Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Virus & Other Malware Removal Virus & Other Malware Removal
Search Search
Search for:
Tech Support Guy > > >

PLEASE HELP!!,cant search the web

(In Progress)
(!)

Architype's Avatar
Architype Architype is offline
Computer Specs
Member with 34 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
26-Sep-2012, 12:13 PM #1
Exclamation PLEASE HELP!!,cant search the web
Two nights ago I let my brother use my computer. When I got it back it, the Firefox browser wasn't working. Every time I would punch in a website address, the browser would instantly return back to the Google home page "the first page I see when I load my browser". I couldn't get my browser to leave the home page even though it appeared to be connected to the internet through WiFi. So then I tried IE but it simply said that their was a connection problem and wouldn't load any page.However, I was able to download an update for my Avira anti-virus software. When I asked my brother what happened he said he tried to download a video, but it didn't work. I guess it did, just not in the way he thought it would. Also, I am have trouble connecting to the internet, every time I try to connect it says acquiring network address for way to long.Some times I'm able to connect and sometimes it does not. When I run GMER it said their was a rootkit on my computer. Here are the logs, thanks.....

----------------------------------------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:00:36 AM, on 9/19/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre7\bin\jqs.exe
c:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ZyXEL\N220\Common\RalinkRegistryWriter.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\StacSV.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Documents and Settings\All Users\Application Data\ASGvis\DRSpawner\DRSpawner.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\ZyXEL\N220\Common\N220.exe
C:\Documents and Settings\Admin\Application Data\Dropbox\bin\Dropbox.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\System32\svchost.exe
E:\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6081010
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
O1 - Hosts: ::1 localhost
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Documents and Settings\Admin\Local Settings\Application Data\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -update activex (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -update activex (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Admin\Application Data\Dropbox\bin\Dropbox.exe
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: DRSpawner.lnk = C:\Documents and Settings\All Users\Application Data\ASGvis\DRSpawner\DRSpawner.exe
O4 - Global Startup: Wireless N-lite USB Adapter Utility.lnk = C:\Program Files\ZyXEL\N220\Common\N220.exe
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/US/Co...IKEA_Win32.cab
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/US/Co...erAX_Win32.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: gemsafe - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Broadcom ASF IP and SMBIOS Mailbox Monitor (ASFIPmon) - Broadcom Corporation - C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: WDM_YAMAHAAC97 (Epiusb) - Unknown owner - \\.\globalrootC:\WINDOWS\system32\svchost.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: mental ray 3.9 Satellite for Autodesk 3ds Max Design 2012 32-bit - English 32-bit (mi-raysat_3dsmax2012_32) - Unknown owner - c:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\ZyXEL\N220\Common\RalinkRegistryWriter.exe
O23 - Service: SecureStorageService - Unknown owner - C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\StacSV.exe
O23 - Service: NTRU TSS v1.2.1.25 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
O23 - Service: WaveEnrollmentService - Unknown owner - C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 16267 bytes

------------------------------------------------------------------------------------------------------
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.3.1
Run by Admin at 11:01:05 on 2012-09-19
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.2786 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\WINDOWS\System32\svchost.exe -k Akamai
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre7\bin\jqs.exe
c:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ZyXEL\N220\Common\RalinkRegistryWriter.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\StacSV.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Documents and Settings\All Users\Application Data\ASGvis\DRSpawner\DRSpawner.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\ZyXEL\N220\Common\N220.exe
C:\Documents and Settings\Admin\Application Data\Dropbox\bin\Dropbox.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Documents and Settings\Admin\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6081010
mSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6081010
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Avira SearchFree Toolbar plus Web Protection: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.0 runtime\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS3/contributeieplugin.dll
TB: Avira SearchFree Toolbar plus Web Protection: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Akamai NetSession Interface] "c:\documents and settings\admin\local settings\application data\akamai\netsession_win.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [SecureUpgrade] c:\program files\wave systems corp\SecureUpgrade.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NVHotkey] rundll32.exe nvHotkey.dll,Start
mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe"
mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXE
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"
dRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil10h_ActiveX.exe -update activex
StartupFolder: c:\docume~1\admin\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\admin\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\admin\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\docume~1\admin\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\drspaw~1.lnk - c:\documents and settings\all users\application data\asgvis\drspawner\DRSpawner.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\zyxel\n220\common\N220.exe
IE: Add to Banner Ad Blocker - c:\program files\kaspersky lab\kaspersky internet security 2009\ie_banner_deny.htm
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\program files\avira\antivir desktop\avsda.dll
LSP: mswsock.dll
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/US/Core/Player/2020PlayerAX_IKEA_Win32.cab
DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} - hxxp://kitchenplanner.ikea.com/US/Core/Player/2020PlayerAX_Win32.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: Interfaces\{5B515332-AE0B-4D61-89A3-D693D0733B5E} : DhcpNameServer = 192.168.1.1 71.252.0.12
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: gemsafe - c:\program files\gemplus\gemsafe libraries\bin\WLEventNotify.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\admin\application data\mozilla\firefox\profiles\8v2j09ed.default-1348028205828\
.
============= SERVICES / DRIVERS ===============
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-4-2 36000]
R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2004-8-11 14336]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\avira\antivir desktop\sched.exe [2012-4-2 86224]
R2 AntiVirService;Avira Realtime Protection;c:\program files\avira\antivir desktop\avguard.exe [2012-4-2 110032]
R2 AntiVirWebService;Avira Web Protection;c:\program files\avira\antivir desktop\avwebgrd.exe [2012-4-2 465360]
R2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\broadcom\asfipmon\AsfIpMon.exe [2006-12-19 79432]
R2 Autodesk Content Service;Autodesk Content Service;c:\program files\autodesk\content service\Connect.Service.ContentService.exe [2011-2-2 18656]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2009-4-25 83392]
R2 mi-raysat_3dsmax2012_32;mental ray 3.9 Satellite for Autodesk 3ds Max Design 2012 32-bit - English 32-bit;c:\program files\autodesk\3ds max design 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe [2011-2-23 86016]
R2 RalinkRegistryWriter;Ralink Registry Writer;c:\program files\zyxel\n220\common\RalinkRegistryWriter.exe [2011-5-27 69632]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-5-30 3048136]
R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [2004-8-11 5120]
R3 DXEC01;DXEC01;c:\windows\system32\drivers\dxec01.sys [2006-11-2 97536]
S2 clientservice;HSXHWBS2;c:\windows\system32\svchost.exe -k netsvcs [2004-8-11 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-19 135664]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2008-10-10 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-4-19 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-25 114144]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [2012-1-14 30576]
S3 rt2870;%Generic.Service.DispName%;c:\windows\system32\drivers\rt2870.sys [2011-5-27 803328]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v040 0.exe [2010-3-18 753504]
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2012-08-06 04:08:27 70344 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-06 04:08:27 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49:32 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49:32 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05:43 385024 ----a-w- c:\windows\system32\html.iec
2011-07-07 03:46:38 13683064 -c--a-w- c:\program files\Firefox Setup 5.0.exe
2011-06-03 01:24:52 1144011680 -c--a-w- c:\program files\AutoCAD_2012_English_Win_32bit.exe
2011-05-10 23:38:28 3948868248 -c--a-w- c:\program files\Autodesk_3ds_Max_Design_2012_English_Win_32-64bit.exe
2011-05-09 20:11:10 3232569766 -c--a-w- c:\program files\Autodesk_Revit_Architecture_2012_English_Win_32-64bit.exe
.
============= FINISH: 11:02:15.84 ===============




.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 10/24/2008 10:58:17 PM
System Uptime: 9/19/2012 9:16:46 AM (2 hours ago)
.
Motherboard: Dell Inc. | | 0UY141
Processor: Intel Pentium III Xeon processor | Microprocessor | 2592/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 17.102 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Dell Wireless 1395 WLAN Mini-Card
Device ID: PCI\VEN_14E4&DEV_4315&SUBSYS_000B1028&REV_01\4&AB208E&0&00E1
Manufacturer: Broadcom
Name: Dell Wireless 1395 WLAN Mini-Card
PNP Device ID: PCI\VEN_14E4&DEV_4315&SUBSYS_000B1028&REV_01\4&AB208E&0&00E1
Service: BCM43XX
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\34D115E1384FC000
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\34D115E1384FC000
Service: NIC1394
.
==== System Restore Points ===================
.
RP85: 7/24/2012 9:59:39 PM - System Checkpoint
RP86: 7/25/2012 10:38:50 PM - System Checkpoint
RP87: 7/29/2012 11:50:06 AM - System Checkpoint
RP88: 7/30/2012 11:55:49 AM - System Checkpoint
RP89: 7/31/2012 12:42:04 PM - System Checkpoint
RP90: 8/1/2012 7:42:52 PM - System Checkpoint
RP91: 8/5/2012 10:58:39 PM - System Checkpoint
RP92: 8/7/2012 1:16:36 AM - System Checkpoint
RP93: 8/8/2012 1:17:13 AM - System Checkpoint
RP94: 8/13/2012 4:13:19 PM - System Checkpoint
RP95: 8/15/2012 2:06:29 AM - System Checkpoint
RP96: 8/15/2012 2:30:16 PM - Software Distribution Service 3.0
RP97: 8/15/2012 6:48:14 PM - Software Distribution Service 3.0
RP98: 8/16/2012 1:31:09 AM - Software Distribution Service 3.0
RP99: 8/17/2012 2:20:20 AM - System Checkpoint
RP100: 8/21/2012 4:26:10 PM - System Checkpoint
RP101: 8/27/2012 1:29:52 AM - System Checkpoint
RP102: 8/28/2012 10:17:17 AM - System Checkpoint
RP103: 8/29/2012 12:23:12 PM - System Checkpoint
RP104: 8/31/2012 11:04:49 AM - System Checkpoint
RP105: 9/4/2012 9:50:58 AM - System Checkpoint
RP106: 9/5/2012 12:24:12 PM - System Checkpoint
RP107: 9/6/2012 1:06:10 PM - System Checkpoint
RP108: 9/8/2012 3:04:20 AM - System Checkpoint
RP109: 9/9/2012 9:13:33 PM - System Checkpoint
RP110: 9/11/2012 2:24:28 PM - System Checkpoint
RP111: 9/12/2012 2:00:31 PM - Software Distribution Service 3.0
RP112: 9/13/2012 2:18:24 PM - System Checkpoint
RP113: 9/17/2012 11:03:06 AM - System Checkpoint
RP114: 9/18/2012 11:39:38 AM - System Checkpoint
RP115: 9/18/2012 11:57:36 PM - Restore Operation
.
==== Installed Programs ======================
.
AC3Filter 2.5b
Acrobat.com
Adobe Acrobat 8 Professional
Adobe After Effects CS3
Adobe After Effects CS3 Presets
Adobe AIR
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe BridgeTalk Plugin CS3
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Contribute CS3
Adobe Creative Suite 3 Master Collection
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Dreamweaver CS3
Adobe Encore CS3
Adobe Encore CS3 Codecs
Adobe ExtendScript Toolkit 2
Adobe Extension Manager CS3
Adobe Fireworks CS3
Adobe Flash CS3
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Flash Video Encoder
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Illustrator CS3
Adobe InDesign CS3
Adobe InDesign CS3 Icon Handler
Adobe Linguistics CS3
Adobe Media Player
Adobe MotionPicture Color Files
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Premiere Pro CS3
Adobe Premiere Pro CS3 Functional Content
Adobe Premiere Pro CS3 Third Party Content
Adobe Reader X (10.1.3)
Adobe Setup
Adobe SING CS3
Adobe Soundbooth CS3
Adobe Soundbooth CS3 Codecs
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe Version Cue CS3 Server
Adobe Video Profiles
Adobe WAS CS3
Adobe WinSoft Linguistics Plugin
Adobe XMP DVA Panels CS3
Adobe XMP Panels CS3
AHV content for Acrobat and Flash
Akamai NetSession Interface
Akamai NetSession Interface Service
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
AuthenTec Fingerprint Sensor Minimum Install
AutoCAD 2012 - English
AutoCAD 2012 Language Pack - English
Autodesk 3ds Max Design 2012 32-bit - English
Autodesk Backburner 2012.0.0
Autodesk Content Service
Autodesk Design Review 2012
Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012
Autodesk Inventor Fusion 2012
Autodesk Inventor Fusion 2012 Language Pack
Autodesk Inventor Fusion plug-in for AutoCAD 2012
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012
Autodesk Material Library 2012
Autodesk Material Library Base Resolution Image Library 2012
Autodesk Material Library Low Resolution Image Library 2012
Autodesk Material Library Medium Resolution Image Library 2012
Autodesk Revit Architecture 2012
Avira Free Antivirus
Bing Maps 3D
biolsp patch
Bonjour
Broadcom ASF Management Applications
Broadcom Management Programs
Browser Address Error Redirector
Cheat Engine 6.1
Composite 2012
Dell Drivers MSI
Dell Embassy Trust Suite by Wave Systems
DivX Setup
Document Manager Lite
Dropbox
EMBASSY Security Center
EMBASSY Security Setup
ERUNT 1.1j
ESC Home Page Plugin
FARO LS 1.1.406.58
Gemalto
GemSafe Standard Edition 5.1
Google Desktop
Google Earth
Google SketchUp Pro 7
Google Toolbar for Internet Explorer
Google Update Helper
Grasshopper
High Definition Audio Driver Package - KB835221
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
IntelliSonic Speech Enhancement
Java Auto Updater
Java(TM) 7 Update 3
Java(TM) SE Development Kit 7 Update 3
JavaFX 2.0.3
JavaFX 2.0.3 SDK
Malwarebytes Anti-Malware version 1.60.1.1000
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Corporation
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft LifeCam
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 8.0 Support DLLs
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Modem Diagnostic Tool
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
NTRU TCG Software Stack
NVIDIA Drivers
NVIDIA nView Desktop Manager
PDF Settings
PowerDVD
Preboot Manager
Private Information Manager
QuickTime
Revit Architecture 2012
Revit Architecture 2012 Language Pack - English
Rhino RDK
Rhinoceros 4.0 Evaluation
Rhinoceros 4.0 Training Materials, Level 1
Secure Update
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Security Wizards
SimCity 4 Deluxe
Skype Click to Call
Skype™ 5.10
SU Podium V2 2.11.130
Trusted Drive Manager
tsp patch
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB982632)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB980182)
upekmsi
V-Ray for Rhinoceros
V-Ray for Rhinoceros Academic
VC80CRTRedist - 8.0.50727.6195
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177
Wave Infrastructure Installer
Wave Support Software
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Installer Clean Up
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
Wireless N-lite USB Adapter Utility
.
==== Event Viewer Messages From Past Week ========
.
9/18/2012 12:45:48 PM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
9/18/2012 11:00:59 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000043' while processing the file 'serial.sys' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
9/18/2012 10:33:19 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.
9/18/2012 10:32:20 PM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
9/18/2012 10:30:32 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'serial.sys' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
9/18/2012 10:13:28 AM, error: Service Control Manager [7022] - The Autodesk Content Service service hung on starting.
9/18/2012 10:12:16 AM, error: Service Control Manager [7023] - The WDM_YAMAHAAC97 service terminated with the following error: The system cannot find the file specified.
9/18/2012 10:12:16 AM, error: Service Control Manager [7023] - The UxTuneUp service terminated with the following error: The specified module could not be found.
9/18/2012 10:12:16 AM, error: Service Control Manager [7023] - The Tunnelguardservice service terminated with the following error: The specified module could not be found.
9/18/2012 10:12:16 AM, error: Service Control Manager [7023] - The TPwSav service terminated with the following error: The specified module could not be found.
9/18/2012 10:12:16 AM, error: Service Control Manager [7023] - The S3psddr service terminated with the following error: The specified module could not be found.
9/18/2012 10:12:16 AM, error: Service Control Manager [7023] - The Quickbooksdb service terminated with the following error: The specified module could not be found.
9/18/2012 10:12:16 AM, error: Service Control Manager [7023] - The Incdfs service terminated with the following error: The specified module could not be found.
9/18/2012 10:12:16 AM, error: Service Control Manager [7023] - The Iaantmon service terminated with the following error: The specified module could not be found.
9/18/2012 10:12:16 AM, error: Service Control Manager [7023] - The HSXHWBS2 service terminated with the following error: The specified module could not be found.
9/18/2012 10:12:16 AM, error: Service Control Manager [7023] - The GcKernel service terminated with the following error: The specified module could not be found.
9/18/2012 10:12:16 AM, error: Service Control Manager [7023] - The Dpfusmgr service terminated with the following error: The specified module could not be found.
9/18/2012 10:12:16 AM, error: Service Control Manager [7023] - The Citrixxteserver service terminated with the following error: The specified module could not be found.
9/18/2012 10:12:16 AM, error: Service Control Manager [7023] - The Airgo service terminated with the following error: The specified module could not be found.
9/18/2012 10:12:16 AM, error: Service Control Manager [7023] - The Advservice service terminated with the following error: The specified module could not be found.
9/18/2012 10:12:16 AM, error: Service Control Manager [7000] - The adfs service failed to start due to the following error: The system cannot find the file specified.
9/18/2012 10:04:42 AM, error: Service Control Manager [7034] - The TdmService service terminated unexpectedly. It has done this 1 time(s).
9/18/2012 10:04:42 AM, error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s).
9/18/2012 10:04:42 AM, error: Service Control Manager [7034] - The SigmaTel Audio Service service terminated unexpectedly. It has done this 1 time(s).
9/18/2012 10:04:42 AM, error: Service Control Manager [7034] - The Ralink Registry Writer service terminated unexpectedly. It has done this 1 time(s).
9/18/2012 10:04:42 AM, error: Service Control Manager [7034] - The NICCONFIGSVC service terminated unexpectedly. It has done this 1 time(s).
9/18/2012 10:04:42 AM, error: Service Control Manager [7034] - The MSCamSvc service terminated unexpectedly. It has done this 1 time(s).
9/18/2012 10:04:42 AM, error: Service Control Manager [7034] - The mental ray 3.9 Satellite for Autodesk 3ds Max Design 2012 32-bit - English 32-bit service terminated unexpectedly. It has done this 1 time(s).
9/18/2012 10:04:42 AM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
9/18/2012 10:04:42 AM, error: Service Control Manager [7034] - The FLEXnet Licensing Service service terminated unexpectedly. It has done this 1 time(s).
9/18/2012 10:04:42 AM, error: Service Control Manager [7034] - The Broadcom ASF IP and SMBIOS Mailbox Monitor service terminated unexpectedly. It has done this 1 time(s).
9/18/2012 10:04:42 AM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
9/18/2012 10:04:42 AM, error: Service Control Manager [7031] - The Autodesk Content Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
9/18/2012 10:04:42 AM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
9/18/2012 10:04:41 AM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
9/18/2012 10:04:41 AM, error: Service Control Manager [7034] - The Dell Wireless WLAN Tray Service service terminated unexpectedly. It has done this 1 time(s).
9/14/2012 9:15:46 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Fax service to connect.
9/14/2012 9:15:46 AM, error: Service Control Manager [7000] - The Fax service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================

------------------------------------------------------------------------------------------------------

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-09-20 07:41:55
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e ST9120823ASG rev.3.ADE
Running: dccye7p1.exe; Driver: C:\DOCUME~1\Admin\LOCALS~1\Temp\fxtdypog.sys


---- System - GMER 1.0.15 ----

SSDT B86EB24C ZwClose
SSDT B86EB206 ZwCreateKey
SSDT B86EB256 ZwCreateSection
SSDT B86EB1FC ZwCreateThread
SSDT B86EB20B ZwDeleteKey
SSDT B86EB215 ZwDeleteValueKey
SSDT B86EB247 ZwDuplicateObject
SSDT B86EB21A ZwLoadKey
SSDT B86EB1E8 ZwOpenProcess
SSDT B86EB1ED ZwOpenThread
SSDT B86EB26F ZwQueryValueKey
SSDT B86EB224 ZwReplaceKey
SSDT B86EB260 ZwRequestWaitReplyPort
SSDT B86EB21F ZwRestoreKey
SSDT B86EB25B ZwSetContextThread
SSDT B86EB265 ZwSetSecurityObject
SSDT B86EB210 ZwSetValueKey
SSDT B86EB26A ZwSystemDebugControl
SSDT B86EB1F7 ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 2DC4 8050467C 4 Bytes CALL A708B532
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB6E343A0, 0x59FFE5, 0xE8000020]
? C:\WINDOWS\system32\DRIVERS\serial.sys suspicious PE modification

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)

Device \FileSystem\Cdfs \Cdfs B3065400

---- Modules - GMER 1.0.15 ----

Module (noname) (*** hidden *** ) B6D94000-B6DB0000 (114688 bytes)

---- Files - GMER 1.0.15 ----

File C:\WINDOWS\$NtUninstallKB50821$\4219550980 0 bytes
File C:\WINDOWS\$NtUninstallKB50821$\4219550980\@ 2048 bytes
File C:\WINDOWS\$NtUninstallKB50821$\4219550980\Desktop.ini 4608 bytes
File C:\WINDOWS\$NtUninstallKB50821$\4219550980\L 0 bytes
File C:\WINDOWS\$NtUninstallKB50821$\4219550980\L\00000004.@ 804 bytes
File C:\WINDOWS\$NtUninstallKB50821$\4219550980\L\iahonoel 64512 bytes
File C:\WINDOWS\$NtUninstallKB50821$\4219550980\U 0 bytes
File C:\WINDOWS\$NtUninstallKB50821$\4219550980\U\00000004.@ 2048 bytes
File C:\WINDOWS\$NtUninstallKB50821$\4219550980\U\00000008.@ 232960 bytes
File C:\WINDOWS\$NtUninstallKB50821$\4219550980\U\000000cb.@ 1632 bytes
File C:\WINDOWS\$NtUninstallKB50821$\4219550980\U\80000000.@ 13312 bytes
File C:\WINDOWS\$NtUninstallKB50821$\4219550980\U\80000032.@ 91136 bytes
File C:\WINDOWS\$NtUninstallKB50821$\659319419 0 bytes

---- EOF - GMER 1.0.15 ----
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 97,340 posts.
 
Join Date: Aug 2003
30-Sep-2012, 07:08 PM #2
Are you able to connect to the Internet at all?
Architype's Avatar
Architype Architype is offline
Computer Specs
Member with 34 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
01-Oct-2012, 09:25 AM #3
I cant seem to search the web, but I was able to download an Avira antivirus update after i was infected, so it appears that I can hook up with the web. Though it didn't require me to use the browser. I think something is wrong with both Firefox and Internet explorer. Also my Wifi hangs on "Acquiring network address" for way too long, so some settings or something might have gotten changed. So to answer your question, Yes I can link to a wireless network, but I cant use any of my browsers to search. I tried resetting all the settings in firefox, but it didn't work.. Explorer will say it cant find network even though I appear to be online.
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 97,340 posts.
 
Join Date: Aug 2003
01-Oct-2012, 09:34 AM #4
See if you can download this and get it to run.

Please go here and download the TDSSKiller.exe to your desktop.
  • Double-click to TDSSKiller.exe on your desktop to run it.
  • Click on Start Scan
  • As we don't want to fix anything yet, if any malicious objects are detected, do NOT select Cure but select Skip instead.
It will produce a log once it finishes in the root drive which should look like this example:

C:\TDSSKiller.<version_date_time>log.txt

Please copy and paste the contents of that log in your next reply.
__________________
Microsoft MVP - Consumer Security
Architype's Avatar
Architype Architype is offline
Computer Specs
Member with 34 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
01-Oct-2012, 04:35 PM #5
I ran the TDS killer and it found two objects. Also, I have to use a jump drive to transfer programs from one computer to the other.


Here's the log...



16:28:01.0093 3780 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
16:28:01.0109 3780 ============================================================
16:28:01.0109 3780 Current date / time: 2012/10/01 16:28:01.0109
16:28:01.0109 3780 SystemInfo:
16:28:01.0109 3780
16:28:01.0109 3780 OS Version: 5.1.2600 ServicePack: 3.0
16:28:01.0109 3780 Product type: Workstation
16:28:01.0109 3780 ComputerName: M4300
16:28:01.0109 3780 UserName: Admin
16:28:01.0109 3780 Windows directory: C:\WINDOWS
16:28:01.0109 3780 System windows directory: C:\WINDOWS
16:28:01.0109 3780 Processor architecture: Intel x86
16:28:01.0109 3780 Number of processors: 2
16:28:01.0109 3780 Page size: 0x1000
16:28:01.0109 3780 Boot type: Normal boot
16:28:01.0109 3780 ============================================================
16:28:03.0062 3780 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:28:03.0062 3780 Drive \Device\Harddisk1\DR3 - Size: 0x77800000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:28:03.0062 3780 ============================================================
16:28:03.0062 3780 \Device\Harddisk0\DR0:
16:28:03.0062 3780 MBR partitions:
16:28:03.0062 3780 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2738A, BlocksNum 0xDF68576
16:28:03.0062 3780 \Device\Harddisk1\DR3:
16:28:03.0062 3780 MBR partitions:
16:28:03.0062 3780 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xE, StartLBA 0x1F80, BlocksNum 0x3BA080
16:28:03.0062 3780 ============================================================
16:28:03.0093 3780 C: <-> \Device\Harddisk0\DR0\Partition1
16:28:03.0093 3780 ============================================================
16:28:03.0093 3780 Initialize success
16:28:03.0093 3780 ============================================================
16:28:32.0359 3744 ============================================================
16:28:32.0359 3744 Scan started
16:28:32.0359 3744 Mode: Manual;
16:28:32.0359 3744 ============================================================
16:28:33.0421 3744 ================ Scan system memory ========================
16:28:33.0421 3744 System memory - ok
16:28:33.0421 3744 ================ Scan services =============================
16:28:33.0531 3744 Abiosdsk - ok
16:28:33.0578 3744 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
16:28:33.0593 3744 abp480n5 - ok
16:28:33.0609 3744 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:28:33.0625 3744 ACPI - ok
16:28:33.0640 3744 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:28:33.0640 3744 ACPIEC - ok
16:28:33.0656 3744 adfs - ok
16:28:33.0703 3744 Adobe LM Service - ok
16:28:33.0859 3744 [ 14C23516C990DCD6052152CF034DDE40 ] Adobe Version Cue CS3 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
16:28:33.0875 3744 Adobe Version Cue CS3 - ok
16:28:33.0906 3744 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
16:28:33.0937 3744 adpu160m - ok
16:28:33.0984 3744 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:28:34.0015 3744 aec - ok
16:28:34.0062 3744 [ 023867B6606FBABCDD52E089C4A507DA ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
16:28:34.0062 3744 AegisP - ok
16:28:34.0125 3744 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:28:34.0250 3744 AFD - ok
16:28:34.0343 3744 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
16:28:34.0359 3744 agp440 - ok
16:28:34.0375 3744 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
16:28:34.0390 3744 agpCPQ - ok
16:28:34.0406 3744 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
16:28:34.0421 3744 Aha154x - ok
16:28:34.0453 3744 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
16:28:34.0468 3744 aic78u2 - ok
16:28:34.0484 3744 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
16:28:34.0500 3744 aic78xx - ok
16:28:34.0750 3744 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files\common files\akamai/netsession_win_5891ae0.dll
16:28:34.0765 3744 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
16:28:34.0781 3744 Akamai ( HiddenFile.Multi.Generic ) - warning
16:28:34.0781 3744 Akamai - detected HiddenFile.Multi.Generic (1)
16:28:34.0828 3744 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:28:34.0843 3744 Alerter - ok
16:28:34.0859 3744 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
16:28:34.0859 3744 AliIde - ok
16:28:34.0875 3744 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
16:28:34.0890 3744 alim1541 - ok
16:28:34.0890 3744 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
16:28:34.0906 3744 amdagp - ok
16:28:34.0906 3744 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
16:28:34.0921 3744 amsint - ok
16:28:35.0015 3744 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
16:28:35.0031 3744 AntiVirSchedulerService - ok
16:28:35.0078 3744 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
16:28:35.0109 3744 AntiVirService - ok
16:28:35.0171 3744 [ E38BA9FAB3981A2115C53260B930FD3C ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
16:28:35.0171 3744 AntiVirWebService - ok
16:28:35.0234 3744 [ B8D65DA679A4A8D048783EDE2691B5D4 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
16:28:35.0234 3744 ApfiltrService - ok
16:28:35.0281 3744 [ EC94E05B76D033B74394E7B2175103CF ] APPDRV C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
16:28:35.0281 3744 APPDRV - ok
16:28:35.0390 3744 [ B8E865D24F2753A35CC2A9A6A3CE1AD4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
16:28:35.0390 3744 Apple Mobile Device - ok
16:28:35.0437 3744 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:28:35.0437 3744 AppMgmt - ok
16:28:35.0500 3744 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:28:35.0500 3744 Arp1394 - ok
16:28:35.0515 3744 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
16:28:35.0531 3744 asc - ok
16:28:35.0531 3744 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
16:28:35.0546 3744 asc3350p - ok
16:28:35.0562 3744 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
16:28:35.0562 3744 asc3550 - ok
16:28:35.0609 3744 [ 7591238EBF7DD1FD13B353C382227DC3 ] ASFIPmon C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
16:28:35.0625 3744 ASFIPmon - ok
16:28:35.0765 3744 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
16:28:35.0796 3744 aspnet_state - ok
16:28:35.0828 3744 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:28:35.0828 3744 AsyncMac - ok
16:28:35.0859 3744 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:28:35.0859 3744 atapi - ok
16:28:35.0875 3744 Atdisk - ok
16:28:35.0906 3744 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:28:35.0921 3744 Atmarpc - ok
16:28:35.0953 3744 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:28:35.0968 3744 AudioSrv - ok
16:28:36.0015 3744 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:28:36.0031 3744 audstub - ok
16:28:36.0156 3744 [ 1992C2A1867D95AA3A0802539358D162 ] Autodesk Content Service C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
16:28:36.0156 3744 Autodesk Content Service - ok
16:28:36.0218 3744 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
16:28:36.0218 3744 avgntflt - ok
16:28:36.0281 3744 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
16:28:36.0296 3744 avipbb - ok
16:28:36.0328 3744 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
16:28:36.0343 3744 avkmgr - ok
16:28:36.0406 3744 [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
16:28:36.0406 3744 b57w2k - ok
16:28:36.0421 3744 [ 5C68AC6F3E5B3E6D6A78E97D05E42C3A ] BASFND C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
16:28:36.0421 3744 BASFND - ok
16:28:36.0531 3744 [ 9208C78BD9283F79A30252AD954C77A2 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
16:28:36.0593 3744 BCM43XX - ok
16:28:36.0656 3744 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:28:36.0656 3744 Beep - ok
16:28:36.0750 3744 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:28:36.0781 3744 Bonjour Service - ok
16:28:36.0828 3744 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
16:28:36.0890 3744 Browser - ok
16:28:36.0937 3744 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
16:28:36.0953 3744 cbidf - ok
16:28:36.0953 3744 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:28:36.0953 3744 cbidf2k - ok
16:28:36.0984 3744 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:28:37.0000 3744 CCDECODE - ok
16:28:37.0015 3744 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
16:28:37.0031 3744 cd20xrnt - ok
16:28:37.0062 3744 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:28:37.0062 3744 Cdaudio - ok
16:28:37.0093 3744 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:28:37.0109 3744 Cdfs - ok
16:28:37.0156 3744 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:28:37.0171 3744 Cdrom - ok
16:28:37.0187 3744 Changer - ok
16:28:37.0234 3744 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:28:37.0250 3744 CiSvc - ok
16:28:37.0250 3744 clientservice - ok
16:28:37.0265 3744 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:28:37.0265 3744 ClipSrv - ok
16:28:37.0343 3744 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:28:37.0375 3744 clr_optimization_v2.0.50727_32 - ok
16:28:37.0406 3744 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:28:37.0484 3744 clr_optimization_v4.0.30319_32 - ok
16:28:37.0515 3744 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
16:28:37.0515 3744 CmBatt - ok
16:28:37.0562 3744 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
16:28:37.0562 3744 CmdIde - ok
16:28:37.0593 3744 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
16:28:37.0593 3744 Compbatt - ok
16:28:37.0593 3744 COMSysApp - ok
16:28:37.0625 3744 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
16:28:37.0625 3744 Cpqarray - ok
16:28:37.0671 3744 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:28:37.0687 3744 CryptSvc - ok
16:28:37.0687 3744 d-link_st3402 - ok
16:28:37.0703 3744 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
16:28:37.0718 3744 dac2w2k - ok
16:28:37.0734 3744 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
16:28:37.0734 3744 dac960nt - ok
16:28:37.0781 3744 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:28:37.0859 3744 DcomLaunch - ok
16:28:37.0890 3744 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:28:37.0906 3744 Dhcp - ok
16:28:37.0921 3744 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:28:37.0921 3744 Disk - ok
16:28:37.0921 3744 dmadmin - ok
16:28:37.0984 3744 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:28:38.0046 3744 dmboot - ok
16:28:38.0109 3744 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:28:38.0109 3744 dmio - ok
16:28:38.0171 3744 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:28:38.0171 3744 dmload - ok
16:28:38.0218 3744 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:28:38.0234 3744 dmserver - ok
16:28:38.0265 3744 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:28:38.0281 3744 DMusic - ok
16:28:38.0328 3744 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:28:38.0343 3744 Dnscache - ok
16:28:38.0390 3744 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:28:38.0406 3744 Dot3svc - ok
16:28:38.0437 3744 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
16:28:38.0437 3744 dpti2o - ok
16:28:38.0468 3744 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:28:38.0484 3744 drmkaud - ok
16:28:38.0484 3744 dsbrokerservice - ok
16:28:38.0531 3744 [ 549734664886D91222969845E4311D1B ] DXEC01 C:\WINDOWS\system32\drivers\dxec01.sys
16:28:38.0531 3744 DXEC01 - ok
16:28:38.0578 3744 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
16:28:38.0593 3744 E100B - ok
16:28:38.0609 3744 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:28:38.0625 3744 EapHost - ok
16:28:38.0656 3744 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:28:38.0671 3744 ERSvc - ok
16:28:38.0718 3744 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
16:28:38.0750 3744 Eventlog - ok
16:28:38.0796 3744 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
16:28:38.0796 3744 EventSystem - ok
16:28:38.0843 3744 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:28:38.0859 3744 Fastfat - ok
16:28:38.0921 3744 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:28:38.0953 3744 FastUserSwitchingCompatibility - ok
16:28:39.0000 3744 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
16:28:39.0015 3744 Fax - ok
16:28:39.0046 3744 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
16:28:39.0062 3744 Fdc - ok
16:28:39.0093 3744 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:28:39.0109 3744 Fips - ok
16:28:39.0218 3744 [ 73081CF28F0AE20A52CA4F67CEE6E6B0 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:28:39.0265 3744 FLEXnet Licensing Service - ok
16:28:39.0312 3744 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:28:39.0328 3744 Flpydisk - ok
16:28:39.0375 3744 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
16:28:39.0375 3744 FltMgr - ok
16:28:39.0468 3744 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:28:39.0468 3744 FontCache3.0.0.0 - ok
16:28:39.0515 3744 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:28:39.0515 3744 Fs_Rec - ok
16:28:39.0531 3744 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:28:39.0531 3744 Ftdisk - ok
16:28:39.0625 3744 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
16:28:39.0625 3744 GoogleDesktopManager-051210-111108 - ok
16:28:39.0671 3744 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:28:39.0671 3744 Gpc - ok
16:28:39.0718 3744 [ 7031A936832967A93B0E5D5F1C76745A ] guardian2 C:\WINDOWS\system32\Drivers\oz776.sys
16:28:39.0718 3744 guardian2 - ok
16:28:39.0796 3744 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:28:39.0796 3744 gupdate - ok
16:28:39.0796 3744 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:28:39.0796 3744 gupdatem - ok
16:28:39.0859 3744 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:28:39.0859 3744 gusvc - ok
16:28:39.0859 3744 hcf_msft - ok
16:28:39.0890 3744 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:28:39.0890 3744 HDAudBus - ok
16:28:39.0968 3744 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:28:39.0984 3744 helpsvc - ok
16:28:40.0031 3744 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
16:28:40.0046 3744 HidServ - ok
16:28:40.0093 3744 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:28:40.0109 3744 HidUsb - ok
16:28:40.0156 3744 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:28:40.0171 3744 hkmsvc - ok
16:28:40.0187 3744 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
16:28:40.0203 3744 hpn - ok
16:28:40.0250 3744 [ 7290FB97535C317A237D4C73149C7E2C ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
16:28:40.0265 3744 HSFHWAZL - ok
16:28:40.0343 3744 [ F362C0B442337DA8AB0608DFAA4CA076 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
16:28:40.0500 3744 HSF_DPV - ok
16:28:40.0546 3744 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:28:40.0562 3744 HTTP - ok
16:28:40.0562 3744 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:28:40.0578 3744 HTTPFilter - ok
16:28:40.0625 3744 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
16:28:40.0640 3744 i2omgmt - ok
16:28:40.0671 3744 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
16:28:40.0671 3744 i2omp - ok
16:28:40.0718 3744 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:28:40.0734 3744 i8042prt - ok
16:28:40.0734 3744 iaimfp0 - ok
16:28:40.0828 3744 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:28:40.0953 3744 idsvc - ok
16:28:41.0000 3744 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:28:41.0000 3744 Imapi - ok
16:28:41.0046 3744 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
16:28:41.0078 3744 ImapiService - ok
16:28:41.0093 3744 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
16:28:41.0109 3744 ini910u - ok
16:28:41.0156 3744 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
16:28:41.0156 3744 IntelIde - ok
16:28:41.0203 3744 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:28:41.0218 3744 intelppm - ok
16:28:41.0250 3744 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
16:28:41.0265 3744 Ip6Fw - ok
16:28:41.0281 3744 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:28:41.0281 3744 IpFilterDriver - ok
16:28:41.0312 3744 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:28:41.0312 3744 IpInIp - ok
16:28:41.0359 3744 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:28:41.0375 3744 IpNat - ok
16:28:41.0437 3744 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:28:41.0437 3744 IPSec - ok
16:28:41.0484 3744 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:28:41.0484 3744 IRENUM - ok
16:28:41.0546 3744 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:28:41.0546 3744 isapnp - ok
16:28:41.0687 3744 [ D9B1E929F2464D4C23FA9CB47DF4A1D4 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
16:28:41.0703 3744 JavaQuickStarterService - ok
16:28:41.0718 3744 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:28:41.0718 3744 Kbdclass - ok
16:28:41.0734 3744 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:28:41.0734 3744 kmixer - ok
16:28:41.0781 3744 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:28:41.0781 3744 KSecDD - ok
16:28:41.0812 3744 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
16:28:41.0812 3744 lanmanserver - ok
16:28:41.0843 3744 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:28:41.0859 3744 lanmanworkstation - ok
16:28:41.0859 3744 lbrtfdc - ok
16:28:41.0921 3744 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:28:41.0937 3744 LmHosts - ok
16:28:41.0937 3744 LVCap138 - ok
16:28:41.0937 3744 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
16:28:41.0953 3744 mdmxsdk - ok
16:28:41.0968 3744 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:28:41.0984 3744 Messenger - ok
16:28:41.0984 3744 mgabg - ok
16:28:42.0062 3744 [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2012_32 c:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
16:28:42.0078 3744 mi-raysat_3dsmax2012_32 - ok
16:28:42.0093 3744 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:28:42.0093 3744 mnmdd - ok
16:28:42.0125 3744 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:28:42.0125 3744 mnmsrvc - ok
16:28:42.0156 3744 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:28:42.0156 3744 Modem - ok
16:28:42.0218 3744 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:28:42.0234 3744 Mouclass - ok
16:28:42.0281 3744 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:28:42.0281 3744 mouhid - ok
16:28:42.0296 3744 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:28:42.0296 3744 MountMgr - ok
16:28:42.0359 3744 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:28:42.0375 3744 MozillaMaintenance - ok
16:28:42.0421 3744 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
16:28:42.0421 3744 mraid35x - ok
16:28:42.0468 3744 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:28:42.0468 3744 MRxDAV - ok
16:28:42.0546 3744 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:28:42.0546 3744 MRxSmb - ok
16:28:42.0640 3744 [ D98350792A7CE82E7459A7C36481BEDA ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS32.exe
16:28:42.0671 3744 MSCamSvc - ok
16:28:42.0718 3744 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:28:42.0718 3744 MSDTC - ok
16:28:42.0781 3744 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:28:42.0781 3744 Msfs - ok
16:28:42.0828 3744 [ 5119FFC2A6B51089CDB0EFDC75808C97 ] MSHUSBVideo C:\WINDOWS\system32\Drivers\nx6000.sys
16:28:42.0828 3744 MSHUSBVideo - ok
16:28:42.0843 3744 MSIServer - ok
16:28:42.0843 3744 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:28:42.0859 3744 MSKSSRV - ok
16:28:42.0890 3744 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:28:42.0890 3744 MSPCLOCK - ok
16:28:42.0921 3744 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:28:42.0937 3744 MSPQM - ok
16:28:42.0968 3744 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:28:42.0984 3744 mssmbios - ok
16:28:43.0015 3744 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
16:28:43.0015 3744 MSTEE - ok
16:28:43.0062 3744 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:28:43.0062 3744 Mup - ok
16:28:43.0109 3744 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:28:43.0125 3744 NABTSFEC - ok
16:28:43.0171 3744 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
16:28:43.0234 3744 napagent - ok
16:28:43.0281 3744 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:28:43.0281 3744 NDIS - ok
16:28:43.0328 3744 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:28:43.0328 3744 NdisIP - ok
16:28:43.0375 3744 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:28:43.0375 3744 NdisTapi - ok
16:28:43.0421 3744 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:28:43.0421 3744 Ndisuio - ok
16:28:43.0468 3744 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:28:43.0484 3744 NdisWan - ok
16:28:43.0531 3744 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:28:43.0531 3744 NDProxy - ok
16:28:43.0578 3744 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:28:43.0578 3744 NetBIOS - ok
16:28:43.0609 3744 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:28:43.0625 3744 NetBT - ok
16:28:43.0687 3744 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
16:28:43.0703 3744 NetDDE - ok
16:28:43.0718 3744 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:28:43.0718 3744 NetDDEdsdm - ok
16:28:43.0765 3744 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:28:43.0765 3744 Netlogon - ok
16:28:43.0781 3744 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
16:28:43.0781 3744 Netman - ok
16:28:43.0812 3744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
16:28:43.0875 3744 NetTcpPortSharing - ok
16:28:43.0906 3744 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:28:43.0906 3744 NIC1394 - ok
16:28:44.0031 3744 [ 27D38B7D646283D98D65E3435B1E6197 ] NICCONFIGSVC C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
16:28:44.0046 3744 NICCONFIGSVC - ok
16:28:44.0062 3744 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
16:28:44.0062 3744 Nla - ok
16:28:44.0062 3744 nmwcdc - ok
16:28:44.0109 3744 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:28:44.0109 3744 Npfs - ok
16:28:44.0125 3744 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:28:44.0125 3744 Ntfs - ok
16:28:44.0140 3744 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:28:44.0140 3744 NtLmSsp - ok
16:28:44.0187 3744 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:28:44.0218 3744 NtmsSvc - ok
16:28:44.0265 3744 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
16:28:44.0281 3744 NuidFltr - ok
16:28:44.0296 3744 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
16:28:44.0296 3744 Null - ok
16:28:44.0828 3744 [ ED9816DBAF6689542EA7D022631906A1 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:28:45.0187 3744 nv - ok
16:28:45.0234 3744 [ A2322C6207EBB0761A6C8CC9003EBACF ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
16:28:45.0250 3744 NVSvc - ok
16:28:45.0281 3744 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:28:45.0281 3744 NwlnkFlt - ok
16:28:45.0296 3744 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:28:45.0296 3744 NwlnkFwd - ok
16:28:45.0421 3744 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:28:45.0437 3744 odserv - ok
16:28:45.0484 3744 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:28:45.0484 3744 ohci1394 - ok
16:28:45.0531 3744 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:28:45.0546 3744 ose - ok
16:28:45.0546 3744 ovsecurityserver - ok
16:28:45.0546 3744 p2pgasvc - ok
16:28:45.0609 3744 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
16:28:45.0625 3744 Parport - ok
16:28:45.0656 3744 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:28:45.0656 3744 PartMgr - ok
16:28:45.0687 3744 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:28:45.0687 3744 ParVdm - ok
16:28:45.0703 3744 patrol_scheduler - ok
16:28:45.0734 3744 [ 9EC004140E1B675ACDEB07F66EE797A4 ] PBADRV C:\WINDOWS\system32\DRIVERS\PBADRV.sys
16:28:45.0734 3744 PBADRV - ok
16:28:45.0750 3744 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:28:45.0750 3744 PCI - ok
16:28:45.0781 3744 PCIDump - ok
16:28:45.0828 3744 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:28:45.0828 3744 PCIIde - ok
16:28:45.0843 3744 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
16:28:45.0843 3744 Pcmcia - ok
16:28:45.0843 3744 PDCOMP - ok
16:28:45.0843 3744 PDFRAME - ok
16:28:45.0859 3744 PDRELI - ok
16:28:45.0859 3744 PDRFRAME - ok
16:28:45.0875 3744 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
16:28:45.0890 3744 perc2 - ok
16:28:45.0906 3744 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
16:28:45.0906 3744 perc2hib - ok
16:28:45.0953 3744 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
16:28:45.0953 3744 PlugPlay - ok
16:28:45.0953 3744 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:28:45.0953 3744 PolicyAgent - ok
16:28:46.0000 3744 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:28:46.0000 3744 PptpMiniport - ok
16:28:46.0000 3744 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:28:46.0000 3744 ProtectedStorage - ok
16:28:46.0000 3744 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:28:46.0015 3744 PSched - ok
16:28:46.0062 3744 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:28:46.0062 3744 Ptilink - ok
16:28:46.0093 3744 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:28:46.0093 3744 PxHelp20 - ok
16:28:46.0109 3744 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
16:28:46.0109 3744 ql1080 - ok
16:28:46.0125 3744 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
16:28:46.0125 3744 Ql10wnt - ok
16:28:46.0140 3744 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
16:28:46.0140 3744 ql12160 - ok
16:28:46.0171 3744 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
16:28:46.0171 3744 ql1240 - ok
16:28:46.0203 3744 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
16:28:46.0203 3744 ql1280 - ok
16:28:46.0281 3744 [ 432F5B15E21A54B48072593F03570326 ] RalinkRegistryWriter C:\Program Files\ZyXEL\N220\Common\RalinkRegistryWriter.exe
16:28:46.0281 3744 RalinkRegistryWriter - ok
16:28:46.0296 3744 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:28:46.0312 3744 RasAcd - ok
16:28:46.0343 3744 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:28:46.0343 3744 RasAuto - ok
16:28:46.0375 3744 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:28:46.0375 3744 Rasl2tp - ok
16:28:46.0421 3744 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:28:46.0421 3744 RasMan - ok
16:28:46.0453 3744 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:28:46.0453 3744 RasPppoe - ok
16:28:46.0468 3744 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:28:46.0468 3744 Raspti - ok
16:28:46.0468 3744 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:28:46.0468 3744 Rdbss - ok
16:28:46.0515 3744 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:28:46.0515 3744 RDPCDD - ok
16:28:46.0578 3744 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:28:46.0593 3744 rdpdr - ok
16:28:46.0640 3744 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:28:46.0640 3744 RDPWD - ok
16:28:46.0671 3744 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:28:46.0687 3744 RDSessMgr - ok
16:28:46.0718 3744 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:28:46.0718 3744 redbook - ok
16:28:46.0750 3744 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:28:46.0765 3744 RemoteAccess - ok
16:28:46.0796 3744 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:28:46.0812 3744 RemoteRegistry - ok
16:28:46.0843 3744 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
16:28:46.0843 3744 RpcLocator - ok
16:28:46.0890 3744 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
16:28:46.0890 3744 RpcSs - ok
16:28:46.0937 3744 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:28:46.0953 3744 RSVP - ok
16:28:47.0000 3744 [ 1AD20F7B8B608D36983305B283A8C31C ] rt2870 C:\WINDOWS\system32\DRIVERS\rt2870.sys
16:28:47.0046 3744 rt2870 - ok
16:28:47.0046 3744 s217mdm - ok
16:28:47.0062 3744 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
16:28:47.0062 3744 SamSs - ok
16:28:47.0062 3744 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:28:47.0078 3744 SCardSvr - ok
16:28:47.0109 3744 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:28:47.0125 3744 Schedule - ok
16:28:47.0171 3744 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:28:47.0171 3744 Secdrv - ok
16:28:47.0187 3744 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:28:47.0203 3744 seclogon - ok
16:28:47.0296 3744 SecureStorageService - ok
16:28:47.0312 3744 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
16:28:47.0312 3744 SENS - ok
16:28:47.0328 3744 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
16:28:47.0328 3744 serenum - ok
16:28:47.0375 3744 [ D04816D55B35C16400F45828113C9A15 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
16:28:47.0375 3744 Suspicious file (Forged): C:\WINDOWS\system32\DRIVERS\serial.sys. Real md5: D04816D55B35C16400F45828113C9A15, Fake md5: CCA207A8896D4C6A0C9CE29A4AE411A7
16:28:47.0375 3744 Serial ( Virus.Win32.ZAccess.k ) - infected
16:28:47.0375 3744 Serial - detected Virus.Win32.ZAccess.k (0)
16:28:47.0406 3744 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:28:47.0406 3744 Sfloppy - ok
16:28:47.0421 3744 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:28:47.0421 3744 ShellHWDetection - ok
16:28:47.0421 3744 Simbad - ok
16:28:47.0453 3744 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
16:28:47.0468 3744 sisagp - ok
16:28:47.0765 3744 [ 4CA43B85F22C7739311788B651A779CB ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
16:28:47.0890 3744 Skype C2C Service - ok
16:28:47.0921 3744 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
16:28:47.0921 3744 SkypeUpdate - ok
16:28:47.0968 3744 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:28:47.0968 3744 SLIP - ok
16:28:48.0000 3744 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
16:28:48.0000 3744 SONYPVU1 - ok
16:28:48.0015 3744 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
16:28:48.0015 3744 Sparrow - ok
16:28:48.0062 3744 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:28:48.0062 3744 splitter - ok
16:28:48.0109 3744 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:28:48.0109 3744 Spooler - ok
16:28:48.0125 3744 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:28:48.0125 3744 sr - ok
16:28:48.0187 3744 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
16:28:48.0203 3744 srservice - ok
16:28:48.0265 3744 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:28:48.0281 3744 Srv - ok
16:28:48.0296 3744 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:28:48.0296 3744 SSDPSRV - ok
16:28:48.0343 3744 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
16:28:48.0343 3744 ssmdrv - ok
16:28:48.0406 3744 [ 6F855B5625A47F3AC731A262FDC379A6 ] STacSV C:\WINDOWS\system32\StacSV.exe
16:28:48.0406 3744 STacSV - ok
16:28:48.0500 3744 [ 951801DFB54D86F611F0AF47825476F9 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
16:28:48.0515 3744 STHDA - ok
16:28:48.0578 3744 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:28:48.0593 3744 stisvc - ok
16:28:48.0625 3744 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:28:48.0625 3744 streamip - ok
16:28:48.0671 3744 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:28:48.0671 3744 swenum - ok
16:28:48.0671 3744 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:28:48.0687 3744 swmidi - ok
16:28:48.0687 3744 SwPrv - ok
16:28:48.0718 3744 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
16:28:48.0718 3744 symc810 - ok
16:28:48.0734 3744 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
16:28:48.0734 3744 symc8xx - ok
16:28:48.0750 3744 symwsc - ok
16:28:48.0750 3744 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
16:28:48.0765 3744 sym_hi - ok
16:28:48.0765 3744 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
16:28:48.0765 3744 sym_u3 - ok
16:28:48.0796 3744 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:28:48.0812 3744 sysaudio - ok
16:28:48.0843 3744 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:28:48.0843 3744 SysmonLog - ok
16:28:48.0890 3744 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:28:48.0906 3744 TapiSrv - ok
16:28:48.0953 3744 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:28:48.0984 3744 Tcpip - ok
16:28:49.0093 3744 [ 23B506262493F1A521683EE88C5FBF60 ] tcsd_win32.exe C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
16:28:49.0140 3744 tcsd_win32.exe - ok
16:28:49.0265 3744 [ A27D803B21F24A5CFB775944EA4CB130 ] TdmService C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
16:28:49.0296 3744 TdmService - ok
16:28:49.0343 3744 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:28:49.0343 3744 TDPIPE - ok
16:28:49.0359 3744 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:28:49.0375 3744 TDTCP - ok
16:28:49.0406 3744 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:28:49.0421 3744 TermDD - ok
16:28:49.0453 3744 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
16:28:49.0500 3744 TermService - ok
16:28:49.0531 3744 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
16:28:49.0531 3744 Themes - ok
16:28:49.0578 3744 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
16:28:49.0593 3744 TlntSvr - ok
16:28:49.0609 3744 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
16:28:49.0609 3744 TosIde - ok
16:28:49.0671 3744 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:28:49.0687 3744 TrkWks - ok
16:28:49.0734 3744 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:28:49.0750 3744 Udfs - ok
16:28:49.0765 3744 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
16:28:49.0781 3744 ultra - ok
16:28:49.0828 3744 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:28:49.0843 3744 Update - ok
16:28:49.0890 3744 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:28:50.0000 3744 upnphost - ok
16:28:50.0015 3744 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
16:28:50.0015 3744 UPS - ok
16:28:50.0046 3744 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
16:28:50.0046 3744 usbaudio - ok
16:28:50.0078 3744 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:28:50.0078 3744 usbccgp - ok
16:28:50.0109 3744 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:28:50.0109 3744 usbehci - ok
16:28:50.0140 3744 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:28:50.0140 3744 usbhub - ok
16:28:50.0171 3744 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:28:50.0171 3744 usbscan - ok
16:28:50.0203 3744 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:28:50.0203 3744 USBSTOR - ok
16:28:50.0218 3744 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:28:50.0218 3744 usbuhci - ok
16:28:50.0250 3744 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
16:28:50.0265 3744 usbvideo - ok
16:28:50.0265 3744 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:28:50.0265 3744 VgaSave - ok
16:28:50.0296 3744 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
16:28:50.0312 3744 viaagp - ok
16:28:50.0328 3744 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
16:28:50.0328 3744 ViaIde - ok
16:28:50.0343 3744 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:28:50.0343 3744 VolSnap - ok
16:28:50.0390 3744 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
16:28:50.0406 3744 VSS - ok
16:28:50.0437 3744 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
16:28:50.0453 3744 w32time - ok
16:28:50.0468 3744 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:28:50.0609 3744 Wanarp - ok
16:28:50.0609 3744 Wave UCSPlus - ok
16:28:50.0687 3744 WaveEnrollmentService - ok
16:28:50.0734 3744 [ DB626C46997C2430D4958DA5C7FFB969 ] WaveFDE C:\WINDOWS\system32\DRIVERS\WaveFDE.sys
16:28:50.0781 3744 WaveFDE - ok
16:28:50.0875 3744 [ 51E756F2BFB5E3ADCB15F966AD293231 ] WavxDMgr C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
16:28:50.0875 3744 WavxDMgr - ok
16:28:51.0015 3744 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
16:28:51.0031 3744 Wdf01000 - ok
16:28:51.0031 3744 WDICA - ok
16:28:51.0093 3744 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:28:51.0093 3744 wdmaud - ok
16:28:51.0109 3744 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:28:51.0125 3744 WebClient - ok
16:28:51.0156 3744 [ 92CE6497076EAC3083185C44157B3A46 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
16:28:51.0234 3744 winachsf - ok
16:28:51.0328 3744 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:28:51.0328 3744 winmgmt - ok
16:28:51.0343 3744 wltrysvc - ok
16:28:51.0375 3744 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
16:28:51.0375 3744 WmdmPmSN - ok
16:28:51.0453 3744 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
16:28:51.0453 3744 Wmi - ok
16:28:51.0515 3744 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
16:28:51.0515 3744 WmiAcpi - ok
16:28:51.0546 3744 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:28:51.0562 3744 WmiApSrv - ok
16:28:51.0765 3744 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
16:28:51.0921 3744 WMPNetworkSvc - ok
16:28:52.0046 3744 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:28:52.0046 3744 WPFFontCache_v0400 - ok
16:28:52.0109 3744 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:28:52.0125 3744 WS2IFSL - ok
16:28:52.0171 3744 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:28:52.0171 3744 WSTCODEC - ok
16:28:52.0218 3744 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:28:52.0234 3744 WudfPf - ok
16:28:52.0250 3744 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:28:52.0250 3744 WudfRd - ok
16:28:52.0265 3744 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
16:28:52.0296 3744 WudfSvc - ok
16:28:52.0359 3744 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:28:52.0359 3744 WZCSVC - ok
16:28:52.0390 3744 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:28:52.0421 3744 xmlprov - ok
16:28:52.0437 3744 ================ Scan global ===============================
16:28:52.0468 3744 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
16:28:52.0531 3744 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:28:52.0546 3744 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:28:52.0578 3744 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
16:28:52.0578 3744 [Global] - ok
16:28:52.0578 3744 ================ Scan MBR ==================================
16:28:52.0593 3744 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
16:28:52.0812 3744 \Device\Harddisk0\DR0 - ok
16:28:52.0812 3744 [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk1\DR3
16:28:53.0328 3744 \Device\Harddisk1\DR3 - ok
16:28:53.0328 3744 ================ Scan VBR ==================================
16:28:53.0328 3744 [ 6225328E38543BACF55DECFBF513F854 ] \Device\Harddisk0\DR0\Partition1
16:28:53.0343 3744 \Device\Harddisk0\DR0\Partition1 - ok
16:28:53.0343 3744 [ D4A20B3E7FFFD09A8EBAD06233E589F3 ] \Device\Harddisk1\DR3\Partition1
16:28:53.0343 3744 \Device\Harddisk1\DR3\Partition1 - ok
16:28:53.0343 3744 ============================================================
16:28:53.0343 3744 Scan finished
16:28:53.0343 3744 ============================================================
16:28:53.0343 2012 Detected object count: 2
16:28:53.0343 2012 Actual detected object count: 2
16:29:28.0500 2012 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
16:29:28.0500 2012 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
16:29:28.0500 2012 Serial ( Virus.Win32.ZAccess.k ) - skipped by user
16:29:28.0500 2012 Serial ( Virus.Win32.ZAccess.k ) - User select action: Skip
16:29:58.0156 3808 Deinitialize success
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 97,340 posts.
 
Join Date: Aug 2003
01-Oct-2012, 06:14 PM #6
OK, please run TDSSKiller again and let it cure the one called Serial only. The other one (Akamai) is legit so please skip that one. Then run TDSSKiller again and post the new log.
Architype's Avatar
Architype Architype is offline
Computer Specs
Member with 34 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
02-Oct-2012, 10:24 AM #7
Hi, I ran TDSKILLER and cured "Serial". Here the log from the next scan after the reboot.
Thanks for your time..


09:54:24.0390 0216 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
09:54:24.0437 0216 ============================================================
09:54:24.0437 0216 Current date / time: 2012/10/02 09:54:24.0437
09:54:24.0437 0216 SystemInfo:
09:54:24.0437 0216
09:54:24.0437 0216 OS Version: 5.1.2600 ServicePack: 3.0
09:54:24.0437 0216 Product type: Workstation
09:54:24.0437 0216 ComputerName: M4300
09:54:24.0437 0216 UserName: Admin
09:54:24.0437 0216 Windows directory: C:\WINDOWS
09:54:24.0437 0216 System windows directory: C:\WINDOWS
09:54:24.0437 0216 Processor architecture: Intel x86
09:54:24.0437 0216 Number of processors: 2
09:54:24.0437 0216 Page size: 0x1000
09:54:24.0437 0216 Boot type: Normal boot
09:54:24.0437 0216 ============================================================
09:54:31.0406 0216 BG loaded
09:54:32.0640 0216 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
09:54:33.0187 0216 Drive \Device\Harddisk1\DR3 - Size: 0x77800000 (1.87 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:54:33.0187 0216 ============================================================
09:54:33.0187 0216 \Device\Harddisk0\DR0:
09:54:33.0671 0216 MBR partitions:
09:54:33.0671 0216 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2738A, BlocksNum 0xDF68576
09:54:33.0671 0216 \Device\Harddisk1\DR3:
09:54:33.0671 0216 MBR partitions:
09:54:33.0671 0216 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xE, StartLBA 0x1F80, BlocksNum 0x3BA080
09:54:33.0671 0216 ============================================================
09:54:33.0906 0216 C: <-> \Device\Harddisk0\DR0\Partition1
09:54:34.0218 0216 ============================================================
09:54:34.0218 0216 Initialize success
09:54:34.0218 0216 ============================================================
09:55:25.0015 2480 ============================================================
09:55:25.0015 2480 Scan started
09:55:25.0015 2480 Mode: Manual;
09:55:25.0015 2480 ============================================================
09:55:30.0515 2480 ================ Scan system memory ========================
09:55:30.0515 2480 System memory - ok
09:55:30.0515 2480 ================ Scan services =============================
09:56:21.0625 2480 Abiosdsk - ok
09:56:21.0718 2480 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
09:56:23.0796 2480 abp480n5 - ok
09:56:52.0781 2480 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:56:53.0296 2480 ACPI - ok
09:56:53.0343 2480 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
09:56:53.0531 2480 ACPIEC - ok
09:56:53.0546 2480 adfs - ok
09:56:53.0703 2480 Adobe LM Service - ok
09:56:54.0078 2480 [ 14C23516C990DCD6052152CF034DDE40 ] Adobe Version Cue CS3 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
09:56:54.0937 2480 Adobe Version Cue CS3 - ok
09:56:56.0078 2480 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
09:56:56.0296 2480 adpu160m - ok
09:56:56.0578 2480 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:56:56.0640 2480 aec - ok
09:56:56.0687 2480 [ 023867B6606FBABCDD52E089C4A507DA ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
09:56:56.0968 2480 AegisP - ok
09:56:58.0593 2480 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:56:58.0937 2480 AFD - ok
09:56:59.0046 2480 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
09:56:59.0187 2480 agp440 - ok
09:56:59.0484 2480 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
09:56:59.0625 2480 agpCPQ - ok
09:57:03.0500 2480 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
09:57:04.0000 2480 Aha154x - ok
09:57:04.0765 2480 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
09:57:05.0687 2480 aic78u2 - ok
09:57:05.0796 2480 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
09:57:06.0078 2480 aic78xx - ok
09:57:16.0171 2480 [ 0923671CF87CD511E46D4668B53F5E76 ] Akamai c:\program files\common files\akamai/netsession_win_5891ae0.dll
09:57:16.0171 2480 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_5891ae0.dll. md5: 0923671CF87CD511E46D4668B53F5E76
09:57:16.0171 2480 Akamai ( HiddenFile.Multi.Generic ) - warning
09:57:16.0171 2480 Akamai - detected HiddenFile.Multi.Generic (1)
09:57:16.0328 2480 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:57:16.0453 2480 Alerter - ok
09:57:16.0515 2480 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
09:57:16.0515 2480 AliIde - ok
09:57:16.0546 2480 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
09:57:16.0687 2480 alim1541 - ok
09:57:16.0703 2480 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
09:57:16.0750 2480 amdagp - ok
09:57:16.0781 2480 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
09:57:16.0781 2480 amsint - ok
09:57:17.0906 2480 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
09:57:17.0937 2480 AntiVirSchedulerService - ok
09:57:18.0140 2480 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
09:57:18.0156 2480 AntiVirService - ok
09:57:18.0281 2480 [ E38BA9FAB3981A2115C53260B930FD3C ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
09:57:18.0296 2480 AntiVirWebService - ok
09:57:18.0546 2480 [ B8D65DA679A4A8D048783EDE2691B5D4 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
09:57:18.0546 2480 ApfiltrService - ok
09:57:18.0609 2480 [ EC94E05B76D033B74394E7B2175103CF ] APPDRV C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
09:57:18.0609 2480 APPDRV - ok
09:57:19.0031 2480 [ B8E865D24F2753A35CC2A9A6A3CE1AD4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
09:57:19.0046 2480 Apple Mobile Device - ok
09:57:19.0140 2480 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
09:57:19.0250 2480 AppMgmt - ok
09:57:19.0296 2480 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
09:57:19.0312 2480 Arp1394 - ok
09:57:19.0359 2480 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
09:57:19.0375 2480 asc - ok
09:57:19.0390 2480 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
09:57:19.0421 2480 asc3350p - ok
09:57:19.0671 2480 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
09:57:19.0703 2480 asc3550 - ok
09:57:19.0781 2480 [ 7591238EBF7DD1FD13B353C382227DC3 ] ASFIPmon C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
09:57:19.0796 2480 ASFIPmon - ok
09:57:20.0828 2480 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:57:21.0109 2480 aspnet_state - ok
09:57:21.0140 2480 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:57:21.0156 2480 AsyncMac - ok
09:57:21.0171 2480 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:57:21.0187 2480 atapi - ok
09:57:21.0187 2480 Atdisk - ok
09:57:21.0218 2480 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:57:21.0234 2480 Atmarpc - ok
09:57:21.0296 2480 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:57:21.0343 2480 AudioSrv - ok
09:57:21.0500 2480 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:57:21.0500 2480 audstub - ok
09:57:21.0687 2480 [ 1992C2A1867D95AA3A0802539358D162 ] Autodesk Content Service C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
09:57:21.0687 2480 Autodesk Content Service - ok
09:57:21.0765 2480 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
09:57:21.0781 2480 avgntflt - ok
09:57:21.0859 2480 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
09:57:21.0859 2480 avipbb - ok
09:57:21.0937 2480 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
09:57:21.0937 2480 avkmgr - ok
09:57:22.0015 2480 [ F96038AA1EC4013A93D2420FC689D1E9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
09:57:22.0015 2480 b57w2k - ok
09:57:22.0031 2480 [ 5C68AC6F3E5B3E6D6A78E97D05E42C3A ] BASFND C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
09:57:22.0031 2480 BASFND - ok
09:57:22.0187 2480 [ 9208C78BD9283F79A30252AD954C77A2 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
09:57:22.0406 2480 BCM43XX - ok
09:57:22.0468 2480 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:57:22.0468 2480 Beep - ok
09:57:22.0609 2480 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:57:22.0625 2480 Bonjour Service - ok
09:57:22.0671 2480 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
09:57:22.0718 2480 Browser - ok
09:57:22.0796 2480 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
09:57:22.0812 2480 cbidf - ok
09:57:22.0812 2480 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:57:22.0812 2480 cbidf2k - ok
09:57:22.0875 2480 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
09:57:22.0890 2480 CCDECODE - ok
09:57:22.0937 2480 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
09:57:22.0937 2480 cd20xrnt - ok
09:57:22.0968 2480 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:57:22.0984 2480 Cdaudio - ok
09:57:23.0031 2480 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:57:23.0031 2480 Cdfs - ok
09:57:23.0093 2480 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:57:23.0093 2480 Cdrom - ok
09:57:23.0093 2480 Changer - ok
09:57:23.0156 2480 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:57:23.0171 2480 CiSvc - ok
09:57:23.0171 2480 clientservice - ok
09:57:23.0218 2480 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:57:23.0218 2480 ClipSrv - ok
09:57:23.0328 2480 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:57:23.0421 2480 clr_optimization_v2.0.50727_32 - ok
09:57:23.0453 2480 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:57:23.0703 2480 clr_optimization_v4.0.30319_32 - ok
09:57:23.0750 2480 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
09:57:23.0750 2480 CmBatt - ok
09:57:23.0796 2480 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
09:57:23.0796 2480 CmdIde - ok
09:57:23.0875 2480 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
09:57:23.0890 2480 Compbatt - ok
09:57:23.0890 2480 COMSysApp - ok
09:57:23.0921 2480 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
09:57:23.0953 2480 Cpqarray - ok
09:57:23.0984 2480 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:57:24.0015 2480 CryptSvc - ok
09:57:24.0031 2480 d-link_st3402 - ok
09:57:24.0062 2480 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
09:57:24.0062 2480 dac2w2k - ok
09:57:24.0109 2480 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
09:57:24.0109 2480 dac960nt - ok
09:57:24.0187 2480 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:57:24.0359 2480 DcomLaunch - ok
09:57:24.0421 2480 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:57:24.0421 2480 Dhcp - ok
09:57:24.0453 2480 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:57:24.0468 2480 Disk - ok
09:57:24.0468 2480 dmadmin - ok
09:57:24.0515 2480 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:57:24.0562 2480 dmboot - ok
09:57:24.0640 2480 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:57:24.0656 2480 dmio - ok
09:57:24.0718 2480 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:57:24.0750 2480 dmload - ok
09:57:24.0781 2480 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
09:57:24.0781 2480 dmserver - ok
09:57:24.0828 2480 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:57:24.0828 2480 DMusic - ok
09:57:24.0875 2480 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:57:24.0875 2480 Dnscache - ok
09:57:24.0937 2480 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:57:24.0953 2480 Dot3svc - ok
09:57:24.0968 2480 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
09:57:24.0984 2480 dpti2o - ok
09:57:25.0015 2480 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:57:25.0015 2480 drmkaud - ok
09:57:25.0015 2480 dsbrokerservice - ok
09:57:25.0078 2480 [ 549734664886D91222969845E4311D1B ] DXEC01 C:\WINDOWS\system32\drivers\dxec01.sys
09:57:25.0093 2480 DXEC01 - ok
09:57:25.0125 2480 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
09:57:25.0140 2480 E100B - ok
09:57:25.0187 2480 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:57:25.0218 2480 EapHost - ok
09:57:25.0250 2480 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:57:25.0250 2480 ERSvc - ok
09:57:25.0296 2480 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
09:57:25.0312 2480 Eventlog - ok
09:57:25.0359 2480 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
09:57:25.0359 2480 EventSystem - ok
09:57:25.0406 2480 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:57:25.0406 2480 Fastfat - ok
09:57:25.0453 2480 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:57:25.0468 2480 FastUserSwitchingCompatibility - ok
09:57:25.0515 2480 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
09:57:25.0515 2480 Fax - ok
09:57:25.0546 2480 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
09:57:25.0546 2480 Fdc - ok
09:57:25.0578 2480 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:57:25.0578 2480 Fips - ok
09:57:25.0671 2480 [ 73081CF28F0AE20A52CA4F67CEE6E6B0 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:57:25.0718 2480 FLEXnet Licensing Service - ok
09:57:25.0765 2480 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
09:57:25.0765 2480 Flpydisk - ok
09:57:25.0796 2480 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:57:25.0812 2480 FltMgr - ok
09:57:25.0906 2480 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:57:25.0906 2480 FontCache3.0.0.0 - ok
09:57:25.0953 2480 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:57:25.0953 2480 Fs_Rec - ok
09:57:25.0968 2480 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:57:26.0000 2480 Ftdisk - ok
09:57:26.0109 2480 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
09:57:26.0109 2480 GoogleDesktopManager-051210-111108 - ok
09:57:26.0156 2480 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:57:26.0171 2480 Gpc - ok
09:57:26.0234 2480 [ 7031A936832967A93B0E5D5F1C76745A ] guardian2 C:\WINDOWS\system32\Drivers\oz776.sys
09:57:26.0234 2480 guardian2 - ok
09:57:26.0312 2480 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:57:26.0328 2480 gupdate - ok
09:57:26.0343 2480 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:57:26.0343 2480 gupdatem - ok
09:57:26.0406 2480 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:57:26.0421 2480 gusvc - ok
09:57:26.0421 2480 hcf_msft - ok
09:57:26.0468 2480 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:57:26.0484 2480 HDAudBus - ok
09:57:26.0562 2480 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:57:26.0578 2480 helpsvc - ok
09:57:26.0625 2480 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
09:57:26.0640 2480 HidServ - ok
09:57:26.0687 2480 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:57:26.0687 2480 HidUsb - ok
09:57:26.0734 2480 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:57:26.0750 2480 hkmsvc - ok
09:57:26.0781 2480 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
09:57:26.0781 2480 hpn - ok
09:57:26.0828 2480 [ 7290FB97535C317A237D4C73149C7E2C ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
09:57:26.0843 2480 HSFHWAZL - ok
09:57:26.0921 2480 [ F362C0B442337DA8AB0608DFAA4CA076 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
09:57:26.0953 2480 HSF_DPV - ok
09:57:27.0015 2480 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:57:27.0031 2480 HTTP - ok
09:57:27.0078 2480 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:57:27.0093 2480 HTTPFilter - ok
09:57:27.0140 2480 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
09:57:27.0140 2480 i2omgmt - ok
09:57:27.0171 2480 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
09:57:27.0187 2480 i2omp - ok
09:57:27.0218 2480 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:57:27.0234 2480 i8042prt - ok
09:57:27.0234 2480 iaimfp0 - ok
09:57:27.0328 2480 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:57:27.0453 2480 idsvc - ok
09:57:27.0546 2480 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:57:27.0562 2480 Imapi - ok
09:57:27.0609 2480 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
09:57:27.0625 2480 ImapiService - ok
09:57:27.0640 2480 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
09:57:27.0640 2480 ini910u - ok
09:57:27.0687 2480 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
09:57:27.0687 2480 IntelIde - ok
09:57:27.0718 2480 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:57:27.0734 2480 intelppm - ok
09:57:27.0765 2480 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
09:57:27.0765 2480 Ip6Fw - ok
09:57:27.0781 2480 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:57:27.0781 2480 IpFilterDriver - ok
09:57:27.0812 2480 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:57:27.0812 2480 IpInIp - ok
09:57:27.0843 2480 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:57:27.0859 2480 IpNat - ok
09:57:27.0875 2480 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:57:27.0875 2480 IPSec - ok
09:57:27.0906 2480 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:57:27.0906 2480 IRENUM - ok
09:57:27.0937 2480 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:57:27.0937 2480 isapnp - ok
09:57:28.0078 2480 [ D9B1E929F2464D4C23FA9CB47DF4A1D4 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
09:57:28.0093 2480 JavaQuickStarterService - ok
09:57:28.0109 2480 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:57:28.0109 2480 Kbdclass - ok
09:57:28.0125 2480 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:57:28.0156 2480 kmixer - ok
09:57:28.0234 2480 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:57:28.0265 2480 KSecDD - ok
09:57:28.0296 2480 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:57:28.0328 2480 lanmanserver - ok
09:57:28.0375 2480 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:57:28.0406 2480 lanmanworkstation - ok
09:57:28.0406 2480 lbrtfdc - ok
09:57:28.0453 2480 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:57:28.0484 2480 LmHosts - ok
09:57:28.0484 2480 LVCap138 - ok
09:57:28.0531 2480 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
09:57:28.0562 2480 mdmxsdk - ok
09:57:28.0593 2480 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:57:28.0640 2480 Messenger - ok
09:57:28.0640 2480 mgabg - ok
09:57:28.0781 2480 [ 0AF89452A8CE3928168F4E5B2208C68B ] mi-raysat_3dsmax2012_32 c:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
09:57:28.0796 2480 mi-raysat_3dsmax2012_32 - ok
09:57:28.0828 2480 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:57:28.0828 2480 mnmdd - ok
09:57:28.0875 2480 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
09:57:28.0953 2480 mnmsrvc - ok
09:57:29.0015 2480 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:57:29.0031 2480 Modem - ok
09:57:29.0078 2480 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:57:29.0093 2480 Mouclass - ok
09:57:29.0140 2480 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:57:29.0171 2480 mouhid - ok
09:57:29.0187 2480 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:57:29.0203 2480 MountMgr - ok
09:57:29.0328 2480 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:57:29.0390 2480 MozillaMaintenance - ok
09:57:29.0421 2480 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
09:57:29.0484 2480 mraid35x - ok
09:57:29.0531 2480 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:57:29.0546 2480 MRxDAV - ok
09:57:29.0609 2480 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:57:29.0640 2480 MRxSmb - ok
09:57:29.0765 2480 [ D98350792A7CE82E7459A7C36481BEDA ] MSCamSvc C:\Program Files\Microsoft LifeCam\MSCamS32.exe
09:57:29.0765 2480 MSCamSvc - ok
09:57:29.0828 2480 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
09:57:29.0843 2480 MSDTC - ok
09:57:29.0906 2480 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:57:29.0906 2480 Msfs - ok
09:57:29.0953 2480 [ 5119FFC2A6B51089CDB0EFDC75808C97 ] MSHUSBVideo C:\WINDOWS\system32\Drivers\nx6000.sys
09:57:30.0000 2480 MSHUSBVideo - ok
09:57:30.0000 2480 MSIServer - ok
09:57:30.0031 2480 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:57:30.0046 2480 MSKSSRV - ok
09:57:30.0078 2480 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:57:30.0078 2480 MSPCLOCK - ok
09:57:30.0140 2480 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:57:30.0171 2480 MSPQM - ok
09:57:30.0250 2480 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:57:30.0265 2480 mssmbios - ok
09:57:30.0312 2480 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
09:57:30.0343 2480 MSTEE - ok
09:57:30.0390 2480 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:57:30.0500 2480 Mup - ok
09:57:30.0562 2480 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
09:57:30.0593 2480 NABTSFEC - ok
09:57:30.0718 2480 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
09:57:30.0875 2480 napagent - ok
09:57:30.0937 2480 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
09:57:30.0968 2480 NDIS - ok
09:57:31.0046 2480 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
09:57:31.0078 2480 NdisIP - ok
09:57:31.0125 2480 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:57:31.0140 2480 NdisTapi - ok
09:57:31.0171 2480 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:57:31.0187 2480 Ndisuio - ok
09:57:31.0218 2480 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:57:31.0234 2480 NdisWan - ok
09:57:31.0281 2480 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:57:31.0296 2480 NDProxy - ok
09:57:31.0312 2480 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:57:31.0328 2480 NetBIOS - ok
09:57:31.0343 2480 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:57:31.0359 2480 NetBT - ok
09:57:31.0421 2480 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
09:57:31.0453 2480 NetDDE - ok
09:57:31.0500 2480 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:57:31.0500 2480 NetDDEdsdm - ok
09:57:31.0562 2480 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:57:31.0578 2480 Netlogon - ok
09:57:31.0625 2480 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
09:57:31.0671 2480 Netman - ok
09:57:31.0750 2480 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:57:31.0875 2480 NetTcpPortSharing - ok
09:57:31.0921 2480 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
09:57:31.0953 2480 NIC1394 - ok
09:57:32.0078 2480 [ 27D38B7D646283D98D65E3435B1E6197 ] NICCONFIGSVC C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
09:57:32.0093 2480 NICCONFIGSVC - ok
09:57:32.0140 2480 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
09:57:32.0140 2480 Nla - ok
09:57:32.0156 2480 nmwcdc - ok
09:57:32.0187 2480 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:57:32.0203 2480 Npfs - ok
09:57:32.0218 2480 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:57:32.0250 2480 Ntfs - ok
09:57:32.0281 2480 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
09:57:32.0281 2480 NtLmSsp - ok
09:57:32.0328 2480 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:57:32.0359 2480 NtmsSvc - ok
09:57:32.0406 2480 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
09:57:32.0406 2480 NuidFltr - ok
09:57:32.0421 2480 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
09:57:32.0421 2480 Null - ok
09:57:32.0875 2480 [ ED9816DBAF6689542EA7D022631906A1 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
09:57:33.0000 2480 nv - ok
09:57:33.0031 2480 [ A2322C6207EBB0761A6C8CC9003EBACF ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
09:57:33.0062 2480 NVSvc - ok
09:57:33.0093 2480 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:57:33.0109 2480 NwlnkFlt - ok
09:57:33.0109 2480 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:57:33.0125 2480 NwlnkFwd - ok
09:57:33.0250 2480 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:57:33.0296 2480 odserv - ok
09:57:33.0343 2480 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
09:57:33.0359 2480 ohci1394 - ok
09:57:33.0406 2480 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:57:33.0421 2480 ose - ok
09:57:33.0437 2480 ovsecurityserver - ok
09:57:33.0437 2480 p2pgasvc - ok
09:57:33.0468 2480 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
09:57:33.0484 2480 Parport - ok
09:57:33.0515 2480 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:57:33.0515 2480 PartMgr - ok
09:57:33.0562 2480 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:57:33.0578 2480 ParVdm - ok
09:57:33.0578 2480 patrol_scheduler - ok
09:57:33.0609 2480 [ 9EC004140E1B675ACDEB07F66EE797A4 ] PBADRV C:\WINDOWS\system32\DRIVERS\PBADRV.sys
09:57:33.0609 2480 PBADRV - ok
09:57:33.0640 2480 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:57:33.0656 2480 PCI - ok
09:57:33.0656 2480 PCIDump - ok
09:57:33.0703 2480 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:57:33.0718 2480 PCIIde - ok
09:57:33.0718 2480 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
09:57:33.0734 2480 Pcmcia - ok
09:57:33.0750 2480 PDCOMP - ok
09:57:33.0750 2480 PDFRAME - ok
09:57:33.0750 2480 PDRELI - ok
09:57:33.0765 2480 PDRFRAME - ok
09:57:33.0781 2480 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
09:57:33.0796 2480 perc2 - ok
09:57:33.0828 2480 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
09:57:33.0843 2480 perc2hib - ok
09:57:33.0875 2480 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
09:57:33.0890 2480 PlugPlay - ok
09:57:33.0890 2480 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
09:57:33.0906 2480 PolicyAgent - ok
09:57:33.0937 2480 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:57:33.0937 2480 PptpMiniport - ok
09:57:33.0953 2480 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:57:33.0953 2480 ProtectedStorage - ok
09:57:33.0968 2480 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
09:57:33.0984 2480 PSched - ok
09:57:34.0015 2480 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:57:34.0031 2480 Ptilink - ok
09:57:34.0093 2480 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:57:34.0109 2480 PxHelp20 - ok
09:57:34.0140 2480 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
09:57:34.0140 2480 ql1080 - ok
09:57:34.0156 2480 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
09:57:34.0156 2480 Ql10wnt - ok
09:57:34.0171 2480 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
09:57:34.0171 2480 ql12160 - ok
09:57:34.0187 2480 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
09:57:34.0187 2480 ql1240 - ok
09:57:34.0203 2480 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
09:57:34.0218 2480 ql1280 - ok
09:57:34.0281 2480 [ 432F5B15E21A54B48072593F03570326 ] RalinkRegistryWriter C:\Program Files\ZyXEL\N220\Common\RalinkRegistryWriter.exe
09:57:34.0281 2480 RalinkRegistryWriter - ok
09:57:34.0296 2480 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:57:34.0296 2480 RasAcd - ok
09:57:34.0328 2480 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:57:34.0343 2480 RasAuto - ok
09:57:34.0359 2480 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:57:34.0375 2480 Rasl2tp - ok
09:57:34.0406 2480 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:57:34.0421 2480 RasMan - ok
09:57:34.0453 2480 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:57:34.0453 2480 RasPppoe - ok
09:57:34.0453 2480 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:57:34.0468 2480 Raspti - ok
09:57:34.0468 2480 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:57:34.0484 2480 Rdbss - ok
09:57:34.0531 2480 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:57:34.0531 2480 RDPCDD - ok
09:57:34.0562 2480 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:57:34.0578 2480 rdpdr - ok
09:57:34.0609 2480 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:57:34.0625 2480 RDPWD - ok
09:57:34.0671 2480 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:57:34.0687 2480 RDSessMgr - ok
09:57:34.0718 2480 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:57:34.0718 2480 redbook - ok
09:57:34.0765 2480 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:57:34.0765 2480 RemoteAccess - ok
09:57:34.0812 2480 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:57:34.0828 2480 RemoteRegistry - ok
09:57:34.0890 2480 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
09:57:34.0906 2480 RpcLocator - ok
09:57:34.0937 2480 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
09:57:34.0953 2480 RpcSs - ok
09:57:35.0000 2480 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
09:57:35.0015 2480 RSVP - ok
09:57:35.0078 2480 [ 1AD20F7B8B608D36983305B283A8C31C ] rt2870 C:\WINDOWS\system32\DRIVERS\rt2870.sys
09:57:35.0171 2480 rt2870 - ok
09:57:35.0171 2480 s217mdm - ok
09:57:35.0203 2480 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
09:57:35.0203 2480 SamSs - ok
09:57:35.0234 2480 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:57:35.0265 2480 SCardSvr - ok
09:57:35.0296 2480 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:57:35.0328 2480 Schedule - ok
09:57:35.0375 2480 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:57:35.0390 2480 Secdrv - ok
09:57:35.0421 2480 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
09:57:35.0421 2480 seclogon - ok
09:57:35.0515 2480 SecureStorageService - ok
09:57:35.0546 2480 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
09:57:35.0578 2480 SENS - ok
09:57:35.0609 2480 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
09:57:35.0609 2480 serenum - ok
09:57:35.0671 2480 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
09:57:35.0687 2480 Serial - ok
09:57:35.0703 2480 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
09:57:35.0718 2480 Sfloppy - ok
09:57:35.0734 2480 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:57:35.0750 2480 ShellHWDetection - ok
09:57:35.0750 2480 Simbad - ok
09:57:35.0796 2480 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
09:57:35.0796 2480 sisagp - ok
09:57:36.0140 2480 [ 4CA43B85F22C7739311788B651A779CB ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
09:57:36.0171 2480 Skype C2C Service - ok
09:57:36.0250 2480 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
09:57:36.0250 2480 SkypeUpdate - ok
09:57:36.0281 2480 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
09:57:36.0296 2480 SLIP - ok
09:57:36.0312 2480 [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1 C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
09:57:36.0328 2480 SONYPVU1 - ok
09:57:36.0343 2480 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
09:57:36.0343 2480 Sparrow - ok
09:57:36.0375 2480 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:57:36.0390 2480 splitter - ok
09:57:36.0421 2480 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:57:36.0437 2480 Spooler - ok
09:57:36.0453 2480 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:57:36.0453 2480 sr - ok
09:57:36.0500 2480 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
09:57:36.0500 2480 srservice - ok
09:57:36.0546 2480 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:57:36.0562 2480 Srv - ok
09:57:36.0578 2480 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:57:36.0578 2480 SSDPSRV - ok
09:57:36.0640 2480 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
09:57:36.0640 2480 ssmdrv - ok
09:57:36.0687 2480 [ 6F855B5625A47F3AC731A262FDC379A6 ] STacSV C:\WINDOWS\system32\StacSV.exe
09:57:36.0703 2480 STacSV - ok
09:57:36.0781 2480 [ 951801DFB54D86F611F0AF47825476F9 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
09:57:36.0796 2480 STHDA - ok
09:57:36.0859 2480 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:57:36.0875 2480 stisvc - ok
09:57:36.0906 2480 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
09:57:36.0906 2480 streamip - ok
09:57:36.0953 2480 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:57:36.0953 2480 swenum - ok
09:57:36.0968 2480 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09:57:36.0968 2480 swmidi - ok
09:57:36.0984 2480 SwPrv - ok
09:57:37.0000 2480 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
09:57:37.0015 2480 symc810 - ok
09:57:37.0031 2480 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
09:57:37.0046 2480 symc8xx - ok
09:57:37.0046 2480 symwsc - ok
09:57:37.0062 2480 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
09:57:37.0078 2480 sym_hi - ok
09:57:37.0093 2480 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
09:57:37.0093 2480 sym_u3 - ok
09:57:37.0125 2480 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:57:37.0125 2480 sysaudio - ok
09:57:37.0171 2480 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:57:37.0187 2480 SysmonLog - ok
09:57:37.0218 2480 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:57:37.0234 2480 TapiSrv - ok
09:57:37.0296 2480 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:57:37.0312 2480 Tcpip - ok
09:57:37.0437 2480 [ 23B506262493F1A521683EE88C5FBF60 ] tcsd_win32.exe C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
09:57:37.0453 2480 tcsd_win32.exe - ok
09:57:37.0593 2480 [ A27D803B21F24A5CFB775944EA4CB130 ] TdmService C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe
09:57:37.0593 2480 TdmService - ok
09:57:37.0640 2480 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:57:37.0656 2480 TDPIPE - ok
09:57:37.0656 2480 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:57:37.0671 2480 TDTCP - ok
09:57:37.0703 2480 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:57:37.0718 2480 TermDD - ok
09:57:37.0765 2480 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
09:57:37.0812 2480 TermService - ok
09:57:37.0828 2480 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
09:57:37.0843 2480 Themes - ok
09:57:37.0875 2480 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
09:57:37.0906 2480 TlntSvr - ok
09:57:37.0921 2480 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
09:57:37.0921 2480 TosIde - ok
09:57:37.0968 2480 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:57:37.0984 2480 TrkWks - ok
09:57:38.0031 2480 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:57:38.0046 2480 Udfs - ok
09:57:38.0062 2480 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
09:57:38.0078 2480 ultra - ok
09:57:38.0125 2480 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
09:57:38.0156 2480 Update - ok
09:57:38.0187 2480 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:57:38.0234 2480 upnphost - ok
09:57:38.0234 2480 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
09:57:38.0250 2480 UPS - ok
09:57:38.0281 2480 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
09:57:38.0296 2480 usbaudio - ok
09:57:38.0375 2480 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:57:38.0390 2480 usbccgp - ok
09:57:38.0421 2480 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:57:38.0437 2480 usbehci - ok
09:57:38.0484 2480 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:57:38.0484 2480 usbhub - ok
09:57:38.0515 2480 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:57:38.0515 2480 usbscan - ok
09:57:38.0531 2480 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:57:38.0546 2480 USBSTOR - ok
09:57:38.0546 2480 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:57:38.0562 2480 usbuhci - ok
09:57:38.0578 2480 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
09:57:38.0593 2480 usbvideo - ok
09:57:38.0593 2480 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:57:38.0593 2480 VgaSave - ok
09:57:38.0640 2480 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
09:57:38.0640 2480 viaagp - ok
09:57:38.0656 2480 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
09:57:38.0656 2480 ViaIde - ok
09:57:38.0687 2480 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:57:38.0687 2480 VolSnap - ok
09:57:38.0734 2480 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
09:57:38.0750 2480 VSS - ok
09:57:38.0781 2480 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
09:57:38.0796 2480 w32time - ok
09:57:38.0812 2480 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:57:38.0812 2480 Wanarp - ok
09:57:38.0812 2480 Wave UCSPlus - ok
09:57:38.0843 2480 WaveEnrollmentService - ok
09:57:38.0875 2480 [ DB626C46997C2430D4958DA5C7FFB969 ] WaveFDE C:\WINDOWS\system32\DRIVERS\WaveFDE.sys
09:57:38.0875 2480 WaveFDE - ok
09:57:38.0906 2480 [ 51E756F2BFB5E3ADCB15F966AD293231 ] WavxDMgr C:\WINDOWS\system32\DRIVERS\WavxDMgr.sys
09:57:38.0921 2480 WavxDMgr - ok
09:57:38.0984 2480 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:57:38.0984 2480 Wdf01000 - ok
09:57:38.0984 2480 WDICA - ok
09:57:39.0046 2480 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:57:39.0062 2480 wdmaud - ok
09:57:39.0078 2480 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:57:39.0093 2480 WebClient - ok
09:57:39.0140 2480 [ 92CE6497076EAC3083185C44157B3A46 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
09:57:39.0156 2480 winachsf - ok
09:57:39.0250 2480 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:57:39.0250 2480 winmgmt - ok
09:57:39.0265 2480 wltrysvc - ok
09:57:39.0296 2480 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
09:57:39.0312 2480 WmdmPmSN - ok
09:57:39.0359 2480 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
09:57:39.0375 2480 Wmi - ok
09:57:39.0421 2480 [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
09:57:39.0421 2480 WmiAcpi - ok
09:57:39.0437 2480 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:57:39.0453 2480 WmiApSrv - ok
09:57:39.0656 2480 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
09:57:39.0765 2480 WMPNetworkSvc - ok
09:57:39.0921 2480 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:57:39.0984 2480 WPFFontCache_v0400 - ok
09:57:40.0046 2480 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:57:40.0062 2480 WS2IFSL - ok
09:57:40.0093 2480 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
09:57:40.0109 2480 WSTCODEC - ok
09:57:40.0140 2480 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
09:57:40.0156 2480 WudfPf - ok
09:57:40.0171 2480 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
09:57:40.0187 2480 WudfRd - ok
09:57:40.0218 2480 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
09:57:40.0265 2480 WudfSvc - ok
09:57:40.0328 2480 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:57:40.0343 2480 WZCSVC - ok
09:57:40.0359 2480 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:57:40.0390 2480 xmlprov - ok
09:57:40.0406 2480 ================ Scan global ===============================
09:57:40.0437 2480 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
09:57:40.0500 2480 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
09:57:40.0515 2480 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
09:57:40.0531 2480 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
09:57:40.0531 2480 [Global] - ok
09:57:40.0531 2480 ================ Scan MBR ==================================
09:57:40.0562 2480 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
09:57:40.0750 2480 \Device\Harddisk0\DR0 - ok
09:57:40.0750 2480 [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk1\DR3
09:57:41.0218 2480 \Device\Harddisk1\DR3 - ok
09:57:41.0218 2480 ================ Scan VBR ==================================
09:57:41.0218 2480 [ 6225328E38543BACF55DECFBF513F854 ] \Device\Harddisk0\DR0\Partition1
09:57:41.0218 2480 \Device\Harddisk0\DR0\Partition1 - ok
09:57:41.0218 2480 [ D4A20B3E7FFFD09A8EBAD06233E589F3 ] \Device\Harddisk1\DR3\Partition1
09:57:41.0218 2480 \Device\Harddisk1\DR3\Partition1 - ok
09:57:41.0218 2480 ============================================================
09:57:41.0218 2480 Scan finished
09:57:41.0218 2480 ============================================================
09:57:41.0234 2472 Detected object count: 1
09:57:41.0234 2472 Actual detected object count: 1
10:06:45.0546 2472 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
10:06:45.0546 2472 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
10:06:52.0781 2012 Deinitialize success
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 97,340 posts.
 
Join Date: Aug 2003
02-Oct-2012, 06:07 PM #8
Please visit Combofix Guide & Instructions for instructions for installing the Recovery Console and downloading and running ComboFix.

The only thing different from the instructions there is that when downloading and saving the ComboFix.exe I would like you to rename it to puppy.exe please.

Post the log from ComboFix when you've accomplished that.

Important notes regarding ComboFix:

ComboFix may reset a number of Internet Explorer's settings, including making it the default browser. This can easily be changed once we're finished.

ComboFix also prevents autorun of ALL CDs, floppies and USB devices (don't worry, the keyboard and mouse will still function) to assist with malware removal & increase security. If this is an issue or makes it difficult for you, please let me know. This can be undone manually when we're finished. Read HERE for an article written by dvk01 on why we disable autoruns.
Architype's Avatar
Architype Architype is offline
Computer Specs
Member with 34 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
02-Oct-2012, 09:57 PM #9
Hi, I ran the combo fix.. I got the log, but after reading your directions I realized that I did not rename combofix puppy.Instead I named the log puppy on a account of my misunderstanding.I'm posting the log, if you would like me to run it again with combofix renamed as puppy I would be happy to run it again..
Thank you for your time.



ComboFix 12-10-02.02 - Admin 10/02/2012 21:00:01.12.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.3013 [GMT -4:00]
Running from: c:\documents and settings\Admin\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Admin\Local Settings\Application Data\assembly\tmp
c:\program files\AutoCAD_2012_English_Win_32bit.exe
c:\program files\Autodesk_3ds_Max_Design_2012_English_Win_32-64bit.exe
c:\program files\Autodesk_Revit_Architecture_2012_English_Win_32-64bit.exe
c:\windows\system32\AegisI5Installer.exe
c:\windows\system32\dds_trash_log.cmd
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\test
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-09-03 to 2012-10-03 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-02 13:53 . 2004-08-04 04:15 64512 ----a-w- c:\windows\system32\drivers\serial.sys
2012-08-06 04:08 . 2012-06-26 00:46 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-06 04:08 . 2011-07-07 04:16 70344 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-06 13:58 . 2004-08-11 22:00 78336 ----a-w- c:\windows\system32\browser.dll
2011-07-07 03:46 . 2011-07-07 03:46 13683064 -c--a-w- c:\program files\Firefox Setup 5.0.exe
2012-09-10 00:18 . 2012-09-10 00:18 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2010-07-21 19:19 . 2012-09-10 00:18 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2011-07-28 02:41 1493160 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-07-28 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2011-07-28 1493160]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\documents and settings\Admin\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\documents and settings\Admin\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\documents and settings\Admin\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shell iconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-02-15 00:32 94208 ----a-w- c:\documents and settings\Admin\Application Data\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-21 39408]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17420464]
"Akamai NetSession Interface"="c:\documents and settings\Admin\Local Settings\Application Data\Akamai\netsession_win.exe" [2012-08-10 4440896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-10 348664]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"SecureUpgrade"="c:\program files\Wave Systems Corp\SecureUpgrade.exe" [2007-09-14 218424]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-09-06 413696]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-08 1753192]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]
"NVHotkey"="nvHotkey.dll" [2010-07-09 178792]
"LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-07-21 30192]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2011-07-28 397992]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Acrobat Assistant 8.0"="c:\program files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-23 620152]
.
c:\documents and settings\Admin\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\Admin\Application Data\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [N/A]
DRSpawner.lnk - c:\documents and settings\All Users\Application Data\ASGvis\DRSpawner\DRSpawner.exe [2012-6-5 2080768]
Wireless N-lite USB Adapter Utility.lnk - c:\program files\ZyXEL\N220\Common\N220.exe [2011-5-27 1990656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gemsafe]
2006-11-16 20:20 73728 ----a-w- c:\program files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll
.
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [4/2/2012 8:10 PM 36000]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [8/11/2004 6:00 PM 14336]
R2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [4/2/2012 8:10 PM 86224]
R2 AntiVirWebService;Avira Web Protection;c:\program files\Avira\AntiVir Desktop\avwebgrd.exe [4/2/2012 8:10 PM 465360]
R2 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\Broadcom\ASFIPMon\AsfIpMon.exe [12/19/2006 3:21 PM 79432]
R2 Autodesk Content Service;Autodesk Content Service;c:\program files\Autodesk\Content Service\Connect.Service.ContentService.exe [2/2/2011 2:08 PM 18656]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [5/30/2012 1:56 PM 3048136]
R2 Wave UCSPlus;Wave UCSPlus;c:\windows\system32\dllhost.exe [8/11/2004 6:00 PM 5120]
R3 DXEC01;DXEC01;c:\windows\system32\drivers\dxec01.sys [11/2/2006 1:32 PM 97536]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [4/19/2010 11:31 PM 135664]
S2 mi-raysat_3dsmax2012_32;mental ray 3.9 Satellite for Autodesk 3ds Max Design 2012 32-bit - English 32-bit;c:\program files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe [2/23/2011 7:59 AM 86016]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [7/13/2012 2:14 PM 160944]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [10/10/2008 11:26 AM 30192]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [4/19/2010 11:31 PM 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/25/2012 9:59 PM 114144]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\drivers\nx6000.sys [1/14/2012 3:31 PM 30576]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - BITS
*NewlyCreated* - WUAUSERV
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Epiusb
patrol_scheduler
s217mdm
p2pgasvc
clientservice
dsbrokerservice
iaimfp0
bantext
LVCap138
symwsc
nmwcdc
mgabg
ovsecurityserver
hcf_msft
d-link_st3402
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-03 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-05-01 06:03]
.
2012-10-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-20 03:31]
.
2012-10-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-20 03:31]
.
2012-10-02 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job
- c:\program files\Ask.com\UpdateTask.exe [2011-07-28 02:41]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6081010
mSearch Bar = hxxp://www.google.com/ie
uInternet Connection Wizard,ShellNext = hxxp://www.google.com/ig/dell?hl=en&client=dell-usuk-rel&channel=us&ibd=6081010
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Banner Ad Blocker - c:\program files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
LSP: c:\program files\Avira\AntiVir Desktop\avsda.dll
DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} - hxxp://kitchenplanner.ikea.com/US/Core/Player/2020PlayerAX_IKEA_Win32.cab
FF - ProfilePath - c:\documents and settings\Admin\Application Data\Mozilla\Firefox\Profiles\8v2j09ed.default-1348028205828\
.
- - - - ORPHANS REMOVED - - - -
.
HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe
SafeBoot-30100496.sys
SafeBoot-74723438.sys
SafeBoot-97680512.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-10-02 21:43
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Akamai]
"ServiceDll"="c:\program files\common files\akamai/netsession_win_5891ae0.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01 ,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,49,88,81,51,85,12,33,4d,84,27,bd, \
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01 ,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,49,88,81,51,85,12,33,4d,84,27,bd, \
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(680)
c:\windows\System32\BCMLogon.dll
.
- - - - - - - > 'lsass.exe'(736)
c:\program files\Avira\AntiVir Desktop\avsda.dll
.
Completion time: 2012-10-02 21:47:12
ComboFix-quarantined-files.txt 2012-10-03 01:47
.
Pre-Run: 17,534,820,352 bytes free
Post-Run: 20,786,536,448 bytes free
.
- - End Of File - - F1A9D9752844C99D3A8A043BFCBB492A
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 97,340 posts.
 
Join Date: Aug 2003
02-Oct-2012, 10:07 PM #10
That's alright.

I'm signing off for the night now but I'll post further instructions tomorrow morning.
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 97,340 posts.
 
Join Date: Aug 2003
03-Oct-2012, 08:47 AM #11
Download OTL to your Desktop.
  • Double-click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under Custom Scans/Fixes type in Netsvcs
  • Click the Run Scan button. Do not change any other settings unless otherwise instructed. The scan won't take long.
  • When the scan completes, it will open two Notepad windows called OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy and paste the contents of both of these files here in your next reply.
Architype's Avatar
Architype Architype is offline
Computer Specs
Member with 34 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
03-Oct-2012, 10:03 AM #12
Hi, I just ran the scan, following your directions. I am attaching the two logs in my post. By the way my computer was able to go online last night after I used combofix. I was also able to surf the web...Awesome : )....One thing though, is that windows keeps asking me if I want to block certain options on programs like skype dropbox etc.."via my Firewall" that my pose a sercurity risk.. I keep selecting "ask me later"...should I just allow those programs to function normally or should I keep blocking those options for now?

Thank you...




OTL logfile created on: 10/3/2012 9:38:45 AM - Run 1
OTL by OldTimer - Version 3.2.70.1 Folder = C:\Documents and Settings\Admin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 2.76 Gb Available Physical Memory | 78.82% Memory free
8.58 Gb Paging File | 7.95 Gb Available in Paging File | 92.59% Paging File free
Paging file location(s): C:\pagefile.sys 5371 6000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.70 Gb Total Space | 19.24 Gb Free Space | 17.23% Space Free | Partition Type: NTFS
Drive E: | 1.86 Gb Total Space | 1.37 Gb Free Space | 73.30% Space Free | Partition Type: FAT

Computer Name: M4300 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/03 09:34:24 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe
PRC - [2012/08/10 18:59:52 | 004,440,896 | ---- | M] (Akamai Technologies, Inc.) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Akamai\netsession_win.exe
PRC - [2012/08/10 01:31:41 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/05/30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/05/24 14:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Admin\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2012/05/09 00:59:44 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/09 00:59:43 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012/05/09 00:59:43 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/09 00:59:43 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/04/03 20:36:53 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/07/27 22:41:08 | 000,397,992 | ---- | M] ({StringFileInfo_CompanyName}) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011/05/09 17:23:33 | 001,044,816 | ---- | M] (Flexera Software, Inc.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2011/02/23 07:59:00 | 000,086,016 | ---- | M] () -- c:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
PRC - [2011/02/02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2010/06/21 15:24:30 | 001,990,656 | ---- | M] (ZyXEL Technology, Corp.) -- C:\Program Files\ZyXEL\N220\Common\N220.exe
PRC - [2010/05/20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2008/05/13 15:12:54 | 000,069,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\ZyXEL\N220\Common\RalinkRegistryWriter.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/22 13:40:20 | 000,475,136 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2007/12/05 21:07:34 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\stacsv.exe
PRC - [2007/11/08 23:50:10 | 001,552,384 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
PRC - [2007/09/14 11:53:16 | 000,218,424 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2006/12/19 15:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
PRC - [2006/10/22 23:24:02 | 000,620,152 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe


========== Modules (No Company Name) ==========

MOD - [2012/06/14 14:09:11 | 001,211,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\c6dd1cf 1d4982499cd88f936b1af25c2\System.WorkflowServices.ni.dll
MOD - [2012/06/14 14:06:55 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\2516a49 d10f4418f72e1c25f691815a8\System.ServiceProcess.ni.dll
MOD - [2012/06/13 14:13:09 | 001,666,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\4a668799513e3 69a54fdab8b3f74de92\System.Drawing.ni.dll
MOD - [2012/05/11 11:29:57 | 000,365,056 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\2841413 92cdba7fa4b2a4668125329a9\System.ServiceModel.Routing.ni.dll
MOD - [2012/05/11 11:29:56 | 001,128,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\28b09f1 4e54a06c091073b1d3e316fb6\System.ServiceModel.Discovery.ni.dll
MOD - [2012/05/11 11:29:55 | 000,082,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\39c6c53 75d1763165dd8c1623bd10668\System.ServiceModel.Channels.ni.dll
MOD - [2012/05/11 11:29:37 | 001,387,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\18d8e3f 9e290217ac0c48571557c5fc3\System.ServiceModel.Activities.ni.dll
MOD - [2012/05/11 11:29:33 | 001,072,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\a90d8ca 6c54f70507704d788fd0d3ded\System.IdentityModel.ni.dll
MOD - [2012/05/11 11:29:31 | 017,996,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\5be1370b 1331393f73af710d0d71b02d\System.ServiceModel.ni.dll
MOD - [2012/05/11 11:29:16 | 001,051,648 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d6efd98 958647b0a5b224393605f30da\System.ServiceModel.Web.ni.dll
MOD - [2012/05/11 11:26:28 | 001,897,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Web.Services\65f64efe 2aec0291c18453af0c3eb19b\System.Web.Services.ni.dll
MOD - [2012/05/11 11:26:14 | 000,786,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\26ee061 618887d629a9f7072970ffb85\System.EnterpriseServices.ni.dll
MOD - [2012/05/11 11:26:14 | 000,236,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\26ee061 618887d629a9f7072970ffb85\System.EnterpriseServices.Wrapper.dll
MOD - [2012/05/11 11:26:13 | 000,646,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\ce2aa3a5 e89c326055ac8e2a309232f7\System.Transactions.ni.dll
MOD - [2012/05/11 11:26:12 | 001,020,928 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\a40c425 10e312339018486b1d7076e0a\System.Runtime.DurableInstancing.ni.dll
MOD - [2012/05/11 11:26:11 | 000,142,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\9115e9f656b00f c4e46da91537ef1358\SMDiagnostics.ni.dll
MOD - [2012/05/11 11:26:10 | 002,637,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\9bfda0a dd366eea12ea0402e60d01e84\System.Runtime.Serialization.ni.dll
MOD - [2012/05/11 02:13:33 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d72 37aa70e935900\mscorlib.ni.dll
MOD - [2012/05/11 02:04:03 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\0c8e950 df17a0abec10888e8ad966cbe\System.Configuration.ni.dll
MOD - [2012/05/11 02:04:01 | 006,798,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\9f5111b0b58258c3 a4bbcfb8bf27374c\System.Data.ni.dll
MOD - [2012/05/11 02:03:55 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\5ee8bf77e7b3e25cd bff6e1c299574fe\System.Xml.ni.dll
MOD - [2012/05/11 02:03:54 | 007,052,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\14ba6251d6ec84c9 579ed3d3e10b30c1\System.Core.ni.dll
MOD - [2012/05/11 02:03:29 | 009,090,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\6f399163bb35597da7141 ccdb7f39d16\System.ni.dll
MOD - [2012/05/11 02:03:18 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957b ff8f58145384e\mscorlib.ni.dll
MOD - [2012/05/09 00:59:44 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011/07/28 19:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/02/23 07:59:00 | 000,086,016 | ---- | M] () -- c:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
MOD - [2011/02/02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
MOD - [2008/06/29 22:11:04 | 000,753,664 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2008/04/13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/11/28 04:32:00 | 001,163,264 | ---- | M] () -- C:\Program Files\ZyXEL\N220\Common\acAuth.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe -- (WaveEnrollmentService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RDID1007.dll -- (symwsc)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pimsgss.dll -- (s217mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\streamloadservice.dll -- (patrol_scheduler)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mskservice.dll -- (p2pgasvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dsunidrv.dll -- (ovsecurityserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pptchpad.dll -- (nmwcdc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w800mgmt.dll -- (mgabg)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NICM.dll -- (LVCap138)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\UsbDiag.dll -- (iaimfp0)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sqlagent$pinnaclesys.dll -- (hcf_msft)
SRV - File not found [Auto | Stopped] -- \.\globalroot\C:\WINDOWS\system32\svchost.exe -- (Epiusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\imagedrv.dll -- (dsbrokerservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\backupexecjobengine.dll -- (d-link_st3402)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\advantage.dll -- (clientservice)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2012/09/09 20:18:55 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/06 14:16:49 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)
SRV - [2012/07/13 14:14:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/05/09 00:59:44 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/09 00:59:43 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012/05/09 00:59:43 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/04/03 20:36:53 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/05/09 17:23:33 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/02/23 07:59:00 | 000,086,016 | ---- | M] () [Auto | Running] -- c:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe -- (mi-raysat_3dsmax2012_32)
SRV - [2011/02/02 14:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010/05/20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2008/05/13 15:12:54 | 000,069,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\ZyXEL\N220\Common\RalinkRegistryWriter.exe -- (RalinkRegistryWriter)
SRV - [2008/02/22 13:40:20 | 000,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2007/12/05 21:07:34 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
SRV - [2007/11/08 23:50:10 | 001,552,384 | ---- | M] () [Auto | Running] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007/09/07 18:29:04 | 000,737,280 | ---- | M] (Wave Systems Corp.) [Auto | Stopped] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2007/03/20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006/12/19 15:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Admin\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2012/05/09 00:59:44 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/09 00:59:44 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/09/16 16:09:17 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/20 16:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2009/11/19 13:03:18 | 000,803,328 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2008/06/29 22:11:44 | 001,287,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/06/15 20:35:02 | 000,985,472 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2008/06/15 20:35:00 | 000,731,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2008/06/15 20:35:00 | 000,210,688 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/12/05 21:07:36 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/11/28 17:18:24 | 000,062,208 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007/09/10 10:55:00 | 000,161,280 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2007/09/07 10:57:14 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PBADRV.sys -- (PBADRV)
DRV - [2007/09/06 10:18:40 | 000,018,176 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WaveFDE.sys -- (WaveFDE)
DRV - [2007/04/15 22:49:08 | 000,132,608 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/03/18 16:44:38 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/12/19 15:21:52 | 000,010,480 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
DRV - [2006/11/02 13:32:32 | 000,097,536 | ---- | M] (Knowles Acoustics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dxec01.sys -- (DXEC01)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6081010
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&...us&ibd=6081010
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={ inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&...us&ibd=6081010
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GPEA_en&ie={inputEncoding}&oe={outputEncoding }&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=UV-ZL3kkJMUkydWEbRpXkPiEAgI?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2010/04/27 20:31:21 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/07/05 21:05:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/09 20:18:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/09 20:18:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8CF94090-6F79-11E1-826D-B8AC6F996F26}: C:\Documents and Settings\Admin\Local Settings\Application Data\{8CF94090-6F79-11E1-826D-B8AC6F996F26}\ [2012/03/16 11:06:08 | 000,000,000 | ---D | M]

[2011/07/06 23:47:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Extensions
[2011/09/06 19:02:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\extensions
[2012/09/09 20:18:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/09 20:18:32 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/09/09 20:18:56 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/01/04 14:52:54 | 000,001,919 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing-zugo.xml
[2012/09/03 23:18:00 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/03 23:18:00 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/03/26 18:58:11 | 000,000,761 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Admin\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\Admin\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Admin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\Admin\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DRSpawner.lnk = C:\Documents and Settings\All Users\Application Data\ASGvis\DRSpawner\DRSpawner.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless N-lite USB Adapter Utility.lnk = C:\Program Files\ZyXEL\N220\Common\N220.exe (ZyXEL Technology, Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm File not found
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/US/Co...IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanner.ikea.com/US/Co...erAX_Win32.cab (20-20 3D Viewer)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Unable to open value key)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Unable to open value key)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B515332-AE0B-4D61-89A3-D693D0733B5E}: DhcpNameServer = 192.168.1.1 71.252.0.12
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\gemsafe: DllName - (C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll) - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll (Gemplus)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/02 21:24:57 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/04/19 01:37:22 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Epiusb - \.\globalroot\C:\WINDOWS\system32\svchost.exe File not found
NetSvcs: patrol_scheduler - %systemroot%\system32\streamloadservice.dll File not found
NetSvcs: s217mdm - %systemroot%\system32\pimsgss.dll File not found
NetSvcs: p2pgasvc - %systemroot%\system32\mskservice.dll File not found
NetSvcs: clientservice - %systemroot%\system32\advantage.dll File not found
NetSvcs: dsbrokerservice - %systemroot%\system32\imagedrv.dll File not found
NetSvcs: iaimfp0 - %systemroot%\system32\UsbDiag.dll File not found
NetSvcs: bantext - File not found
NetSvcs: LVCap138 - %systemroot%\system32\NICM.dll File not found
NetSvcs: symwsc - %systemroot%\system32\RDID1007.dll File not found
NetSvcs: nmwcdc - %systemroot%\system32\pptchpad.dll File not found
NetSvcs: mgabg - %systemroot%\system32\w800mgmt.dll File not found
NetSvcs: ovsecurityserver - %systemroot%\system32\dsunidrv.dll File not found
NetSvcs: hcf_msft - %systemroot%\system32\sqlagent$pinnaclesys.dll File not found
NetSvcs: d-link_st3402 - %systemroot%\system32\backupexecjobengine.dll File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2012/10/03 09:36:21 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe
[2012/10/02 20:49:48 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/10/02 20:49:48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/10/02 20:49:48 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/10/02 20:49:48 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/10/02 20:49:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/02 20:48:35 | 004,759,935 | R--- | C] (Swearware) -- C:\Documents and Settings\Admin\Desktop\ComboFix.exe
[2012/09/19 00:16:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\Old Firefox Data-2
[2012/09/18 23:28:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\Old Firefox Data-1
[2012/09/18 23:15:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\Old Firefox Data
[2012/09/17 09:36:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\DC Water
[2012/09/09 20:18:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/07/06 23:46:08 | 013,683,064 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 5.0.exe
[1 C:\Documents and Settings\Admin\Desktop\*.tmp files -> C:\Documents and Settings\Admin\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/03 09:34:24 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe
[2012/10/03 09:34:21 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/10/03 09:33:19 | 000,034,901 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2012/10/03 09:33:07 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/03 09:29:34 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/03 09:29:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/03 09:29:27 | 3755,962,368 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/02 23:09:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/02 23:01:26 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/10/02 20:43:28 | 004,759,935 | R--- | M] (Swearware) -- C:\Documents and Settings\Admin\Desktop\ComboFix.exe
[2012/10/02 16:59:38 | 000,244,433 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Kimberly_Design_3.skp
[2012/10/02 16:09:57 | 000,067,576 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Treatment_Proposal_1.pdf
[2012/10/02 16:09:15 | 000,067,574 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Treatment_Proposal_Final.pdf
[2012/10/02 16:01:04 | 000,274,372 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Kimberly_Design_3.skb
[2012/10/01 16:16:18 | 001,153,014 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Treatment_Plant_002.ai
[2012/10/01 12:20:47 | 001,127,297 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Treatment_Plant_001.ai
[2012/10/01 11:42:28 | 000,091,266 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_8.dwg
[2012/10/01 11:42:01 | 000,045,317 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_10.pdf
[2012/09/28 17:05:09 | 000,061,772 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Kimberly_Design_2.skp
[2012/09/28 16:09:09 | 000,090,617 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Kimberly_Design_1.skp
[2012/09/28 14:57:57 | 000,061,511 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Kimberly_As_built.skp
[2012/09/28 11:02:20 | 000,453,731 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\1242_2.skp
[2012/09/28 11:02:06 | 000,037,951 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\1242_Third_Floor_2.jpg
[2012/09/28 11:00:38 | 000,062,022 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\1242_Third_Floor.jpg
[2012/09/28 10:58:53 | 000,044,120 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\1242_Second_Floor_Bar_2.jpg
[2012/09/28 10:56:51 | 000,069,501 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\1242_Second_Floor_Bar.jpg
[2012/09/28 10:49:18 | 000,054,953 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Ground_level_Perspective_2.jpg
[2012/09/28 10:47:28 | 000,062,702 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Ground_level_Perspective.jpg
[2012/09/28 10:46:13 | 000,114,710 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\1242_Section_Building_2.jpg
[2012/09/28 10:41:10 | 000,140,993 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\1242_Section_Building.jpg
[2012/09/27 16:54:24 | 000,423,311 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\1242_2.skb
[2012/09/26 17:03:44 | 000,410,837 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\1242.skp
[2012/09/26 16:18:42 | 000,410,540 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\1242.skb
[2012/09/26 16:18:34 | 000,090,373 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_8.bak
[2012/09/26 16:18:28 | 000,045,195 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_8.pdf
[2012/09/26 13:14:54 | 000,120,537 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_7.dwg
[2012/09/26 13:13:00 | 000,106,847 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_7.bak
[2012/09/26 12:09:29 | 000,069,512 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Proposal_Nathan Alexander_Break-out price.pdf
[2012/09/25 14:29:06 | 000,050,337 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\AutoSave_Untitled.skp
[2012/09/25 13:44:03 | 000,067,096 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Treatment_Proposal_5.pdf
[2012/09/25 12:34:55 | 000,083,012 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_6.dwg
[2012/09/25 12:19:56 | 000,103,419 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_2.dwg
[2012/09/25 09:41:07 | 000,068,862 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Proposal_Nathan Alexander.pdf
[2012/09/24 21:26:36 | 000,112,237 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_5.pdf
[2012/09/24 20:59:51 | 000,079,268 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_2.bak
[2012/09/24 20:59:37 | 000,041,821 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_4.pdf
[2012/09/24 20:26:14 | 000,080,427 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_3.pdf
[2012/09/24 20:07:36 | 000,076,515 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_1.dwg
[2012/09/24 20:07:24 | 000,036,775 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_2.pdf
[2012/09/24 20:04:48 | 000,075,779 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_1.bak
[2012/09/24 16:59:38 | 000,089,465 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom.dwg
[2012/09/24 16:54:09 | 000,089,465 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom.bak
[2012/09/24 10:52:54 | 000,024,498 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\Drawing1.pdf
[2012/09/19 11:00:36 | 000,016,269 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\hijackthis_Log_1
[2012/09/19 09:24:21 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/09/18 23:50:57 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/09/12 14:06:38 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/09/05 16:58:38 | 003,213,481 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\AS_BIULT_DC_WATER.skp
[2012/09/05 16:58:28 | 003,213,648 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\AS_BIULT_DC_WATER.skb
[1 C:\Documents and Settings\Admin\Desktop\*.tmp files -> C:\Documents and Settings\Admin\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/02 20:49:48 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/10/02 20:49:48 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/10/02 20:49:48 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/10/02 20:49:48 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/10/02 20:49:48 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/10/02 16:09:56 | 000,067,576 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Treatment_Proposal_1.pdf
[2012/10/02 16:09:10 | 000,067,574 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Treatment_Proposal_Final.pdf
[2012/10/01 12:59:54 | 001,153,014 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Treatment_Plant_002.ai
[2012/10/01 12:20:47 | 001,127,297 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Treatment_Plant_001.ai
[2012/10/01 11:26:45 | 000,045,317 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_10.pdf
[2012/10/01 10:36:40 | 000,274,372 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Kimberly_Design_3.skb
[2012/10/01 10:20:32 | 000,244,433 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Kimberly_Design_3.skp
[2012/09/28 17:05:09 | 000,061,772 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Kimberly_Design_2.skp
[2012/09/28 16:09:09 | 000,090,617 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Kimberly_Design_1.skp
[2012/09/28 14:57:57 | 000,061,511 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Kimberly_As_built.skp
[2012/09/28 11:02:20 | 000,423,311 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\1242_2.skb
[2012/09/28 11:02:06 | 000,037,951 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\1242_Third_Floor_2.jpg
[2012/09/28 11:00:38 | 000,062,022 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\1242_Third_Floor.jpg
[2012/09/28 10:58:53 | 000,044,120 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\1242_Second_Floor_Bar_2.jpg
[2012/09/28 10:56:51 | 000,069,501 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\1242_Second_Floor_Bar.jpg
[2012/09/28 10:49:18 | 000,054,953 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Ground_level_Perspective_2.jpg
[2012/09/28 10:47:28 | 000,062,702 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Ground_level_Perspective.jpg
[2012/09/28 10:46:13 | 000,114,710 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\1242_Section_Building_2.jpg
[2012/09/28 10:32:01 | 000,140,993 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\1242_Section_Building.jpg
[2012/09/27 16:54:24 | 000,453,731 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\1242_2.skp
[2012/09/26 16:18:27 | 000,045,195 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_8.pdf
[2012/09/26 16:14:22 | 000,090,373 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_8.bak
[2012/09/26 16:14:07 | 000,091,266 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_8.dwg
[2012/09/26 13:14:54 | 000,106,847 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_7.bak
[2012/09/26 12:29:04 | 000,120,537 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_7.dwg
[2012/09/26 12:09:24 | 000,069,512 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Proposal_Nathan Alexander_Break-out price.pdf
[2012/09/25 14:39:45 | 000,410,540 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\1242.skb
[2012/09/25 14:33:22 | 000,410,837 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\1242.skp
[2012/09/25 14:03:43 | 000,050,337 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\AutoSave_Untitled.skp
[2012/09/25 13:44:02 | 000,067,096 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Treatment_Proposal_5.pdf
[2012/09/25 12:32:22 | 000,083,012 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_6.dwg
[2012/09/25 09:41:03 | 000,068,862 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Proposal_Nathan Alexander.pdf
[2012/09/24 21:26:36 | 000,112,237 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_5.pdf
[2012/09/24 20:59:37 | 000,041,821 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_4.pdf
[2012/09/24 20:58:05 | 000,079,268 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_2.bak
[2012/09/24 20:38:18 | 000,103,419 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_2.dwg
[2012/09/24 20:26:14 | 000,080,427 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_3.pdf
[2012/09/24 20:07:23 | 000,036,775 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_2.pdf
[2012/09/24 19:35:12 | 000,076,515 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_1.dwg
[2012/09/24 19:35:12 | 000,075,779 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom_1.bak
[2012/09/24 11:02:54 | 000,089,465 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom.dwg
[2012/09/24 11:02:54 | 000,089,465 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Water_Sewer_Bathroom.bak
[2012/09/24 10:52:54 | 000,024,498 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\Drawing1.pdf
[2012/09/19 11:00:36 | 000,016,269 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\hijackthis_Log_1
[2012/09/18 23:50:57 | 000,001,901 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DRSpawner.lnk
[2012/09/18 23:50:57 | 000,001,697 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless N-lite USB Adapter Utility.lnk
[2012/09/18 23:50:57 | 000,001,618 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
[2012/09/18 23:50:57 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Admin\Start Menu\Programs\Startup\Dropbox.lnk
[2012/09/18 23:50:57 | 000,000,947 | ---- | C] () -- C:\Documents and Settings\Admin\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2012/09/18 23:50:57 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Admin\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/09/05 16:36:19 | 003,213,648 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\AS_BIULT_DC_WATER.skb
[2012/09/05 12:01:20 | 003,213,481 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\AS_BIULT_DC_WATER.skp
[2012/05/15 00:47:25 | 000,326,344 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/02/15 09:18:52 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/06/02 22:54:04 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/05/27 13:37:05 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2011/05/09 23:46:30 | 001,910,180 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3991068211-2943843026-3238178938-1005-0.dat
[2011/05/09 23:46:28 | 000,315,062 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/03/03 17:30:16 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\BongoSDK.10.v40.dll
[2011/01/21 13:12:17 | 000,000,400 | ---- | C] () -- C:\WINDOWS\g_mgpmro417.ini
[2011/01/21 13:12:17 | 000,000,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\bgsqtfk979.dat
[2010/12/28 00:43:19 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Cdise.dat
[2008/12/20 21:52:36 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/09 22:50:01 | 000,067,890 | ---- | C] () -- C:\Program Files\FORM-ZSITEPLAN100,0044.jpg
[2008/11/09 22:48:08 | 000,075,985 | ---- | C] () -- C:\Program Files\FORM-ZSITEPLAN100,0043.jpg
[2008/11/09 22:42:59 | 000,084,689 | ---- | C] () -- C:\Program Files\FORM-ZSITEPLAN100,0042.jpg
[2008/10/24 22:58:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\WavXMapDrive.bat

========== ZeroAccess Check ==========

[2012/09/18 22:20:58 | 000,000,000 | ---D | M] -- C:\WINDOWS\$NtUninstallKB50821$\4219550980\L
[2012/10/02 09:53:12 | 000,000,000 | ---D | M] -- C:\WINDOWS\$NtUninstallKB50821$\4219550980\U
[2012/10/02 09:31:22 | 000,000,804 | ---- | M] () -- C:\WINDOWS\$NtUninstallKB50821$\4219550980\L\00000004.@
[2004/08/11 18:21:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 20:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >


--------------------------------------------------------------------------------------------------------------------------------------


OTL Extras logfile created on: 10/3/2012 9:38:45 AM - Run 1
OTL by OldTimer - Version 3.2.70.1 Folder = C:\Documents and Settings\Admin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 2.76 Gb Available Physical Memory | 78.82% Memory free
8.58 Gb Paging File | 7.95 Gb Available in Paging File | 92.59% Paging File free
Paging file location(s): C:\pagefile.sys 5371 6000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.70 Gb Total Space | 19.24 Gb Free Space | 17.23% Space Free | Partition Type: NTFS
Drive E: | 1.86 Gb Total Space | 1.37 Gb Free Space | 73.30% Space Free | Partition Type: FAT

Computer Name: M4300 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Unable to open value key
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Unable to open value key
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 0
"UacDisableNotify" = 0

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfil e]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProf ile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameter s\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}" = Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{086F9A69-CD39-4893-A9FB-D3A0634CE3F7}" = Autodesk Content Service
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{0CEC06EF-5052-4CE8-8256-74AE363A4238}" = Adobe Creative Suite 3 Master Collection
"{0D0B4A0D-DF55-4ACD-BE97-A4DFD368C2CE}" = V-Ray for Rhinoceros Academic
"{1111706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{14866AAD-1F23-39AC-A62B-7091ED1ADE64}" = Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{1C21A34A-5CBA-4AC2-8EDD-6531C06B520E}" = V-Ray for Rhinoceros
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server
"{1DDB76B6-9B33-47DE-8577-78EBFD3E2FF3}" = Adobe Setup
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2222706F-666A-4037-7777-203328764D10}" = JavaFX 2.0.3 SDK
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24A494F3-5B5F-4183-9F7D-9CE82812C1FC}" = tsp patch
"{24FF088D-CDCF-480C-8A4B-98F14A54CAA8}" = Autodesk Material Library Low Resolution Image Library 2012
"{26A24AE4-039D-4CA4-87B4-2F83217003FF}" = Java(TM) 7 Update 3
"{27E25625-DB51-42E6-BEB7-0C8DC878770C}" = Broadcom ASF Management Applications
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{294EAADF-E50F-4DD8-AD8D-19587EA10512}" = Modem Diagnostic Tool
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{32A3A4F4-B792-11D6-A78A-00B0D0170030}" = Java(TM) SE Development Kit 7 Update 3
"{342F5437-C87D-4BB5-89B9-B23E16C6A395}" = Microsoft Visual C++ 8.0 Support DLLs
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D347E6D-5A03-4342-B5BA-6A771885F379}" = Autodesk Backburner 2012.0.0
"{3D3FF9FF-2E7E-46D8-9910-1DAF63730E61}" = Rhinoceros 4.0 Training Materials, Level 1
"{40625DE4-DCDB-44FE-84B5-E65F1365BF44}" = V-Ray for Rhinoceros
"{44256B68-51D7-4E8A-B70F-2E00411E2FCA}" = V-Ray for Rhinoceros Academic
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{48E15C9C-E25C-40AD-A46B-AB270729B9B9}" = Google SketchUp Pro 7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}" = Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729
"{4BF18ED6-C888-4BCF-A4AF-AC7A16305BC1}" = GemSafe Standard Edition 5.1
"{50566374-A1F2-4608-A173-771BEEFABAEE}" = V-Ray for Rhinoceros
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{5749C17F-5585-4BF3-A194-5F249A839FC9}" = V-Ray for Rhinoceros Academic
"{5783F2D7-A001-0409-0002-0060B0CE6BBA}" = AutoCAD 2012 - English
"{5783F2D7-A001-0409-1002-0060B0CE6BBA}" = AutoCAD 2012 Language Pack - English
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5EC5F187-9D2B-4051-8906-88656819A869}" = Dell Drivers MSI
"{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}" = Microsoft LifeCam
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71AB49D0-9B47-4624-904C-D44B9B996656}" = Wireless N-lite USB Adapter Utility
"{7346B4A0-1200-0100-0409-705C0D862004}" = Revit Architecture 2012
"{7346B4A0-1200-0101-0409-705C0D862004}" = Revit Architecture 2012 Language Pack - English
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{778D3D8E-C9B4-4DD0-AB71-96EFE5526A8C}" = V-Ray for Rhinoceros Academic
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7C10F5C7-F00F-4BD3-A110-C7D240D2DD25}" = Adobe Dreamweaver CS3
"{7DFC1012-D346-46CE-B03E-FF79125AE029}" = Adobe Fireworks CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DC42D05-680B-41B0-8878-6C14D24602DB}" = QuickTime
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{9593C6E5-205E-45C3-B785-05CF146CA76A}" = biolsp patch
"{95E1E426-EE9E-4F68-8F02-58A5A09B38F3}" = Rhinoceros 4.0 Evaluation
"{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}" = Apple Mobile Device Support
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D3924CA-DA1C-418B-B3F1-B5EACC6D5E6C}" = V-Ray for Rhinoceros Academic
"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A49BDCBE-590E-43A6-AB77-7C40E499B7C1}" = Autodesk Design Review 2012
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}" = SimCity 4 Deluxe
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-0000-7760-000000000003}" = Adobe Acrobat 8 Professional
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.3)
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}" = Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729
"{B5751715-EC10-43D9-8C95-62E1368433EF}" = Autodesk Material Library Medium Resolution Image Library 2012
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BBAB3188-EDC7-0409-A849-659E379CB00A}" = Autodesk 3ds Max Design 2012 32-bit - English
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1D05D17-7DC9-42E4-8599-34A8DB95C892}" = V-Ray for Rhinoceros Academic
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C541BF6F-EC08-4447-8A5B-2A4801465650}" = V-Ray for Rhinoceros
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C99C0593-3B48-41D9-B42F-6E035B320449}" = Broadcom Management Programs
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB3F8375-B600-4B9F-83C9-238ED1E583FD}" = Adobe InDesign CS3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}" = Secure Update
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D9FCA292-1186-421F-8D93-9A5D272AD5D0}" = IntelliSonic Speech Enhancement
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E552C39C-C70E-464F-9733-8311331BDD90}" = Autodesk Inventor Fusion plug-in language pack for AutoCAD 2012
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EAB3AC1A-68FF-486B-9C6B-E48EBB4B05CC}" = Autodesk Inventor Fusion plug-in for AutoCAD 2012
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{ECC22AFA-B905-4A6A-8072-10F52B9E09B7}" = Wave Infrastructure Installer
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{EF05BA0F-AC15-4D12-AC5C-276225F5E751}" = Gemalto
"{F08E8D2E-F132-4742-9C87-D5FF223A016A}" = Adobe Illustrator CS3
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{FBEC50B7-537C-4A0E-8B0B-F7A8F8BF13CE}" = upekmsi
"{FC9E08AA-CD59-4C59-BEF9-87E05B9E37D7}" = Adobe Contribute CS3
"{FEC02973-0781-49C7-9F04-28DA9BAF0372}" = Composite 2012
"{FEC193E4-6C5F-40E9-A249-7D8C8404A9EC}" = NTRU TCG Software Stack
"{FFF5619F-6669-4EC5-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2012
"{FFF7F80F-929E-497F-A112-B070DE816128}" = Autodesk Inventor Fusion 2012 Language Pack
"AC3Filter_is1" = AC3Filter 2.5b
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"AutoCAD 2012 - English" = AutoCAD 2012 - English
"Autodesk 3ds Max Design 2012 32-bit - English" = Autodesk 3ds Max Design 2012 32-bit - English
"Autodesk Design Review 2012" = Autodesk Design Review 2012
"Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012" = Autodesk FBX Plug-in 2012.0 - 3ds Max Design 2012
"Autodesk Inventor Fusion 2012" = Autodesk Inventor Fusion 2012
"Autodesk Inventor Fusion plug-in for AutoCAD 2012" = Autodesk Inventor Fusion plug-in for AutoCAD 2012
"Autodesk Revit Architecture 2012" = Autodesk Revit Architecture 2012
"Avira AntiVir Desktop" = Avira Free Antivirus
"Cheat Engine 6.1_is1" = Cheat Engine 6.1
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Setup" = DivX Setup
"ERUNT_is1" = ERUNT 1.1j
"Google Desktop" = Google Desktop
"Grasshopper" = Grasshopper
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 15.0.1 (x86 en-US)" = Mozilla Firefox 15.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"Rhino RDK" = Rhino RDK
"SU Podium V2_is1" = SU Podium V2 2.11.130
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/1/2012 11:45:22 AM | Computer Name = M4300 | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 10/1/2012 11:45:22 AM | Computer Name = M4300 | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 10/1/2012 11:45:22 AM | Computer Name = M4300 | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 10/1/2012 11:45:22 AM | Computer Name = M4300 | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 10/1/2012 11:45:22 AM | Computer Name = M4300 | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 10/1/2012 11:45:22 AM | Computer Name = M4300 | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 10/1/2012 11:45:22 AM | Computer Name = M4300 | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 10/1/2012 11:45:22 AM | Computer Name = M4300 | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 10/1/2012 11:45:22 AM | Computer Name = M4300 | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

Error - 10/1/2012 12:23:02 PM | Computer Name = M4300 | Source = Adobe Version Cue CS3 | ID = 3
Description = AssetServicesCS3: class vcfoundation::base::VCIllegalState: IVCPipeServer
already closed Trace: (null)

[ OSession Events ]
Error - 6/22/2011 10:53:43 PM | Computer Name = M4300 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6140
seconds with 1980 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 10/3/2012 9:31:16 AM | Computer Name = M4300 | Source = Service Control Manager | ID = 7023
Description = The Airgo service terminated with the following error: %%126

Error - 10/3/2012 9:31:16 AM | Computer Name = M4300 | Source = Service Control Manager | ID = 7023
Description = The TPwSav service terminated with the following error: %%126

Error - 10/3/2012 9:31:16 AM | Computer Name = M4300 | Source = Service Control Manager | ID = 7023
Description = The Advservice service terminated with the following error: %%126

Error - 10/3/2012 9:31:16 AM | Computer Name = M4300 | Source = Service Control Manager | ID = 7023
Description = The GcKernel service terminated with the following error: %%126

Error - 10/3/2012 9:31:16 AM | Computer Name = M4300 | Source = Service Control Manager | ID = 7023
Description = The Iaantmon service terminated with the following error: %%126

Error - 10/3/2012 9:31:16 AM | Computer Name = M4300 | Source = Service Control Manager | ID = 7023
Description = The Citrixxteserver service terminated with the following error: %%126

Error - 10/3/2012 9:31:16 AM | Computer Name = M4300 | Source = Service Control Manager | ID = 7023
Description = The UxTuneUp service terminated with the following error: %%126

Error - 10/3/2012 9:31:16 AM | Computer Name = M4300 | Source = Service Control Manager | ID = 7009
Description = Timeout (30000 milliseconds) waiting for the TdmService service to
connect.

Error - 10/3/2012 9:31:16 AM | Computer Name = M4300 | Source = Service Control Manager | ID = 7000
Description = The TdmService service failed to start due to the following error:
%%1053

Error - 10/3/2012 9:33:03 AM | Computer Name = M4300 | Source = Service Control Manager | ID = 7022
Description = The Autodesk Content Service service hung on starting.


< End of report >
Cookiegal's Avatar
Administrator & Malware Removal Specialist with 97,340 posts.
 
Join Date: Aug 2003
03-Oct-2012, 11:12 AM #13
Your ComboFix log indicated that it had been run 12 times. Yet there were no other logs listed. Had you used it in the past? Was the Recovery Console installed?


Please run OTL again. Under the Custom Scans/Fixes box at the bottom paste in the following:

Code:
:OTL
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\RDID1007.dll -- (symwsc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pimsgss.dll -- (s217mdm)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\streamloadservice.dll -- (patrol_scheduler)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\mskservice.dll -- (p2pgasvc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\dsunidrv.dll -- (ovsecurityserver)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\pptchpad.dll -- (nmwcdc)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\w800mgmt.dll -- (mgabg)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\NICM.dll -- (LVCap138)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\UsbDiag.dll -- (iaimfp0)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\sqlagent$pinnaclesys.dll -- (hcf_msft)
SRV - File not found [Auto | Stopped] -- \.\globalroot\C:\WINDOWS\system32\svchost.exe -- (Epiusb)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\imagedrv.dll -- (dsbrokerservice)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\backupexecjobengine.dll -- (d-link_st3402)
SRV - File not found [Auto | Stopped] -- %systemroot%\system32\advantage.dll -- (clientservice)
O8 - Extra context menu item: Add to Banner Ad Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm File not found
NetSvcs: Epiusb - \.\globalroot\C:\WINDOWS\system32\svchost.exe File not found
NetSvcs: patrol_scheduler - %systemroot%\system32\streamloadservice.dll File not found
NetSvcs: s217mdm - %systemroot%\system32\pimsgss.dll File not found
NetSvcs: p2pgasvc - %systemroot%\system32\mskservice.dll File not found
NetSvcs: clientservice - %systemroot%\system32\advantage.dll File not found
NetSvcs: dsbrokerservice - %systemroot%\system32\imagedrv.dll File not found
NetSvcs: iaimfp0 - %systemroot%\system32\UsbDiag.dll File not found
NetSvcs: bantext - File not found
NetSvcs: LVCap138 - %systemroot%\system32\NICM.dll File not found
NetSvcs: symwsc - %systemroot%\system32\RDID1007.dll File not found
NetSvcs: nmwcdc - %systemroot%\system32\pptchpad.dll File not found
NetSvcs: mgabg - %systemroot%\system32\w800mgmt.dll File not found
NetSvcs: ovsecurityserver - %systemroot%\system32\dsunidrv.dll File not found
NetSvcs: hcf_msft - %systemroot%\system32\sqlagent$pinnaclesys.dll File not found
NetSvcs: d-link_st3402 - %systemroot%\system32\backupexecjobengine.dll File not found
[2012/09/18 22:20:58 | 000,000,000 | ---D | M] -- C:\WINDOWS\$NtUninstallKB50821$\4219550980\L
[2012/10/02 09:53:12 | 000,000,000 | ---D | M] -- C:\WINDOWS\$NtUninstallKB50821$\4219550980\U
[2012/10/02 09:31:22 | 000,000,804 | ---- | M] () -- C:\WINDOWS\$NtUninstallKB50821$\4219550980\L\00000004.@
[2004/08/11 18:21:56 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
:Files
C:\WINDOWS\$NtUninstallKB50821$
:commands
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Architype's Avatar
Architype Architype is offline
Computer Specs
Member with 34 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
03-Oct-2012, 11:43 AM #14
Yes, I have used combofix in the past to fix malware on my computer before. Here is the log quickscan log from oldtimer..

Thanks again..





OTL logfile created on: 10/3/2012 11:31:33 AM - Run 2
OTL by OldTimer - Version 3.2.70.1 Folder = C:\Documents and Settings\Admin\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.50 Gb Total Physical Memory | 2.81 Gb Available Physical Memory | 80.33% Memory free
8.58 Gb Paging File | 8.04 Gb Available in Paging File | 93.70% Paging File free
Paging file location(s): C:\pagefile.sys 5371 6000 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 111.70 Gb Total Space | 19.25 Gb Free Space | 17.23% Space Free | Partition Type: NTFS
Drive E: | 1.86 Gb Total Space | 1.37 Gb Free Space | 73.28% Space Free | Partition Type: FAT

Computer Name: M4300 | User Name: Admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/03 09:34:24 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe
PRC - [2012/08/10 18:59:52 | 004,440,896 | ---- | M] (Akamai Technologies, Inc.) -- C:\Documents and Settings\Admin\Local Settings\Application Data\Akamai\netsession_win.exe
PRC - [2012/08/10 01:31:41 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/07/13 14:14:14 | 000,160,944 | R--- | M] (Skype Technologies) -- C:\Program Files\Skype\Updater\Updater.exe
PRC - [2012/05/30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/05/24 14:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Documents and Settings\Admin\Application Data\Dropbox\bin\Dropbox.exe
PRC - [2012/05/09 00:59:44 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/09 00:59:43 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012/05/09 00:59:43 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/09 00:59:43 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/04/03 20:36:53 | 000,161,664 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2012/01/31 08:56:43 | 000,143,240 | ---- | M] (Ask.com) -- c:\Program Files\Avira\AntiVir Desktop\apnstub.exe
PRC - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2011/07/27 22:41:08 | 000,397,992 | ---- | M] ({StringFileInfo_CompanyName}) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011/02/23 07:59:00 | 000,086,016 | ---- | M] () -- c:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
PRC - [2011/02/02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2010/06/21 15:24:30 | 001,990,656 | ---- | M] (ZyXEL Technology, Corp.) -- C:\Program Files\ZyXEL\N220\Common\N220.exe
PRC - [2010/05/20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2009/03/10 22:18:14 | 000,934,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\WgaTray.exe
PRC - [2008/05/13 15:12:54 | 000,069,632 | ---- | M] (Ralink Technology, Corp.) -- C:\Program Files\ZyXEL\N220\Common\RalinkRegistryWriter.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/02/22 13:40:20 | 000,475,136 | ---- | M] (Dell Inc.) -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
PRC - [2007/12/05 21:07:34 | 000,094,208 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\system32\stacsv.exe
PRC - [2007/11/08 23:50:10 | 001,552,384 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
PRC - [2007/09/14 11:53:16 | 000,218,424 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2006/12/19 15:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
PRC - [2006/10/22 23:24:02 | 000,620,152 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/09 00:59:44 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011/07/28 19:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 19:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2011/02/23 07:59:00 | 000,086,016 | ---- | M] () -- c:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
MOD - [2011/02/02 14:08:16 | 000,018,656 | ---- | M] () -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
MOD - [2008/06/29 22:11:04 | 000,753,664 | ---- | M] () -- C:\WINDOWS\system32\bcm1xsup.dll
MOD - [2008/04/13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/11/28 04:32:00 | 001,163,264 | ---- | M] () -- C:\Program Files\ZyXEL\N220\Common\acAuth.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Authentication Manager\WaveEnrollmentService.exe -- (WaveEnrollmentService)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2012/09/09 20:18:55 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/06 14:16:49 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)
SRV - [2012/07/13 14:14:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/30 13:56:52 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/05/09 00:59:44 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/09 00:59:43 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012/05/09 00:59:43 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/04/03 20:36:53 | 000,161,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2011/05/09 17:23:33 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/02/23 07:59:00 | 000,086,016 | ---- | M] () [Auto | Running] -- c:\Program Files\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe -- (mi-raysat_3dsmax2012_32)
SRV - [2011/02/02 14:08:16 | 000,018,656 | ---- | M] () [Auto | Running] -- C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010/05/20 16:27:24 | 000,139,632 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2008/05/13 15:12:54 | 000,069,632 | ---- | M] (Ralink Technology, Corp.) [Auto | Running] -- C:\Program Files\ZyXEL\N220\Common\RalinkRegistryWriter.exe -- (RalinkRegistryWriter)
SRV - [2008/02/22 13:40:20 | 000,475,136 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\QuickSet\NicConfigSvc.exe -- (NICCONFIGSVC)
SRV - [2007/12/05 21:07:34 | 000,094,208 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\stacsv.exe -- (STacSV)
SRV - [2007/11/08 23:50:10 | 001,552,384 | ---- | M] () [Auto | Running] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007/09/07 18:29:04 | 000,737,280 | ---- | M] (Wave Systems Corp.) [Auto | Stopped] -- C:\Program Files\Wave Systems Corp\Trusted Drive Manager\TdmService.exe -- (TdmService)
SRV - [2007/03/20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2006/12/19 15:21:48 | 000,079,432 | ---- | M] (Broadcom Corporation) [Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe -- (ASFIPmon)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Admin\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | Auto | Stopped] -- -- (adfs)
DRV - [2012/05/09 00:59:44 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/09 00:59:44 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/09/16 16:09:17 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010/06/17 14:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/05/20 16:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2009/11/19 13:03:18 | 000,803,328 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2008/06/29 22:11:44 | 001,287,552 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2008/06/15 20:35:02 | 000,985,472 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2008/06/15 20:35:00 | 000,731,264 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2008/06/15 20:35:00 | 000,210,688 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2007/12/05 21:07:36 | 001,222,840 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/11/28 17:18:24 | 000,062,208 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007/09/10 10:55:00 | 000,161,280 | ---- | M] (Wave Systems Corp.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\WavxDMgr.sys -- (WavxDMgr)
DRV - [2007/09/07 10:57:14 | 000,026,608 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\PBADRV.sys -- (PBADRV)
DRV - [2007/09/06 10:18:40 | 000,018,176 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\WaveFDE.sys -- (WaveFDE)
DRV - [2007/04/15 22:49:08 | 000,132,608 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/03/18 16:44:38 | 000,160,256 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2006/12/19 15:21:52 | 000,010,480 | ---- | M] (Broadcom Corporation) [Kernel | Auto | Running] -- C:\Program Files\Broadcom\ASFIPMon\BASFND.sys -- (BASFND)
DRV - [2006/11/02 13:32:32 | 000,097,536 | ---- | M] (Knowles Acoustics) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dxec01.sys -- (DXEC01)
DRV - [2005/08/12 17:50:46 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\APPDRV.SYS -- (APPDRV)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6081010
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com/ig/dell?hl=en&...us&ibd=6081010
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={ inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/ig/dell?hl=en&...us&ibd=6081010
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,XMLHTTP_UUID_Default =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rlz=1I7GPEA_en&ie={inputEncoding}&oe={outputEncoding }&sourceid=ie7
IE - HKCU\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = http://127.0.0.1:4664/search&s=UV-ZL3kkJMUkydWEbRpXkPiEAgI?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>

========== FireFox ==========

FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2010/04/27 20:31:21 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=13: C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll (Google)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/07/05 21:05:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/09/09 20:18:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/09/09 20:18:36 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{8CF94090-6F79-11E1-826D-B8AC6F996F26}: C:\Documents and Settings\Admin\Local Settings\Application Data\{8CF94090-6F79-11E1-826D-B8AC6F996F26}\ [2012/03/16 11:06:08 | 000,000,000 | ---D | M]

[2011/07/06 23:47:25 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Extensions
[2011/09/06 19:02:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\extensions
[2012/09/09 20:18:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/09/09 20:18:32 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/09/09 20:18:56 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/01/04 14:52:54 | 000,001,919 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing-zugo.xml
[2012/09/03 23:18:00 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/09/03 23:18:00 | 000,002,253 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2012/03/26 18:58:11 | 000,000,761 | RHS- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (CBrowserHelperObject Object) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Documents and Settings\Admin\Local Settings\Application Data\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - Startup: C:\Documents and Settings\Admin\Start Menu\Programs\Startup\Dropbox.lnk = C:\Documents and Settings\Admin\Application Data\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Documents and Settings\Admin\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = File not found
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DRSpawner.lnk = C:\Documents and Settings\All Users\Application Data\ASGvis\DRSpawner\DRSpawner.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless N-lite USB Adapter Utility.lnk = C:\Program Files\ZyXEL\N220\Common\N220.exe (ZyXEL Technology, Corp.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O15 - HKCU\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} http://kitchenplanner.ikea.com/US/Co...IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanner.ikea.com/US/Co...erAX_Win32.cab (20-20 3D Viewer)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Unable to open value key)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jin...ndows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Unable to open value key)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5B515332-AE0B-4D61-89A3-D693D0733B5E}: DhcpNameServer = 192.168.1.1 71.252.0.12
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\gemsafe: DllName - (C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll) - C:\Program Files\Gemplus\GemSafe Libraries\BIN\WLEventNotify.dll (Gemplus)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/06/02 21:24:57 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2004/08/11 18:15:00 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2009/04/19 01:37:22 | 000,000,000 | R--D | M] - C:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/03 11:26:53 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/10/03 09:53:25 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2012/10/03 09:52:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\IS Enterprises
[2012/10/03 09:36:21 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe
[2012/10/02 20:49:48 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/10/02 20:49:48 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/10/02 20:49:48 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/10/02 20:49:48 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/10/02 20:49:35 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/02 20:48:35 | 004,759,935 | R--- | C] (Swearware) -- C:\Documents and Settings\Admin\Desktop\ComboFix.exe
[2012/09/19 00:16:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\Old Firefox Data-2
[2012/09/18 23:28:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\Old Firefox Data-1
[2012/09/18 23:15:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Desktop\Old Firefox Data
[2012/09/09 20:18:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/07/06 23:46:08 | 013,683,064 | ---- | C] (Mozilla) -- C:\Program Files\Firefox Setup 5.0.exe
[1 C:\Documents and Settings\Admin\Desktop\*.tmp files -> C:\Documents and Settings\Admin\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/03 11:32:56 | 000,034,901 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2012/10/03 11:32:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/10/03 11:29:27 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2012/10/03 11:29:13 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/03 11:29:10 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/10/03 11:29:06 | 3755,962,368 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/03 11:09:10 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/03 11:01:00 | 000,000,236 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012/10/03 09:34:24 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\Desktop\OTL.exe
[2012/10/02 20:43:28 | 004,759,935 | R--- | M] (Swearware) -- C:\Documents and Settings\Admin\Desktop\ComboFix.exe
[2012/09/28 17:05:09 | 000,061,772 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Kimberly_Design_2.skp
[2012/09/28 16:09:09 | 000,090,617 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Kimberly_Design_1.skp
[2012/09/28 14:57:57 | 000,061,511 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\Kimberly_As_built.skp
[2012/09/25 14:29:06 | 000,050,337 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\AutoSave_Untitled.skp
[2012/09/19 11:00:36 | 000,016,269 | ---- | M] () -- C:\Documents and Settings\Admin\Desktop\hijackthis_Log_1
[2012/09/19 09:24:21 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/09/18 23:50:57 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2012/09/12 14:06:38 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/09/05 16:58:38 | 003,213,481 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\AS_BIULT_DC_WATER.skp
[2012/09/05 16:58:28 | 003,213,648 | ---- | M] () -- C:\Documents and Settings\Admin\My Documents\AS_BIULT_DC_WATER.skb
[1 C:\Documents and Settings\Admin\Desktop\*.tmp files -> C:\Documents and Settings\Admin\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/02 20:49:48 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/10/02 20:49:48 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/10/02 20:49:48 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/10/02 20:49:48 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/10/02 20:49:48 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/09/28 17:05:09 | 000,061,772 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Kimberly_Design_2.skp
[2012/09/28 16:09:09 | 000,090,617 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Kimberly_Design_1.skp
[2012/09/28 14:57:57 | 000,061,511 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\Kimberly_As_built.skp
[2012/09/25 14:03:43 | 000,050,337 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\AutoSave_Untitled.skp
[2012/09/19 11:00:36 | 000,016,269 | ---- | C] () -- C:\Documents and Settings\Admin\Desktop\hijackthis_Log_1
[2012/09/18 23:50:57 | 000,001,901 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DRSpawner.lnk
[2012/09/18 23:50:57 | 000,001,697 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Wireless N-lite USB Adapter Utility.lnk
[2012/09/18 23:50:57 | 000,001,618 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
[2012/09/18 23:50:57 | 000,001,024 | ---- | C] () -- C:\Documents and Settings\Admin\Start Menu\Programs\Startup\Dropbox.lnk
[2012/09/18 23:50:57 | 000,000,947 | ---- | C] () -- C:\Documents and Settings\Admin\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2012/09/18 23:50:57 | 000,000,767 | ---- | C] () -- C:\Documents and Settings\Admin\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2012/09/05 16:36:19 | 003,213,648 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\AS_BIULT_DC_WATER.skb
[2012/09/05 12:01:20 | 003,213,481 | ---- | C] () -- C:\Documents and Settings\Admin\My Documents\AS_BIULT_DC_WATER.skp
[2012/05/15 00:47:25 | 000,326,344 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/02/15 09:18:52 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/06/02 22:54:04 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.351.32.bc
[2011/05/27 13:37:05 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2011/05/09 23:46:30 | 001,910,180 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-3991068211-2943843026-3238178938-1005-0.dat
[2011/05/09 23:46:28 | 000,315,062 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2011/03/03 17:30:16 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\BongoSDK.10.v40.dll
[2011/01/21 13:12:17 | 000,000,400 | ---- | C] () -- C:\WINDOWS\g_mgpmro417.ini
[2011/01/21 13:12:17 | 000,000,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\bgsqtfk979.dat
[2010/12/28 00:43:19 | 000,000,120 | ---- | C] () -- C:\WINDOWS\Cdise.dat
[2008/12/20 21:52:36 | 000,014,848 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/11/09 22:50:01 | 000,067,890 | ---- | C] () -- C:\Program Files\FORM-ZSITEPLAN100,0044.jpg
[2008/11/09 22:48:08 | 000,075,985 | ---- | C] () -- C:\Program Files\FORM-ZSITEPLAN100,0043.jpg
[2008/11/09 22:42:59 | 000,084,689 | ---- | C] () -- C:\Program Files\FORM-ZSITEPLAN100,0042.jpg
[2008/10/24 22:58:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Admin\Local Settings\Application Data\WavXMapDrive.bat

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 20:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/01/15 15:27:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\8701BFB086221559C908967FF1EFBA7B
[2012/04/12 20:00:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\AskToolbar
[2011/07/27 20:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Autodesk
[2008/11/07 17:10:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\autodessys
[2008/11/05 19:54:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Azureus
[2012/07/05 21:07:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\DDMSettings
[2012/10/03 11:31:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Dropbox
[2008/11/11 14:59:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\GetRightToGo
[2012/03/01 11:06:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Grasshopper
[2008/11/06 01:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Opera
[2012/04/03 20:37:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Oracle
[2008/10/10 11:18:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Admin\Application Data\Wave Systems Corp
[2012/06/05 23:40:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ASGvis
[2011/07/27 20:55:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
[2008/11/03 23:08:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Azureus
[2012/06/04 15:57:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\boost_interprocess
[2011/03/04 03:45:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McNeel
[2008/10/10 11:12:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NTRU Cryptosystems
[2008/10/10 11:19:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp

========== Purity Check ==========



< End of report >
Architype's Avatar
Architype Architype is offline
Computer Specs
Member with 34 posts.
THREAD STARTER
 
Join Date: Mar 2012
Experience: Beginner
03-Oct-2012, 11:46 AM #15
oh, also a few random icons popped up on my desktop.

First is: isecvrfmfkrm.tmp
Second is: Jeff_decking.dwl
Third is: Jeff_decking.dwl2
Fourth is: Thumbs.db
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


Tags
browser failure, malware, rootkit, wifi problems

(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑