean

Re: [In Progress-B]Cannot Enable Real Time Anti-virus

sean

Re: [In Progress-B]Cannot Enable Real Time Anti-virus

sean

Re: [In Progress-B]Cannot Enable Real Time Anti-virus

sean

Re: [In Progress-B]Cannot Enable Real Time Anti-virus

Bear

Re: [In Progress-B]Cannot Enable Real Time Anti-virus

sean

Re: [In Progress-B]Cannot Enable Real Time Anti-virus

Bear

Re: [In Progress-B]Cannot Enable Real Time Anti-virus

sean

Re: [In Progress-B]Cannot Enable Real Time Anti-virus

Bear

Re: [In Progress-B]Cannot Enable Real Time Anti-virus

sean

Re: [In Progress-B]Cannot Enable Real Time Anti-virus