PC Cleaner infesting my machine?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Enegue

Thread Starter
Joined
Dec 31, 2012
Messages
14
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 32 bit
Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz, x64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 2939 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 3 Mb
Hard Drives: C: Total - 295546 MB, Free - 256898 MB;
Motherboard: TOSHIBA, Portable PC
Antivirus: McAfee Anti-Virus and Anti-Spyware, Disabled



I rate my computer skills on a 10 scale at about about 4¾,so, please reply using the KISS program.
Advising me to FAQ the PDQ and double whammy the snerdling will go right over my head.
My problem is my own ignorance in lending my laptop and getting it back with a program called "PC Cleaner "NOT PC Cleaner Pro. I also note that your website carries a banner for a similar named program? I believe this link is the culprit? http://www.ehow.com/how_5003975_remove-pc-cleaner.html
however I can find none of the files or registry entries that they mention except for "pccleaner.exe", which I renamed and restarted my machine with the same problem.
The problem is demonstrated by the fact that I am unable to access my McAfee Total Security program. After getting the machine back I went to update my McAfee files (subscription does not expire till 12/13) and the program would not open nor would it "scan" any files. In Windows McAfee shows to be incompatible and in the Win security it shows as "snoozed" The McAfee forum suggested Malwarebytes. I DL’d the Malwarebytes program and installed it BUT it wouldn’t open either. Their forum had no answer. Went back to McAfee and found your name so here I am.
This PC Cleaner thing does not show up in Win7 “uninstall” nor does it show up in the program at Start.
The McAfee “Security Advisor” seems to be working because when I went to “bleeping computer” to DL the files you want, McAfee warned it was a dangerous site.
Thanks for any and all help you can give.


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:48:07 PM, on 12/30/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\TEco.exe
C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIFBA.EXE
C:\windows\system32\igfxext.exe
C:\windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
c:\PROGRA~1\mcafee\SITEAD~1\saui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\beau mcmullen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VYGAZ996\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Ask.com Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Ask.com Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] "C:\windows\system32\igfxtray.exe"
O4 - HKLM\..\Run: [HotKeysCmds] "C:\windows\system32\hkcmd.exe"
O4 - HKLM\..\Run: [Persistence] "C:\windows\system32\igfxpers.exe"
O4 - HKLM\..\Run: [RtHDVCpl] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe"
O4 - HKLM\..\Run: [SynTPEnh] "%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe"
O4 - HKLM\..\Run: [TPwrMain] "%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE"
O4 - HKLM\..\Run: [HSON] "%ProgramFiles%\TOSHIBA\TBS\HSON.exe"
O4 - HKLM\..\Run: [SmoothView] "%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe"
O4 - HKLM\..\Run: [00TCrdMain] "%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe"
O4 - HKLM\..\Run: [TosWaitSrv] "%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe"
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [Teco] "%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
O4 - HKLM\..\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [SmartFaceVWatcher] "%ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe"
O4 - HKLM\..\Run: [TosSENotify] "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe"
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [LTCM Client] "C:\Program Files\LTCM Client\ltcmClient.exe" /startup
O4 - HKLM\..\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [IntelliType Pro] "c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
O4 - HKCU\..\Run: [MyTOSHIBA] "C:\Program Files\TOSHIBA\My Toshiba\MyToshiba.exe" /AUTO
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [xoxuxkub] "C:\Users\beau mcmullen\AppData\Local\oirwha\vkaysftav.exe"
O4 - HKCU\..\Run: [wokkkjsp] "C:\Users\beau mcmullen\AppData\Local\xjijvv\vyhlsftav.exe"
O4 - HKCU\..\Run: [ifnndpev] "C:\Users\beau mcmullen\AppData\Local\ejaqpc\fcemsftav.exe"
O4 - HKCU\..\Run: [anrspkym] C:\Users\beau mcmullen\AppData\Local\wqclar\mbycsftav.exe
O4 - HKCU\..\Run: [yndhbfyr] C:\Users\beau mcmullen\AppData\Local\jydmnp\mryesftav.exe
O4 - HKCU\..\Run: [EPSON NX110 Series (Copy 1)] "C:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBA.EXE" /FU "C:\windows\TEMP\E_S14C8.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON NX110 Series] "C:\windows\system32\spool\DRIVERS\W32X86\3\E_FATIFBA.EXE" /FU "C:\windows\TEMP\E_SB57A.tmp" /EF "HKCU"
O4 - Startup: Epson all-in-one Registration.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AT&T RcAppSvc (ATTRcAppSvc) - SmithMicro Inc. - C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe
O23 - Service: AT&T Con App Svc (CAATT) - SmithMicro Inc. - C:\Program Files\AT&T\Communication Manager\ConAppsSvc.exe
O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\windows\system32\mfevtps.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
--
End of file - 11166 bytes


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 11/9/2009 10:07:34 PM
System Uptime: 12/30/2012 10:36:41 PM (2 hours ago)
.
Motherboard: TOSHIBA | | Portable PC
Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz | CPU | 2100/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 289 GiB total, 250.801 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP232: 8/2/2012 3:00:17 AM - Windows Update
RP233: 8/10/2012 1:50:37 AM - Removed Facebook Video Calling 1.2.0.159
RP234: 8/10/2012 10:29:40 AM - Windows Update
RP235: 9/30/2012 8:16:36 PM - Scheduled Checkpoint
RP236: 10/1/2012 3:00:15 AM - Windows Update
RP237: 10/23/2012 10:55:31 AM - Windows Update
RP238: 12/25/2012 12:28:47 AM - Windows Update
RP239: 12/27/2012 2:23:40 AM - Windows Update
RP240: 12/29/2012 7:57:26 PM - Windows Update
RP241: 12/29/2012 8:12:35 PM - Restore Operation
RP243: 12/29/2012 9:39:10 PM - DCInstallRestorePoint
RP244: 12/30/2012 10:25:14 PM - Removed Skype™ 5.10
RP245: 12/30/2012 10:26:53 PM - Removed Skype Toolbars
.
==== Image File Execution Options =============
.
IFEO: a.exe - svchost.exe
IFEO: aAvgApi.exe - svchost.exe
IFEO: AAWTray.exe - svchost.exe
IFEO: About.exe - svchost.exe
IFEO: ackwin32.exe - svchost.exe
IFEO: Ad-Aware.exe - svchost.exe
IFEO: adaware.exe - svchost.exe
IFEO: advxdwin.exe - svchost.exe
IFEO: AdwarePrj.exe - svchost.exe
IFEO: agent.exe - svchost.exe
IFEO: agentsvr.exe - svchost.exe
IFEO: agentw.exe - svchost.exe
IFEO: alertsvc.exe - svchost.exe
IFEO: alevir.exe - svchost.exe
IFEO: alogserv.exe - svchost.exe
IFEO: AlphaAV - svchost.exe
IFEO: AlphaAV.exe - svchost.exe
IFEO: AluSchedulerSvc.exe - svchost.exe
IFEO: amon9x.exe - svchost.exe
IFEO: anti-trojan.exe - svchost.exe
IFEO: Anti-Virus Professional.exe - svchost.exe
IFEO: AntispywarXP2009.exe - svchost.exe
IFEO: antivirus.exe - svchost.exe
IFEO: AntivirusPlus - svchost.exe
IFEO: AntivirusPlus.exe - svchost.exe
IFEO: AntivirusPro_2010.exe - svchost.exe
IFEO: AntivirusXP - svchost.exe
IFEO: AntivirusXP.exe - svchost.exe
IFEO: antivirusxppro2009.exe - svchost.exe
IFEO: AntiVirus_Pro.exe - svchost.exe
IFEO: ants.exe - svchost.exe
IFEO: apimonitor.exe - svchost.exe
IFEO: aplica32.exe - svchost.exe
IFEO: apvxdwin.exe - svchost.exe
IFEO: arr.exe - svchost.exe
IFEO: ashAvast.exe - svchost.exe
IFEO: ashBug.exe - svchost.exe
IFEO: ashChest.exe - svchost.exe
IFEO: ashCnsnt.exe - svchost.exe
IFEO: ashDisp.exe - svchost.exe
IFEO: ashLogV.exe - svchost.exe
IFEO: ashMaiSv.exe - svchost.exe
IFEO: ashPopWz.exe - svchost.exe
IFEO: ashQuick.exe - svchost.exe
IFEO: ashServ.exe - svchost.exe
IFEO: ashSimp2.exe - svchost.exe
IFEO: ashSimpl.exe - svchost.exe
IFEO: ashSkPcc.exe - svchost.exe
IFEO: ashSkPck.exe - svchost.exe
IFEO: ashUpd.exe - svchost.exe
IFEO: ashWebSv.exe - svchost.exe
IFEO: aswChLic.exe - svchost.exe
IFEO: aswRegSvr.exe - svchost.exe
IFEO: aswRunDll.exe - svchost.exe
IFEO: aswUpdSv.exe - svchost.exe
IFEO: atcon.exe - svchost.exe
IFEO: atguard.exe - svchost.exe
IFEO: atro55en.exe - svchost.exe
IFEO: atupdater.exe - svchost.exe
IFEO: atwatch.exe - svchost.exe
IFEO: au.exe - svchost.exe
IFEO: aupdate.exe - svchost.exe
IFEO: auto-protect.nav80try.exe - svchost.exe
IFEO: autodown.exe - svchost.exe
IFEO: autotrace.exe - svchost.exe
IFEO: autoupdate.exe - svchost.exe
IFEO: av360.exe - svchost.exe
IFEO: avadmin.exe - svchost.exe
IFEO: avastSvc.exe - svchost.exe
IFEO: avastUI.exe - svchost.exe
IFEO: AVCare.exe - svchost.exe
IFEO: avcenter.exe - svchost.exe
IFEO: avciman.exe - svchost.exe
IFEO: avconfig.exe - svchost.exe
IFEO: avconsol.exe - svchost.exe
IFEO: ave32.exe - svchost.exe
IFEO: AVENGINE.EXE - svchost.exe
IFEO: avgcc32.exe - svchost.exe
IFEO: avgchk.exe - svchost.exe
IFEO: avgcmgr.exe - svchost.exe
IFEO: avgcsrvx.exe - svchost.exe
IFEO: avgctrl.exe - svchost.exe
IFEO: avgdumpx.exe - svchost.exe
IFEO: avgemc.exe - svchost.exe
IFEO: avgiproxy.exe - svchost.exe
IFEO: avgnsx.exe - svchost.exe
IFEO: avgnt.exe - svchost.exe
IFEO: avgrsx.exe - svchost.exe
IFEO: avgscanx.exe - svchost.exe
IFEO: avgserv.exe - svchost.exe
IFEO: avgserv9.exe - svchost.exe
IFEO: avgsrmax.exe - svchost.exe
IFEO: avgtray.exe - svchost.exe
IFEO: avguard.exe - svchost.exe
IFEO: avgui.exe - svchost.exe
IFEO: avgupd.exe - svchost.exe
IFEO: avgw.exe - svchost.exe
IFEO: avgwdsvc.exe - svchost.exe
IFEO: avkpop.exe - svchost.exe
IFEO: avkserv.exe - svchost.exe
IFEO: avkservice.exe - svchost.exe
IFEO: avkwctl9.exe - svchost.exe
IFEO: avltmain.exe - svchost.exe
IFEO: avmailc.exe - svchost.exe
IFEO: avmcdlg.exe - svchost.exe
IFEO: avnotify.exe - svchost.exe
IFEO: avnt.exe - svchost.exe
IFEO: avp32.exe - svchost.exe
IFEO: avpcc.exe - svchost.exe
IFEO: avpdos32.exe - svchost.exe
IFEO: avpm.exe - svchost.exe
IFEO: avptc32.exe - svchost.exe
IFEO: avpupd.exe - svchost.exe
IFEO: avsched32.exe - svchost.exe
IFEO: avshadow.exe - svchost.exe
IFEO: avsynmgr.exe - svchost.exe
IFEO: avupgsvc.exe - svchost.exe
IFEO: AVWEBGRD.EXE - svchost.exe
IFEO: avwin.exe - svchost.exe
IFEO: avwin95.exe - svchost.exe
IFEO: avwinnt.exe - svchost.exe
IFEO: avwsc.exe - svchost.exe
IFEO: avwupd.exe - svchost.exe
IFEO: avwupd32.exe - svchost.exe
IFEO: avwupsrv.exe - svchost.exe
IFEO: avxmonitor9x.exe - svchost.exe
IFEO: avxmonitornt.exe - svchost.exe
IFEO: avxquar.exe - svchost.exe
IFEO: b.exe - svchost.exe
IFEO: backweb.exe - svchost.exe
IFEO: bargains.exe - svchost.exe
IFEO: bdfvcl.exe - svchost.exe
IFEO: bdfvwiz.exe - svchost.exe
IFEO: BDInProcPatch.exe - svchost.exe
IFEO: bdmcon.exe - svchost.exe
IFEO: BDMsnScan.exe - svchost.exe
IFEO: BDSurvey.exe - svchost.exe
IFEO: bd_professional.exe - svchost.exe
IFEO: beagle.exe - svchost.exe
IFEO: belt.exe - svchost.exe
IFEO: bidef.exe - svchost.exe
IFEO: bidserver.exe - svchost.exe
IFEO: bipcp.exe - svchost.exe
IFEO: bipcpevalsetup.exe - svchost.exe
IFEO: bisp.exe - svchost.exe
IFEO: blackd.exe - svchost.exe
IFEO: blackice.exe - svchost.exe
IFEO: blink.exe - svchost.exe
IFEO: blss.exe - svchost.exe
IFEO: bootconf.exe - svchost.exe
IFEO: bootwarn.exe - svchost.exe
IFEO: borg2.exe - svchost.exe
IFEO: bpc.exe - svchost.exe
IFEO: brasil.exe - svchost.exe
IFEO: brastk.exe - svchost.exe
IFEO: brw.exe - svchost.exe
IFEO: bs120.exe - svchost.exe
IFEO: bspatch.exe - svchost.exe
IFEO: bundle.exe - svchost.exe
IFEO: bvt.exe - svchost.exe
IFEO: c.exe - svchost.exe
IFEO: cavscan.exe - svchost.exe
IFEO: ccapp.exe - svchost.exe
IFEO: ccevtmgr.exe - svchost.exe
IFEO: ccpxysvc.exe - svchost.exe
IFEO: ccSvcHst.exe - svchost.exe
IFEO: cdp.exe - svchost.exe
IFEO: cfd.exe - svchost.exe
IFEO: cfgwiz.exe - svchost.exe
IFEO: cfiadmin.exe - svchost.exe
IFEO: cfiaudit.exe - svchost.exe
IFEO: cfinet.exe - svchost.exe
IFEO: cfinet32.exe - svchost.exe
IFEO: cfp.exe - svchost.exe
IFEO: cfpconfg.exe - svchost.exe
IFEO: cfplogvw.exe - svchost.exe
IFEO: cfpupdat.exe - svchost.exe
IFEO: claw95.exe - svchost.exe
IFEO: claw95cf.exe - svchost.exe
IFEO: clean.exe - svchost.exe
IFEO: cleaner.exe - svchost.exe
IFEO: cleaner3.exe - svchost.exe
IFEO: cleanIELow.exe - svchost.exe
IFEO: cleanpc.exe - svchost.exe
IFEO: click.exe - svchost.exe
IFEO: cmd32.exe - svchost.exe
IFEO: cmdagent.exe - svchost.exe
IFEO: cmesys.exe - svchost.exe
IFEO: cmgrdian.exe - svchost.exe
IFEO: cmon016.exe - svchost.exe
IFEO: connectionmonitor.exe - svchost.exe
IFEO: control - svchost.exe
IFEO: cpd.exe - svchost.exe
IFEO: cpf9x206.exe - svchost.exe
IFEO: cpfnt206.exe - svchost.exe
IFEO: crashrep.exe - svchost.exe
IFEO: csc.exe - svchost.exe
IFEO: cssconfg.exe - svchost.exe
IFEO: cssupdat.exe - svchost.exe
IFEO: cssurf.exe - svchost.exe
IFEO: ctrl.exe - svchost.exe
IFEO: cv.exe - svchost.exe
IFEO: cwnb181.exe - svchost.exe
IFEO: cwntdwmo.exe - svchost.exe
IFEO: d.exe - svchost.exe
IFEO: datemanager.exe - svchost.exe
IFEO: dcomx.exe - svchost.exe
IFEO: defalert.exe - svchost.exe
IFEO: defscangui.exe - svchost.exe
IFEO: defwatch.exe - svchost.exe
IFEO: deloeminfs.exe - svchost.exe
IFEO: deputy.exe - svchost.exe
IFEO: divx.exe - svchost.exe
IFEO: dllcache.exe - svchost.exe
IFEO: dllreg.exe - svchost.exe
IFEO: doors.exe - svchost.exe
IFEO: dop.exe - svchost.exe
IFEO: dpf.exe - svchost.exe
IFEO: dpfsetup.exe - svchost.exe
IFEO: dpps2.exe - svchost.exe
IFEO: driverctrl.exe - svchost.exe
IFEO: drwatson.exe - svchost.exe
IFEO: drweb32.exe - svchost.exe
IFEO: drwebupw.exe - svchost.exe
IFEO: dssagent.exe - svchost.exe
IFEO: dvp95.exe - svchost.exe
IFEO: dvp95_0.exe - svchost.exe
IFEO: ecengine.exe - svchost.exe
IFEO: efpeadm.exe - svchost.exe
IFEO: emsw.exe - svchost.exe
IFEO: ent.exe - svchost.exe
IFEO: esafe.exe - svchost.exe
IFEO: escanhnt.exe - svchost.exe
IFEO: escanv95.exe - svchost.exe
IFEO: espwatch.exe - svchost.exe
IFEO: ethereal.exe - svchost.exe
IFEO: etrustcipe.exe - svchost.exe
IFEO: evpn.exe - svchost.exe
IFEO: exantivirus-cnet.exe - svchost.exe
IFEO: exe.avxw.exe - svchost.exe
IFEO: expert.exe - svchost.exe
IFEO: explore.exe - svchost.exe
IFEO: f-agnt95.exe - svchost.exe
IFEO: f-prot.exe - svchost.exe
IFEO: f-prot95.exe - svchost.exe
IFEO: f-stopw.exe - svchost.exe
IFEO: fact.exe - svchost.exe
IFEO: fameh32.exe - svchost.exe
IFEO: fast.exe - svchost.exe
IFEO: fch32.exe - svchost.exe
IFEO: fih32.exe - svchost.exe
IFEO: findviru.exe - svchost.exe
IFEO: firewall.exe - svchost.exe
IFEO: fixcfg.exe - svchost.exe
IFEO: fixfp.exe - svchost.exe
IFEO: fnrb32.exe - svchost.exe
IFEO: fp-win.exe - svchost.exe
IFEO: fp-win_trial.exe - svchost.exe
IFEO: fprot.exe - svchost.exe
IFEO: frmwrk32.exe - svchost.exe
IFEO: frw.exe - svchost.exe
IFEO: fsaa.exe - svchost.exe
IFEO: fsav.exe - svchost.exe
IFEO: fsav32.exe - svchost.exe
IFEO: fsav530stbyb.exe - svchost.exe
IFEO: fsav530wtbyb.exe - svchost.exe
IFEO: fsav95.exe - svchost.exe
IFEO: fsgk32.exe - svchost.exe
IFEO: fsm32.exe - svchost.exe
IFEO: fsma32.exe - svchost.exe
IFEO: fsmb32.exe - svchost.exe
IFEO: gator.exe - svchost.exe
IFEO: gav.exe - svchost.exe
IFEO: gbmenu.exe - svchost.exe
IFEO: gbn976rl.exe - svchost.exe
IFEO: gbpoll.exe - svchost.exe
IFEO: generics.exe - svchost.exe
IFEO: gmt.exe - svchost.exe
IFEO: guard.exe - svchost.exe
IFEO: guarddog.exe - svchost.exe
IFEO: guardgui.exe - svchost.exe
IFEO: guardxkickoff.exe - svchost.exe
IFEO: hacktracersetup.exe - svchost.exe
IFEO: hbinst.exe - svchost.exe
IFEO: hbsrv.exe - svchost.exe
IFEO: History.exe - svchost.exe
IFEO: homeav2010.exe - svchost.exe
IFEO: hotactio.exe - svchost.exe
IFEO: hotpatch.exe - svchost.exe
IFEO: htlog.exe - svchost.exe
IFEO: htpatch.exe - svchost.exe
IFEO: hwpe.exe - svchost.exe
IFEO: hxdl.exe - svchost.exe
IFEO: hxiul.exe - svchost.exe
IFEO: iamapp.exe - svchost.exe
IFEO: iamserv.exe - svchost.exe
IFEO: iamstats.exe - svchost.exe
IFEO: ibmasn.exe - svchost.exe
IFEO: ibmavsp.exe - svchost.exe
IFEO: icload95.exe - svchost.exe
IFEO: icloadnt.exe - svchost.exe
IFEO: icmon.exe - svchost.exe
IFEO: icsupp95.exe - svchost.exe
IFEO: icsuppnt.exe - svchost.exe
IFEO: Identity.exe - svchost.exe
IFEO: idle.exe - svchost.exe
IFEO: iedll.exe - svchost.exe
IFEO: iedriver.exe - svchost.exe
IFEO: IEShow.exe - svchost.exe
IFEO: iface.exe - svchost.exe
IFEO: ifw2000.exe - svchost.exe
IFEO: inetlnfo.exe - svchost.exe
IFEO: infus.exe - svchost.exe
IFEO: infwin.exe - svchost.exe
IFEO: init.exe - svchost.exe
IFEO: init32.exe - svchost.exe
IFEO: install[1].exe - svchost.exe
IFEO: install[2].exe - svchost.exe
IFEO: install[3].exe - svchost.exe
IFEO: install[4].exe - svchost.exe
IFEO: install[5].exe - svchost.exe
IFEO: intdel.exe - svchost.exe
IFEO: intren.exe - svchost.exe
IFEO: iomon98.exe - svchost.exe
IFEO: istsvc.exe - svchost.exe
IFEO: jammer.exe - svchost.exe
IFEO: jdbgmrg.exe - svchost.exe
IFEO: jedi.exe - svchost.exe
IFEO: JsRcGen.exe - svchost.exe
IFEO: kavlite40eng.exe - svchost.exe
IFEO: kavpers40eng.exe - svchost.exe
IFEO: kavpf.exe - svchost.exe
IFEO: kazza.exe - svchost.exe
IFEO: keenvalue.exe - svchost.exe
IFEO: kerio-pf-213-en-win.exe - svchost.exe
IFEO: kerio-wrl-421-en-win.exe - svchost.exe
IFEO: kerio-wrp-421-en-win.exe - svchost.exe
IFEO: killprocesssetup161.exe - svchost.exe
IFEO: ldnetmon.exe - svchost.exe
IFEO: ldpro.exe - svchost.exe
IFEO: ldpromenu.exe - svchost.exe
IFEO: ldscan.exe - svchost.exe
IFEO: licmgr.exe - svchost.exe
IFEO: lnetinfo.exe - svchost.exe
IFEO: loader.exe - svchost.exe
IFEO: localnet.exe - svchost.exe
IFEO: lockdown.exe - svchost.exe
IFEO: lockdown2000.exe - svchost.exe
IFEO: lookout.exe - svchost.exe
IFEO: lordpe.exe - svchost.exe
IFEO: lsetup.exe - svchost.exe
IFEO: luall.exe - svchost.exe
IFEO: luau.exe - svchost.exe
IFEO: lucomserver.exe - svchost.exe
IFEO: luinit.exe - svchost.exe
IFEO: luspt.exe - svchost.exe
IFEO: MalwareRemoval.exe - svchost.exe
IFEO: mapisvc32.exe - svchost.exe
IFEO: mbam.exe - svchost.exe
IFEO: mbamgui.exe - svchost.exe
IFEO: mbamservice.exe - svchost.exe
IFEO: mcagent.exe - svchost.exe
IFEO: mcmnhdlr.exe - svchost.exe
IFEO: mcmpeng.exe - svchost.exe
IFEO: mcmscsvc.exe - svchost.exe
IFEO: mcnasvc.exe - svchost.exe
IFEO: mcproxy.exe - svchost.exe
IFEO: McSACore.exe - svchost.exe
IFEO: mcshell.exe - svchost.exe
IFEO: mcshield.exe - svchost.exe
IFEO: mcsysmon.exe - svchost.exe
IFEO: mctool.exe - svchost.exe
IFEO: mcupdate.exe - svchost.exe
IFEO: mcvsrte.exe - svchost.exe
IFEO: mcvsshld.exe - svchost.exe
IFEO: md.exe - svchost.exe
IFEO: mfin32.exe - svchost.exe
IFEO: mfw2en.exe - svchost.exe
IFEO: mfweng3.02d30.exe - svchost.exe
IFEO: mgavrtcl.exe - svchost.exe
IFEO: mgavrte.exe - svchost.exe
IFEO: mghtml.exe - svchost.exe
IFEO: mgui.exe - svchost.exe
IFEO: minilog.exe - svchost.exe
IFEO: mmod.exe - svchost.exe
IFEO: monitor.exe - svchost.exe
IFEO: moolive.exe - svchost.exe
IFEO: mostat.exe - svchost.exe
IFEO: mpfagent.exe - svchost.exe
IFEO: mpfservice.exe - svchost.exe
IFEO: MPFSrv.exe - svchost.exe
IFEO: mpftray.exe - svchost.exe
IFEO: mrflux.exe - svchost.exe
IFEO: mrt.exe - svchost.exe
IFEO: msa.exe - svchost.exe
IFEO: msapp.exe - svchost.exe
IFEO: MSASCui.exe - svchost.exe
IFEO: msbb.exe - svchost.exe
IFEO: msblast.exe - svchost.exe
IFEO: mscache.exe - svchost.exe
IFEO: msccn32.exe - svchost.exe
IFEO: mscman.exe - svchost.exe
IFEO: msconfig - svchost.exe
IFEO: msdm.exe - svchost.exe
IFEO: msdos.exe - svchost.exe
IFEO: msiexec16.exe - svchost.exe
IFEO: mslaugh.exe - svchost.exe
IFEO: msmgt.exe - svchost.exe
IFEO: msmsgri32.exe - svchost.exe
IFEO: msseces.exe - svchost.exe
IFEO: mssmmc32.exe - svchost.exe
IFEO: mssys.exe - svchost.exe
IFEO: msvxd.exe - svchost.exe
IFEO: mu0311ad.exe - svchost.exe
IFEO: mwatch.exe - svchost.exe
IFEO: n32scanw.exe - svchost.exe
IFEO: nav.exe - svchost.exe
IFEO: navap.navapsvc.exe - svchost.exe
IFEO: navapsvc.exe - svchost.exe
IFEO: navapw32.exe - svchost.exe
IFEO: navdx.exe - svchost.exe
IFEO: navlu32.exe - svchost.exe
IFEO: navnt.exe - svchost.exe
IFEO: navstub.exe - svchost.exe
IFEO: navw32.exe - svchost.exe
IFEO: navwnt.exe - svchost.exe
IFEO: nc2000.exe - svchost.exe
IFEO: ncinst4.exe - svchost.exe
IFEO: ndd32.exe - svchost.exe
IFEO: neomonitor.exe - svchost.exe
IFEO: neowatchlog.exe - svchost.exe
IFEO: netarmor.exe - svchost.exe
IFEO: netd32.exe - svchost.exe
IFEO: netinfo.exe - svchost.exe
IFEO: netmon.exe - svchost.exe
IFEO: netscanpro.exe - svchost.exe
IFEO: netspyhunter-1.2.exe - svchost.exe
IFEO: netutils.exe - svchost.exe
IFEO: nisserv.exe - svchost.exe
IFEO: nisum.exe - svchost.exe
IFEO: nmain.exe - svchost.exe
IFEO: nod32.exe - svchost.exe
IFEO: normist.exe - svchost.exe
IFEO: norton_internet_secu_3.0_407.exe - svchost.exe
IFEO: notstart.exe - svchost.exe
IFEO: npf40_tw_98_nt_me_2k.exe - svchost.exe
IFEO: npfmessenger.exe - svchost.exe
IFEO: nprotect.exe - svchost.exe
IFEO: npscheck.exe - svchost.exe
IFEO: npssvc.exe - svchost.exe
IFEO: nsched32.exe - svchost.exe
IFEO: nssys32.exe - svchost.exe
IFEO: nstask32.exe - svchost.exe
IFEO: nsupdate.exe - svchost.exe
IFEO: nt.exe - svchost.exe
IFEO: ntrtscan.exe - svchost.exe
IFEO: ntvdm.exe - svchost.exe
IFEO: ntxconfig.exe - svchost.exe
IFEO: nui.exe - svchost.exe
IFEO: nupgrade.exe - svchost.exe
IFEO: nvarch16.exe - svchost.exe
IFEO: nvc95.exe - svchost.exe
IFEO: nvsvc32.exe - svchost.exe
IFEO: nwinst4.exe - svchost.exe
IFEO: nwservice.exe - svchost.exe
IFEO: nwtool16.exe - svchost.exe
IFEO: OAcat.exe - svchost.exe
IFEO: OAhlp.exe - svchost.exe
IFEO: OAReg.exe - svchost.exe
IFEO: oasrv.exe - svchost.exe
IFEO: oaui.exe - svchost.exe
IFEO: oaview.exe - svchost.exe
IFEO: ODSW.exe - svchost.exe
IFEO: ollydbg.exe - svchost.exe
IFEO: onsrvr.exe - svchost.exe
IFEO: optimize.exe - svchost.exe
IFEO: ostronet.exe - svchost.exe
IFEO: otfix.exe - svchost.exe
IFEO: outpost.exe - svchost.exe
IFEO: outpostinstall.exe - svchost.exe
IFEO: outpostproinstall.exe - svchost.exe
IFEO: ozn695m5.exe - svchost.exe
IFEO: padmin.exe - svchost.exe
IFEO: panixk.exe - svchost.exe
IFEO: patch.exe - svchost.exe
IFEO: pav.exe - svchost.exe
IFEO: pavcl.exe - svchost.exe
IFEO: PavFnSvr.exe - svchost.exe
IFEO: pavproxy.exe - svchost.exe
IFEO: pavprsrv.exe - svchost.exe
IFEO: pavsched.exe - svchost.exe
IFEO: pavsrv51.exe - svchost.exe
IFEO: pavw.exe - svchost.exe
IFEO: pc.exe - svchost.exe
IFEO: pccwin98.exe - svchost.exe
IFEO: pcfwallicon.exe - svchost.exe
IFEO: pcip10117_0.exe - svchost.exe
IFEO: pcscan.exe - svchost.exe
IFEO: pctsAuxs.exe - svchost.exe
IFEO: pctsGui.exe - svchost.exe
IFEO: pctsSvc.exe - svchost.exe
IFEO: pctsTray.exe - svchost.exe
IFEO: PC_Antispyware2010.exe - svchost.exe
IFEO: pdfndr.exe - svchost.exe
IFEO: pdsetup.exe - svchost.exe
IFEO: PerAvir.exe - svchost.exe
IFEO: periscope.exe - svchost.exe
IFEO: persfw.exe - svchost.exe
IFEO: personalguard - svchost.exe
IFEO: personalguard.exe - svchost.exe
IFEO: perswf.exe - svchost.exe
IFEO: pf2.exe - svchost.exe
IFEO: pfwadmin.exe - svchost.exe
IFEO: pgmonitr.exe - svchost.exe
IFEO: pingscan.exe - svchost.exe
IFEO: platin.exe - svchost.exe
IFEO: pop3trap.exe - svchost.exe
IFEO: poproxy.exe - svchost.exe
IFEO: popscan.exe - svchost.exe
IFEO: portdetective.exe - svchost.exe
IFEO: portmonitor.exe - svchost.exe
IFEO: powerscan.exe - svchost.exe
IFEO: ppinupdt.exe - svchost.exe
IFEO: pptbc.exe - svchost.exe
IFEO: ppvstop.exe - svchost.exe
IFEO: prizesurfer.exe - svchost.exe
IFEO: prmt.exe - svchost.exe
IFEO: prmvr.exe - svchost.exe
IFEO: procdump.exe - svchost.exe
IFEO: processmonitor.exe - svchost.exe
IFEO: procexplorerv1.0.exe - svchost.exe
IFEO: programauditor.exe - svchost.exe
IFEO: proport.exe - svchost.exe
IFEO: protector.exe - svchost.exe
IFEO: protectx.exe - svchost.exe
IFEO: PSANCU.exe - svchost.exe
IFEO: PSANHost.exe - svchost.exe
IFEO: PSANToManager.exe - svchost.exe
IFEO: PsCtrls.exe - svchost.exe
IFEO: PsImSvc.exe - svchost.exe
IFEO: PskSvc.exe - svchost.exe
IFEO: pspf.exe - svchost.exe
IFEO: PSUNMain.exe - svchost.exe
IFEO: purge.exe - svchost.exe
IFEO: qconsole.exe - svchost.exe
IFEO: qh.exe - svchost.exe
IFEO: qserver.exe - svchost.exe
IFEO: Quick Heal.exe - svchost.exe
IFEO: QuickHealCleaner.exe - svchost.exe
IFEO: rapapp.exe - svchost.exe
IFEO: rav7.exe - svchost.exe
IFEO: rav7win.exe - svchost.exe
IFEO: rav8win32eng.exe - svchost.exe
IFEO: ray.exe - svchost.exe
IFEO: rb32.exe - svchost.exe
IFEO: rcsync.exe - svchost.exe
IFEO: realmon.exe - svchost.exe
IFEO: reged.exe - svchost.exe
IFEO: regedt32.exe - svchost.exe
IFEO: rescue.exe - svchost.exe
IFEO: rescue32.exe - svchost.exe
IFEO: rrguard.exe - svchost.exe
IFEO: rscdwld.exe - svchost.exe
IFEO: rshell.exe - svchost.exe
IFEO: rtvscan.exe - svchost.exe
IFEO: rtvscn95.exe - svchost.exe
IFEO: rulaunch.exe - svchost.exe
IFEO: rwg - svchost.exe
IFEO: rwg.exe - svchost.exe
IFEO: SafetyKeeper.exe - svchost.exe
IFEO: safeweb.exe - svchost.exe
IFEO: sahagent.exe - svchost.exe
IFEO: Save.exe - svchost.exe
IFEO: SaveArmor.exe - svchost.exe
IFEO: SaveDefense.exe - svchost.exe
IFEO: SaveKeep.exe - svchost.exe
IFEO: savenow.exe - svchost.exe
IFEO: sbserv.exe - svchost.exe
IFEO: sc.exe - svchost.exe
IFEO: scam32.exe - svchost.exe
IFEO: scan32.exe - svchost.exe
IFEO: scan95.exe - svchost.exe
IFEO: scanpm.exe - svchost.exe
IFEO: scrscan.exe - svchost.exe
IFEO: Secure Veteran.exe - svchost.exe
IFEO: secureveteran.exe - svchost.exe
IFEO: Security Center.exe - svchost.exe
IFEO: SecurityFighter.exe - svchost.exe
IFEO: securitysoldier.exe - svchost.exe
IFEO: serv95.exe - svchost.exe
IFEO: setloadorder.exe - svchost.exe
IFEO: setupvameeval.exe - svchost.exe
IFEO: setup_flowprotector_us.exe - svchost.exe
IFEO: sgssfw32.exe - svchost.exe
IFEO: sh.exe - svchost.exe
IFEO: shellspyinstall.exe - svchost.exe
IFEO: shield.exe - svchost.exe
IFEO: shn.exe - svchost.exe
IFEO: showbehind.exe - svchost.exe
IFEO: signcheck.exe - svchost.exe
IFEO: smart.exe - svchost.exe
IFEO: smartprotector.exe - svchost.exe
IFEO: smc.exe - svchost.exe
IFEO: smrtdefp.exe - svchost.exe
IFEO: sms.exe - svchost.exe
IFEO: smss32.exe - svchost.exe
IFEO: snetcfg.exe - svchost.exe
IFEO: soap.exe - svchost.exe
IFEO: sofi.exe - svchost.exe
IFEO: SoftSafeness.exe - svchost.exe
IFEO: sperm.exe - svchost.exe
IFEO: spf.exe - svchost.exe
IFEO: sphinx.exe - svchost.exe
IFEO: spoler.exe - svchost.exe
IFEO: spoolcv.exe - svchost.exe
IFEO: spoolsv32.exe - svchost.exe
IFEO: spywarexpguard.exe - svchost.exe
IFEO: spyxx.exe - svchost.exe
IFEO: srexe.exe - svchost.exe
IFEO: srng.exe - svchost.exe
IFEO: ss3edit.exe - svchost.exe
IFEO: ssgrate.exe - svchost.exe
IFEO: ssg_4104.exe - svchost.exe
IFEO: st2.exe - svchost.exe
IFEO: start.exe - svchost.exe
IFEO: stcloader.exe - svchost.exe
IFEO: supftrl.exe - svchost.exe
IFEO: support.exe - svchost.exe
IFEO: supporter5.exe - svchost.exe
IFEO: svc.exe - svchost.exe
IFEO: svchostc.exe - svchost.exe
IFEO: svchosts.exe - svchost.exe
IFEO: svshost.exe - svchost.exe
IFEO: sweep95.exe - svchost.exe
IFEO: sweepnet.sweepsrv.sys.swnetsup.exe - svchost.exe
IFEO: symlcsvc.exe - svchost.exe
IFEO: symproxysvc.exe - svchost.exe
IFEO: symtray.exe - svchost.exe
IFEO: system.exe - svchost.exe
IFEO: system32.exe - svchost.exe
IFEO: sysupd.exe - svchost.exe
IFEO: tapinstall.exe - svchost.exe
IFEO: taumon.exe - svchost.exe
IFEO: tbscan.exe - svchost.exe
IFEO: tc.exe - svchost.exe
IFEO: tca.exe - svchost.exe
IFEO: tcm.exe - svchost.exe
IFEO: tds-3.exe - svchost.exe
IFEO: tds2-98.exe - svchost.exe
IFEO: tds2-nt.exe - svchost.exe
IFEO: teekids.exe - svchost.exe
IFEO: tfak.exe - svchost.exe
IFEO: tfak5.exe - svchost.exe
IFEO: tgbob.exe - svchost.exe
IFEO: titanin.exe - svchost.exe
IFEO: titaninxp.exe - svchost.exe
IFEO: TPSrv.exe - svchost.exe
IFEO: trickler.exe - svchost.exe
IFEO: trjscan.exe - svchost.exe
IFEO: trjsetup.exe - svchost.exe
IFEO: trojantrap3.exe - svchost.exe
IFEO: TrustWarrior.exe - svchost.exe
IFEO: tsadbot.exe - svchost.exe
IFEO: tsc.exe - svchost.exe
IFEO: tvmd.exe - svchost.exe
IFEO: tvtmd.exe - svchost.exe
IFEO: undoboot.exe - svchost.exe
IFEO: updat.exe - svchost.exe
IFEO: upgrad.exe - svchost.exe
IFEO: utpost.exe - svchost.exe
IFEO: vbcmserv.exe - svchost.exe
IFEO: vbcons.exe - svchost.exe
IFEO: vbust.exe - svchost.exe
IFEO: vbwin9x.exe - svchost.exe
IFEO: vbwinntw.exe - svchost.exe
IFEO: vcsetup.exe - svchost.exe
IFEO: vet32.exe - svchost.exe
IFEO: vet95.exe - svchost.exe
IFEO: vettray.exe - svchost.exe
IFEO: vfsetup.exe - svchost.exe
IFEO: vir-help.exe - svchost.exe
IFEO: virusmdpersonalfirewall.exe - svchost.exe
IFEO: virusutilities.exe - svchost.exe
IFEO: VisthAux.exe - svchost.exe
IFEO: VisthLic.exe - svchost.exe
IFEO: VisthUpd.exe - svchost.exe
IFEO: vnlan300.exe - svchost.exe
IFEO: vnpc3000.exe - svchost.exe
IFEO: vpc32.exe - svchost.exe
IFEO: vpc42.exe - svchost.exe
IFEO: vpfw30s.exe - svchost.exe
IFEO: vptray.exe - svchost.exe
IFEO: vscan40.exe - svchost.exe
IFEO: vscenu6.02d30.exe - svchost.exe
IFEO: vsched.exe - svchost.exe
IFEO: vsecomr.exe - svchost.exe
IFEO: vshwin32.exe - svchost.exe
IFEO: vsisetup.exe - svchost.exe
IFEO: vsmain.exe - svchost.exe
IFEO: vsmon.exe - svchost.exe
IFEO: vsstat.exe - svchost.exe
IFEO: vswin9xe.exe - svchost.exe
IFEO: vswinntse.exe - svchost.exe
IFEO: vswinperse.exe - svchost.exe
IFEO: w32dsm89.exe - svchost.exe
IFEO: W3asbas.exe - svchost.exe
IFEO: w9x.exe - svchost.exe
IFEO: watchdog.exe - svchost.exe
IFEO: webdav.exe - svchost.exe
IFEO: WebProxy.exe - svchost.exe
IFEO: webscanx.exe - svchost.exe
IFEO: webtrap.exe - svchost.exe
IFEO: wfindv32.exe - svchost.exe
IFEO: whoswatchingme.exe - svchost.exe
IFEO: wimmun32.exe - svchost.exe
IFEO: win-bugsfix.exe - svchost.exe
IFEO: win32.exe - svchost.exe
IFEO: win32us.exe - svchost.exe
IFEO: winactive.exe - svchost.exe
IFEO: winav.exe - svchost.exe
IFEO: windll32.exe - svchost.exe
IFEO: window.exe - svchost.exe
IFEO: windows Police Pro.exe - svchost.exe
IFEO: windows.exe - svchost.exe
IFEO: wininetd.exe - svchost.exe
IFEO: wininitx.exe - svchost.exe
IFEO: winlogin.exe - svchost.exe
IFEO: winmain.exe - svchost.exe
IFEO: winppr32.exe - svchost.exe
IFEO: winrecon.exe - svchost.exe
IFEO: winservn.exe - svchost.exe
IFEO: winssk32.exe - svchost.exe
IFEO: winstart.exe - svchost.exe
IFEO: winstart001.exe - svchost.exe
IFEO: wintsk32.exe - svchost.exe
IFEO: winupdate.exe - svchost.exe
IFEO: wkufind.exe - svchost.exe
IFEO: wnad.exe - svchost.exe
IFEO: wnt.exe - svchost.exe
IFEO: wradmin.exe - svchost.exe
IFEO: wrctrl.exe - svchost.exe
IFEO: wsbgate.exe - svchost.exe
IFEO: wscfxas.exe - svchost.exe
IFEO: wscfxav.exe - svchost.exe
IFEO: wscfxfw.exe - svchost.exe
IFEO: wsctool.exe - svchost.exe
IFEO: wupdater.exe - svchost.exe
IFEO: wupdt.exe - svchost.exe
IFEO: wyvernworksfirewall.exe - svchost.exe
IFEO: xpdeluxe.exe - svchost.exe
IFEO: xpf202en.exe - svchost.exe
IFEO: xp_antispyware.exe - svchost.exe
IFEO: zapro.exe - svchost.exe
IFEO: zapsetup3001.exe - svchost.exe
IFEO: zatutor.exe - svchost.exe
IFEO: zonalm2601.exe - svchost.exe
IFEO: zonealarm.exe - svchost.exe
IFEO: _avp32.exe - svchost.exe
IFEO: _avpcc.exe - svchost.exe
IFEO: _avpm.exe - svchost.exe
IFEO: ~1.exe - svchost.exe
IFEO: ~2.exe - svchost.exe
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Download Manager
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4)
Ask.com Toolbar
AT&T Communication Manager
Compatibility Pack for the 2007 Office system
Epson CreativeZone
Epson Easy Photo Print 2
EPSON NX110 Series Printer Uninstall
EPSON NX300 Series Printer Uninstall
EPSON Scan
Google Toolbar for Internet Explorer
Google Update Helper
Intel(R) Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
Internet TV for Windows Media Center
Java(TM) 6 Update 14
Junk Mail filter update
[email protected] 1.0
LTCM Client
Malwarebytes Anti-Malware version 1.70.0.1100
McAfee Total Protection
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Mouse and Keyboard Center
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Suite Activation Assistant
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft Works 4 Converter
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
MyToshiba
Netflix in Windows Media Center
NetZero Launcher
Norton Internet Security
OGA Notifier 2.0.0048.0
PlayReady PC Runtime x86
Quickbooks Financial Center
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
Realtek WLAN Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Shared C Run-time for x86
Skype Launcher
Synaptics Pointing Device Driver
Toshiba Application and Driver Installer
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA DVD PLAYER
TOSHIBA eco Utility
TOSHIBA Extended Tiles for Windows Mobility Center
TOSHIBA Face Recognition
TOSHIBA Hardware Setup
TOSHIBA HDD/SSD Alert
Toshiba Online Backup
TOSHIBA PC Health Monitor
Toshiba Quality Application
TOSHIBA Recovery Media Creator
TOSHIBA Service Station
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA Supervisor Password
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
ToshibaRegistration
WildTangent Games
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
.
==== Event Viewer Messages From Past Week ========
.
12/30/2012 10:37:07 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee McShield service to connect.
12/30/2012 10:37:07 PM, Error: Service Control Manager [7000] - The McAfee McShield service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/29/2012 8:27:46 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
12/29/2012 8:27:11 PM, Error: Service Control Manager [7024] - The Windows Firewall service terminated with service-specific error Access is denied..
.
==== End Of File ===========================


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16457
Run by beau at 23:52:03 on 2012-12-30
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2940.1853 [GMT -6:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\System32\spoolsv.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\mfevtps.exe
C:\Windows\system32\TODDSrv.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\rundll32.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\TEco.exe
C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIFBA.EXE
C:\windows\system32\igfxext.exe
C:\windows\system32\taskeng.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
c:\PROGRA~1\mcafee\SITEAD~1\saui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.aol.com/
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
BHO: Ask.com Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Ask.com Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - c:\program files\epson software\easy photo print\EPTBL.dll
TB: Ask.com Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [MyTOSHIBA] "c:\program files\toshiba\my toshiba\MyToshiba.exe" /AUTO
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [xoxuxkub] "c:\users\beau mcmullen\appdata\local\oirwha\vkaysftav.exe"
uRun: [wokkkjsp] "c:\users\beau mcmullen\appdata\local\xjijvv\vyhlsftav.exe"
uRun: [ifnndpev] "c:\users\beau mcmullen\appdata\local\ejaqpc\fcemsftav.exe"
uRun: [anrspkym] c:\users\beau mcmullen\appdata\local\wqclar\mbycsftav.exe
uRun: [yndhbfyr] c:\users\beau mcmullen\appdata\local\jydmnp\mryesftav.exe
uRun: [EPSON NX110 Series (Copy 1)] "c:\windows\system32\spool\drivers\w32x86\3\e_fatifba.exe" /fu "c:\windows\temp\E_S14C8.tmp" /EF "HKCU"
uRun: [EPSON NX110 Series] "c:\windows\system32\spool\drivers\w32x86\3\e_fatifba.exe" /fu "c:\windows\temp\E_SB57A.tmp" /EF "HKCU"
mRun: [IgfxTray] "c:\windows\system32\igfxtray.exe"
mRun: [HotKeysCmds] "c:\windows\system32\hkcmd.exe"
mRun: [Persistence] "c:\windows\system32\igfxpers.exe"
mRun: [RtHDVCpl] "c:\program files\realtek\audio\hda\RtHDVCpl.exe"
mRun: [SynTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"
mRun: [TPwrMain] "c:\program files\toshiba\power saver\TPwrMain.EXE"
mRun: [HSON] "c:\program files\toshiba\tbs\HSON.exe"
mRun: [SmoothView] "c:\program files\toshiba\smoothview\SmoothView.exe"
mRun: [00TCrdMain] "c:\program files\toshiba\flashcards\TCrdMain.exe"
mRun: [TosWaitSrv] "c:\program files\toshiba\tphm\TosWaitSrv.exe"
mRun: [ToshibaServiceStation] "c:\program files\toshiba\toshiba service station\ToshibaServiceStation.exe" /hide:60
mRun: [Teco] "c:\program files\toshiba\teco\Teco.exe" /r
mRun: [TWebCamera] "c:\program files\toshiba\toshiba web camera application\TWebCamera.exe" autorun
mRun: [SmartFaceVWatcher] "c:\program files\toshiba\smartfacev\SmartFaceVWatcher.exe"
mRun: [TosSENotify] "c:\program files\toshiba\toshiba hdd ssd alert\TosWaitSrv.exe"
mRun: [NortonOnlineBackupReminder] "c:\program files\toshiba\toshiba online backup\activation\TobuActivation.exe" UNATTENDED
mRun: [LTCM Client] "c:\program files\ltcm client\ltcmClient.exe" /startup
mRun: [AT&T Communication Manager] "c:\program files\at&t\communication manager\ATTCM.exe" -a
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [IntelliType Pro] "c:\program files\microsoft mouse and keyboard center\itype.exe"
mRun: [IntelliPoint] "c:\program files\microsoft mouse and keyboard center\ipoint.exe"
StartupFolder: c:\users\beaumc~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\epsona~1.lnk - d:\common\epsonreg\EpsonReg.exe
uPolicies-Explorer: HideSCAHealth = dword:1
uPolicies-System: DisableRegedit = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{3428C974-DC7B-4C28-8F08-0E4520B7D8E8} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{B02F80AC-3001-4F6A-AEE1-7F2CB6020C8F} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B02F80AC-3001-4F6A-AEE1-7F2CB6020C8F}\34963736F61383530313 : DHCPNameServer = 71.15.32.8 97.81.22.195 66.189.0.100
TCP: Interfaces\{B02F80AC-3001-4F6A-AEE1-7F2CB6020C8F}\4656E6E69737 : DHCPNameServer = 67.76.234.226 65.40.202.102
TCP: Interfaces\{B02F80AC-3001-4F6A-AEE1-7F2CB6020C8F}\73134613 : DHCPNameServer = 71.92.29.130 97.81.22.195 68.113.206.10
TCP: Interfaces\{B02F80AC-3001-4F6A-AEE1-7F2CB6020C8F}\841607079724561627D27657563747 : DHCPNameServer = 71.92.29.130 97.81.22.195 68.113.206.10
TCP: Interfaces\{B02F80AC-3001-4F6A-AEE1-7F2CB6020C8F}\C696E6B6379737 : DHCPNameServer = 75.75.76.76 75.75.75.75 192.168.1.1
TCP: Interfaces\{B02F80AC-3001-4F6A-AEE1-7F2CB6020C8F}\D41696E6D2C4962627162797 : DHCPNameServer = 172.16.1.1
TCP: Interfaces\{B02F80AC-3001-4F6A-AEE1-7F2CB6020C8F}\D43674579627560213 : DHCPNameServer = 71.92.29.130 97.81.22.195 68.113.206.10
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\program files\mcafee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\program files\mcafee\siteadvisor\McIEPlg.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u €
Ïþ op €O
mASetup: {01250B8F-D947-4F8A-9408-FE8E3EE2EC92} - c:\program files\toshiba\my toshiba\MyToshiba.exe /SETUP
IFEO: a.exe - svchost.exe
IFEO: aAvgApi.exe - svchost.exe
IFEO: AAWTray.exe - svchost.exe
IFEO: About.exe - svchost.exe
IFEO: ackwin32.exe - svchost.exe
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2012-8-2 64832]
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2012-4-9 554048]
R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2012-4-9 206784]
R2 cfWiMAXService;ConfigFree WiMAX Service;c:\program files\toshiba\configfree\CFIWmxSvcs.exe [2009-8-10 185712]
R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2009-3-10 46448]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-8-2 168280]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-8-2 168280]
R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-8-2 168280]
R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-8-2 168280]
R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2012-4-9 168368]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-3-13 166320]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\toshiba\teco\TecoService.exe [2009-8-11 185712]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\drivers\TVALZFL.sys [2009-6-19 12920]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2012-4-9 60480]
R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2009-10-21 7680]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2012-4-9 230224]
R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2012-4-9 360792]
R3 PGEffect;Pangu effect driver;c:\windows\system32\drivers\PGEffect.sys [2009-10-21 24064]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-10-21 187392]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\drivers\rtl8192se.sys [2009-10-21 859136]
R3 TMachInfo;TMachInfo;c:\program files\toshiba\toshiba service station\TMachInfo.exe [2009-10-21 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\toshiba\toshiba hdd ssd alert\TosSmartSrv.exe [2009-8-3 111960]
R3 TPCHSrv;TPCH Service;c:\program files\toshiba\tphm\TPCHSrv.exe [2009-8-6 685424]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2012-4-9 200816]
S3 ATTRcAppSvc;AT&T RcAppSvc;c:\program files\at&t\communication manager\RcAppSvc.exe [2009-12-4 121416]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 CAATT;AT&T Con App Svc;c:\program files\at&t\communication manager\ConAppsSvc.exe [2009-12-4 125512]
S3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-8-2 146872]
S3 McAWFwk;McAfee Activation Service;c:\progra~1\mcafee\msc\mcawfwk.exe [2012-4-9 203080]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2012-4-9 61912]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2012-4-9 92192]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\drivers\RtsUStor.sys [2009-10-21 171520]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [2009-5-13 90240]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [2009-5-13 14976]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [2009-5-13 121856]
S3 ssecbus;Samsung Mobile Modem Device driver (WDM);c:\windows\system32\drivers\ssecbus.sys [2009-1-15 86528]
S3 ssecmdfl;Samsung Mobile Modem Device 2 Filter;c:\windows\system32\drivers\ssecmdfl.sys [2009-1-15 14976]
S3 ssecmdm;Samsung Mobile Modem Device 2 Driver;c:\windows\system32\drivers\ssecmdm.sys [2009-1-15 114304]
S3 SWNC8U80;Sierra Wireless MUX NDIS Driver (UMTS80);c:\windows\system32\drivers\swnc8u80.sys [2009-3-31 190080]
S3 SWUMX80;Sierra Wireless USB MUX Driver (UMTS80);c:\windows\system32\drivers\swumx80.sys [2009-5-4 148096]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-5 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-3-4 1343400]
S4 McOobeSv;McAfee OOBE Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-8-2 168280]
.
=============== Created Last 30 ================
.
2012-12-30 03:40:07 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-12-30 03:40:07 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-12-30 03:40:07 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-12-30 03:39:30 -------- d-----w- c:\program files\Microsoft Mouse and Keyboard Center
2012-12-30 02:41:52 -------- d-----w- c:\programdata\Malwarebytes
2012-12-30 02:41:51 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-30 02:41:51 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-12-30 02:40:33 -------- d-----w- c:\users\beau mcmullen\appdata\local\Programs
2012-12-27 08:25:37 34304 ----a-w- c:\windows\system32\atmlib.dll
2012-12-27 08:25:37 295424 ----a-w- c:\windows\system32\atmfd.dll
2012-12-27 06:30:29 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-12-03 07:18:10 78336 ----a-w- c:\windows\system32\synceng.dll
.
==================== Find3M ====================
.
2012-11-14 02:09:22 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-11-09 04:42:49 2048 ----a-w- c:\windows\system32\tzres.dll
2012-11-02 21:37:10 862664 ----a-w- c:\windows\system32\msvcr110.dll
2012-11-02 21:37:10 534480 ----a-w- c:\windows\system32\msvcp110.dll
2012-11-02 21:37:10 44184 ----a-w- c:\windows\system32\drivers\point32.sys
2012-11-02 21:37:10 251864 ----a-w- c:\windows\system32\vccorlib110.dll
2012-11-02 21:37:10 1629040 ----a-w- c:\windows\system32\WdfCoInstaller01011.dll
2012-11-02 05:11:31 376832 ----a-w- c:\windows\system32\dpnet.dll
2012-10-04 16:47:18 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-10-04 16:43:05 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-10-04 14:57:58 271360 ----a-w- c:\windows\system32\conhost.exe
2012-10-04 14:41:50 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-04 14:41:50 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-04 14:41:50 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-04 14:41:50 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
.
============= FINISH: 0:00:12.94 ===============
 
Joined
May 7, 2011
Messages
14,142
Hi, my name is Mark and I will be helping you.

IMPORTANT: Please take the time to read this first.
For the benefit of others that are waiting for help please try to respond as fast as you can and make sure you read all of the instructions I will be giving you to follow. Time spent waiting for replies or having to repeat questions keeps other people waiting in the queue for help.

I am in Spain at GMT+1 hour, I check my emails several times a day so will usually reply to your responses within a few hours or less unless it is night time here. During the evening here I will usually reply within minutes. Please try to do the same for a swift clean up. Some Malware needs to be dealt with quickly or it will multiply and become deeply embedded in your system and more difficult to find and remove, so quick replies will have more than one benefit.

Keep in mind that I cannot see your PC, so please give as much detail as possible if something goes wrong or you receive any error messages.

Malware can be unpredictable and often time consuming to remove, on rare occasions something can go awry and your system may need to have Windows re-installed. Please make sure before we start that you have copies of all your important data saved to an external hard drive or CD/DVD's. Please make sure you disconnect any external hard drives and/or Flash drives during the clean up.

If you have run any scans that found an infection please let me know.

DO NOT run any scans or make any changes that I have not asked you to do as this can cause misleading results and make my job much harder in trying to help you. Please also uninstall any file sharing software i.e. uTorrent, BitTorrent, etc, if you insist on keeping it do not use it until we are finished. Use of file sharing software is one of the easiest ways to get your PC infected.

If I get no reply from you for two days I will mark the thread as Solved and move on to helping someone else. If you know you will be unable to reply for any length of time please let me know in advance.

Please don't abandon the thread as soon as your PC starts to work normally again as there will be other important checks to make to help protect your system from re-infection. It is also important to follow the correct procedure when removing the tools used to ensure all quarantined infections are completely removed and infected Restore Points are safely deleted.

Stick with me and we can quickly clean up your PC, if you cannot dedicate the time then a Reformat and Re-install will be your quickest option.

===========================================================================

You have quite a nasty infection which will block any attempt to run Anti Virus software.

You also have a very out of date version of Java installed which is prone to get infected and a second Anti Virus program "Norton Internet Security" installed which needs to be removed, we will deal with those later.

Please run Mbar as instructed below, if it won't download or run (which I suspect will be the case) please run RKill first.


Please download RKill by Grinler and save it to your desktop.
Link 2
Link 3
Link 4


  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • DO NOT reboot, run Mbar and post the resulting log.



1. Download Malwarebytes Anti-Rootkit from this link mbar
2. Unzip the File to a convenient location. (Recommend the Desktop)
3. Open the folder where the contents were unzipped to run mbar.exe



4. Double-click on the mbar.exe file, you may receive a User Account Control prompt asking if you are sure you wish to allow the program to run. Please allow the program to run and MBAR will now start to install any necessary drivers that are required for the program to operate correctly. If a rootkit is interfering with the installation of the drivers you will see a message that states that the DDA driver was not installed and that you should reboot your computer to install it. You will see this image:



5. If you receive this message, please click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer. Once the computer is rebooted and you login, MBAR will automatically start and you will now be at the start screen. (If no Rootkit warning you will go from step 4 to 6.)

6. The following image opens, select Next.



7. The following image opens, select Update



8. When the Update completes, select Next



9. In the following window ensure "Targets" are ticked. Then select "Scan"



10. If an infection/s is found the "Cleanup Button" to remove threats will be available. A list of infected files will be listed like the following example:



11. Do not select the "Clean up Button" select the "Exit" button, there will be a warning as follows:



12. Select "Yes" to close down the program. If NO infections were found you will see the following image:



13. Select "Exit" to close down.
14. Copy and paste the two following logs from the mbar folder:

System - log
Mbar - log Date and time of scan will also be shown

 

Enegue

Thread Starter
Joined
Dec 31, 2012
Messages
14
Mark,
Thank you for your reply.
I am in Houston Texas USA so as I compute it there is an 8 hour difference between us,so, please take that into consideration. As I am starting my work day you are ending yours.
As soon as my New Years hangover goes away I shall commence with what you suggested.
Gene
 
Joined
May 7, 2011
Messages
14,142
I to am a little off color due to last nights celebrations, but it was worth it.

I'm not sure what happened but half of the instructions I posted above had vanished from the post so I have made an edit to put it right.
 

Enegue

Thread Starter
Joined
Dec 31, 2012
Messages
14
Mark,
You're confusing an idiot here?
You have four links listed above.
RKill takes me to "bleeping computer" and RKill
Link 2 also takes me to what appears as the same place?
Links 3 and 4 take me to spywarehammer and a discussion similar to what we are doing here?
Please confirm I need to download only 2 files, those being MBAR and RKill.
You will need to point out whatever it is in links 3 &4 that you want me to know.
Thanks
Gene
 
Joined
May 7, 2011
Messages
14,142
Eeek, someone has changed the links. Use the first one named RKill. You will see three buttons with different names on the Bleeping Computer site, try the first one as per the instructions, if the black box does not flash up on screen when you run it delete the file and go back to the same link and try the next one. If they all fail let me know.
 

Enegue

Thread Starter
Joined
Dec 31, 2012
Messages
14
I have downloaded Rkill and Mbar.
What do you want me to do about Links 3 & 4?

This is a second topic but salient to MY problem.. So if I should post it elsewhere let me know.

I have not made my recovery discs for this machine. As I understand the instructions from Toshiba the "recovery discs are on a hidden part of the HD"..." and can only be accessed through Toshibas recovery program. Is your opinion that when I make my recovery disks (not backup) that the malware won't follow me?
Regards
Gene
 
Joined
May 7, 2011
Messages
14,142
Best to leave making the Recovery discs until the PC is clean, the Recovery partition is perfectly safe from infection.

You can ignore links 3 & 4 as they have been changed without my knowledge and my instructions will be updated for future use. Try to run RKill from the first download, if you see the black box appear go ahead with running Mbar, if you don't see the black box delete the RKill file from your desktop and download the next one from the "RKill" link.

All three download buttons on the Bleeping Computer will download RKill with different names. The idea is to try each one until you get one that works. Try the one you have and then move on to running Mbar if it works, or try the next one if it fails.
 

Enegue

Thread Starter
Joined
Dec 31, 2012
Messages
14
Attached are all log files.
MBAR detected 8 problems but per your instructions I did NOT delete them.
Gene
PS It's 7:20 PM here in Hiuston.....what time is it where you are?

Sytem Log
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1011
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_14
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.094000 GHz
Memory total: 3082801152, free: 2047860736
------------ Kernel report ------------
01/02/2013 18:48:26
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\TVALZ_O.SYS
\SystemRoot\system32\DRIVERS\tos_sps32.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\McPvDrv.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\TVALZFL.sys
\SystemRoot\system32\DRIVERS\FwLnk.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\rtl8192se.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\tdcmdpst.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\System32\Drivers\RootMdm.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\RimSerial.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\point32.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\pgeffect.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\cfwids.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\gdi32.dll
\Windows\System32\advapi32.dll
\Windows\System32\ole32.dll
\Windows\System32\imm32.dll
\Windows\System32\wininet.dll
\Windows\System32\user32.dll
\Windows\System32\lpk.dll
\Windows\System32\shlwapi.dll
\Windows\System32\imagehlp.dll
\Windows\System32\Wldap32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\difxapi.dll
\Windows\System32\sechost.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\usp10.dll
\Windows\System32\shell32.dll
\Windows\System32\urlmon.dll
\Windows\System32\msvcrt.dll
\Windows\System32\normaliz.dll
\Windows\System32\oleaut32.dll
\Windows\System32\iertutil.dll
\Windows\System32\clbcatq.dll
\Windows\System32\setupapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\kernel32.dll
\Windows\System32\nsi.dll
\Windows\System32\msctf.dll
\Windows\System32\psapi.dll
\Windows\System32\KernelBase.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\wintrust.dll
\Windows\System32\comctl32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\msasn1.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8701c030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff861e8028
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
DriverEntry returned 0x0
Function returned 0x0
Downloaded database version: v2013.01.02.10
Downloaded database version: v2012.12.27.02
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8701c030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8701cd10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8701c030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff861e8028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Upper DeviceData: 0xffffffffc1572b70, 0xffffffff8701c030, 0xffffffff8a248530
Lower DeviceData: 0xffffffffc19911d8, 0xffffffff861e8028, 0xffffffff8a1e63f8
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\windows\system32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1902C2AF
Partition information:
Partition 0 type is Other (0x27)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 3072000
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 3074048 Numsec = 605280256
Partition 2 type is HIDDEN (0x17)
Partition is NOT ACTIVE.
Partition starts at LBA: 608354304 Numsec = 16787456
Partition is not bootable
Hidden partition VBR is not infected.
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 320072933376 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Done!
Performing system, memory and registry scan...
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} --> [PUP.MyWebSearch]
Infected: HKCU\SOFTWARE\avsoft --> [Trojan.Fraudpack]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|DisableRegedit --> [Hijack.Regedit]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|xoxuxkub --> [Trojan.FakeAlert.Gen]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|wokkkjsp --> [Trojan.FakeAlert.Gen]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ifnndpev --> [Trojan.FakeAlert.Gen]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|anrspkym --> [Trojan.FakeAlert.Gen]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|yndhbfyr --> [Trojan.FakeAlert.Gen]
Done!
Scan finished
=======================================

Mbar Log
Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org
Database version: v2013.01.02.10
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
beau:: BEAU-PC [administrator]
1/2/2013 7:00:38 PM
mbar-log-2013-01-02 (19-00-38).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 28249
Time elapsed: 11 minute(s), 41 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 2
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Delete on reboot.
HKCU\SOFTWARE\avsoft (Trojan.Fraudpack) -> Delete on reboot.
Registry Values Detected: 6
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|DisableRegedit (Hijack.Regedit) -> Data: 0 -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|xoxuxkub (Trojan.FakeAlert.Gen) -> Data: "C:\Users\beau mcmullen\AppData\Local\oirwha\vkaysftav.exe" -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|wokkkjsp (Trojan.FakeAlert.Gen) -> Data: "C:\Users\beau mcmullen\AppData\Local\xjijvv\vyhlsftav.exe" -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ifnndpev (Trojan.FakeAlert.Gen) -> Data: "C:\Users\beau mcmullen\AppData\Local\ejaqpc\fcemsftav.exe" -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|anrspkym (Trojan.FakeAlert.Gen) -> Data: C:\Users\beau mcmullen\AppData\Local\wqclar\mbycsftav.exe -> Delete on reboot.
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|yndhbfyr (Trojan.FakeAlert.Gen) -> Data: C:\Users\beau mcmullen\AppData\Local\jydmnp\mryesftav.exe -> Delete on reboot.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)


Rkill
Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 01/02/2013 06:45:01 PM in x86 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* _avp32.exe debugger. [IFEO Debugger Deleted]
* _avpcc.exe debugger. [IFEO Debugger Deleted]
* _avpm.exe debugger. [IFEO Debugger Deleted]
* ~1.exe debugger. [IFEO Debugger Deleted]
* ~2.exe debugger. [IFEO Debugger Deleted]
* a.exe debugger. [IFEO Debugger Deleted]
* aAvgApi.exe debugger. [IFEO Debugger Deleted]
* AAWTray.exe debugger. [IFEO Debugger Deleted]
* About.exe debugger. [IFEO Debugger Deleted]
* ackwin32.exe debugger. [IFEO Debugger Deleted]
* adaware.exe debugger. [IFEO Debugger Deleted]
* Ad-Aware.exe debugger. [IFEO Debugger Deleted]
* advxdwin.exe debugger. [IFEO Debugger Deleted]
* AdwarePrj.exe debugger. [IFEO Debugger Deleted]
* agent.exe debugger. [IFEO Debugger Deleted]
* agentsvr.exe debugger. [IFEO Debugger Deleted]
* agentw.exe debugger. [IFEO Debugger Deleted]
* alertsvc.exe debugger. [IFEO Debugger Deleted]
* alevir.exe debugger. [IFEO Debugger Deleted]
* alogserv.exe debugger. [IFEO Debugger Deleted]
* AlphaAV debugger. [IFEO Debugger Deleted]
* AlphaAV.exe debugger. [IFEO Debugger Deleted]
* AluSchedulerSvc.exe debugger. [IFEO Debugger Deleted]
* amon9x.exe debugger. [IFEO Debugger Deleted]
* AntispywarXP2009.exe debugger. [IFEO Debugger Deleted]
* anti-trojan.exe debugger. [IFEO Debugger Deleted]
* Anti-Virus Professional.exe debugger. [IFEO Debugger Deleted]
* antivirus.exe debugger. [IFEO Debugger Deleted]
* AntiVirus_Pro.exe debugger. [IFEO Debugger Deleted]
* AntivirusPlus debugger. [IFEO Debugger Deleted]
* AntivirusPlus.exe debugger. [IFEO Debugger Deleted]
* AntivirusPro_2010.exe debugger. [IFEO Debugger Deleted]
* AntivirusXP debugger. [IFEO Debugger Deleted]
* AntivirusXP.exe debugger. [IFEO Debugger Deleted]
* antivirusxppro2009.exe debugger. [IFEO Debugger Deleted]
* ants.exe debugger. [IFEO Debugger Deleted]
* apimonitor.exe debugger. [IFEO Debugger Deleted]
* aplica32.exe debugger. [IFEO Debugger Deleted]
* apvxdwin.exe debugger. [IFEO Debugger Deleted]
* arr.exe debugger. [IFEO Debugger Deleted]
* ashAvast.exe debugger. [IFEO Debugger Deleted]
* ashBug.exe debugger. [IFEO Debugger Deleted]
* ashChest.exe debugger. [IFEO Debugger Deleted]
* ashCnsnt.exe debugger. [IFEO Debugger Deleted]
* ashDisp.exe debugger. [IFEO Debugger Deleted]
* ashLogV.exe debugger. [IFEO Debugger Deleted]
* ashMaiSv.exe debugger. [IFEO Debugger Deleted]
* ashPopWz.exe debugger. [IFEO Debugger Deleted]
* ashQuick.exe debugger. [IFEO Debugger Deleted]
* ashServ.exe debugger. [IFEO Debugger Deleted]
* ashSimp2.exe debugger. [IFEO Debugger Deleted]
* ashSimpl.exe debugger. [IFEO Debugger Deleted]
* ashSkPcc.exe debugger. [IFEO Debugger Deleted]
* ashSkPck.exe debugger. [IFEO Debugger Deleted]
* ashUpd.exe debugger. [IFEO Debugger Deleted]
* ashWebSv.exe debugger. [IFEO Debugger Deleted]
* aswChLic.exe debugger. [IFEO Debugger Deleted]
* aswRegSvr.exe debugger. [IFEO Debugger Deleted]
* aswRunDll.exe debugger. [IFEO Debugger Deleted]
* aswUpdSv.exe debugger. [IFEO Debugger Deleted]
* atcon.exe debugger. [IFEO Debugger Deleted]
* atguard.exe debugger. [IFEO Debugger Deleted]
* atro55en.exe debugger. [IFEO Debugger Deleted]
* atupdater.exe debugger. [IFEO Debugger Deleted]
* atwatch.exe debugger. [IFEO Debugger Deleted]
* au.exe debugger. [IFEO Debugger Deleted]
* aupdate.exe debugger. [IFEO Debugger Deleted]
* autodown.exe debugger. [IFEO Debugger Deleted]
* auto-protect.nav80try.exe debugger. [IFEO Debugger Deleted]
* autotrace.exe debugger. [IFEO Debugger Deleted]
* autoupdate.exe debugger. [IFEO Debugger Deleted]
* av360.exe debugger. [IFEO Debugger Deleted]
* avadmin.exe debugger. [IFEO Debugger Deleted]
* avastSvc.exe debugger. [IFEO Debugger Deleted]
* avastUI.exe debugger. [IFEO Debugger Deleted]
* AVCare.exe debugger. [IFEO Debugger Deleted]
* avcenter.exe debugger. [IFEO Debugger Deleted]
* avciman.exe debugger. [IFEO Debugger Deleted]
* avconfig.exe debugger. [IFEO Debugger Deleted]
* avconsol.exe debugger. [IFEO Debugger Deleted]
* ave32.exe debugger. [IFEO Debugger Deleted]
* AVENGINE.exe debugger. [IFEO Debugger Deleted]
* avgcc32.exe debugger. [IFEO Debugger Deleted]
* avgchk.exe debugger. [IFEO Debugger Deleted]
* avgcmgr.exe debugger. [IFEO Debugger Deleted]
* avgcsrvx.exe debugger. [IFEO Debugger Deleted]
* avgctrl.exe debugger. [IFEO Debugger Deleted]
* avgdumpx.exe debugger. [IFEO Debugger Deleted]
* avgemc.exe debugger. [IFEO Debugger Deleted]
* avgiproxy.exe debugger. [IFEO Debugger Deleted]
* avgnsx.exe debugger. [IFEO Debugger Deleted]
* avgnt.exe debugger. [IFEO Debugger Deleted]
* avgrsx.exe debugger. [IFEO Debugger Deleted]
* avgscanx.exe debugger. [IFEO Debugger Deleted]
* avgserv.exe debugger. [IFEO Debugger Deleted]
* avgserv9.exe debugger. [IFEO Debugger Deleted]
* avgsrmax.exe debugger. [IFEO Debugger Deleted]
* avgtray.exe debugger. [IFEO Debugger Deleted]
* avguard.exe debugger. [IFEO Debugger Deleted]
* avgui.exe debugger. [IFEO Debugger Deleted]
* avgupd.exe debugger. [IFEO Debugger Deleted]
* avgw.exe debugger. [IFEO Debugger Deleted]
* avgwdsvc.exe debugger. [IFEO Debugger Deleted]
* avkpop.exe debugger. [IFEO Debugger Deleted]
* avkserv.exe debugger. [IFEO Debugger Deleted]
* avkservice.exe debugger. [IFEO Debugger Deleted]
* avkwctl9.exe debugger. [IFEO Debugger Deleted]
* avltmain.exe debugger. [IFEO Debugger Deleted]
* avmailc.exe debugger. [IFEO Debugger Deleted]
* avmcdlg.exe debugger. [IFEO Debugger Deleted]
* avnotify.exe debugger. [IFEO Debugger Deleted]
* avnt.exe debugger. [IFEO Debugger Deleted]
* avp32.exe debugger. [IFEO Debugger Deleted]
* avpcc.exe debugger. [IFEO Debugger Deleted]
* avpdos32.exe debugger. [IFEO Debugger Deleted]
* avpm.exe debugger. [IFEO Debugger Deleted]
* avptc32.exe debugger. [IFEO Debugger Deleted]
* avpupd.exe debugger. [IFEO Debugger Deleted]
* avsched32.exe debugger. [IFEO Debugger Deleted]
* avshadow.exe debugger. [IFEO Debugger Deleted]
* avsynmgr.exe debugger. [IFEO Debugger Deleted]
* avupgsvc.exe debugger. [IFEO Debugger Deleted]
* AVWEBGRD.exe debugger. [IFEO Debugger Deleted]
* avwin.exe debugger. [IFEO Debugger Deleted]
* avwin95.exe debugger. [IFEO Debugger Deleted]
* avwinnt.exe debugger. [IFEO Debugger Deleted]
* avwsc.exe debugger. [IFEO Debugger Deleted]
* avwupd.exe debugger. [IFEO Debugger Deleted]
* avwupd32.exe debugger. [IFEO Debugger Deleted]
* avwupsrv.exe debugger. [IFEO Debugger Deleted]
* avxmonitor9x.exe debugger. [IFEO Debugger Deleted]
* avxmonitornt.exe debugger. [IFEO Debugger Deleted]
* avxquar.exe debugger. [IFEO Debugger Deleted]
* b.exe debugger. [IFEO Debugger Deleted]
* backweb.exe debugger. [IFEO Debugger Deleted]
* bargains.exe debugger. [IFEO Debugger Deleted]
* bd_professional.exe debugger. [IFEO Debugger Deleted]
* bdfvcl.exe debugger. [IFEO Debugger Deleted]
* bdfvwiz.exe debugger. [IFEO Debugger Deleted]
* BDInProcPatch.exe debugger. [IFEO Debugger Deleted]
* bdmcon.exe debugger. [IFEO Debugger Deleted]
* BDMsnScan.exe debugger. [IFEO Debugger Deleted]
* BDSurvey.exe debugger. [IFEO Debugger Deleted]
* beagle.exe debugger. [IFEO Debugger Deleted]
* belt.exe debugger. [IFEO Debugger Deleted]
* bidef.exe debugger. [IFEO Debugger Deleted]
* bidserver.exe debugger. [IFEO Debugger Deleted]
* bipcp.exe debugger. [IFEO Debugger Deleted]
* bipcpevalsetup.exe debugger. [IFEO Debugger Deleted]
* bisp.exe debugger. [IFEO Debugger Deleted]
* blackd.exe debugger. [IFEO Debugger Deleted]
* blackice.exe debugger. [IFEO Debugger Deleted]
* blink.exe debugger. [IFEO Debugger Deleted]
* blss.exe debugger. [IFEO Debugger Deleted]
* bootconf.exe debugger. [IFEO Debugger Deleted]
* bootwarn.exe debugger. [IFEO Debugger Deleted]
* borg2.exe debugger. [IFEO Debugger Deleted]
* bpc.exe debugger. [IFEO Debugger Deleted]
* brasil.exe debugger. [IFEO Debugger Deleted]
* brastk.exe debugger. [IFEO Debugger Deleted]
* brw.exe debugger. [IFEO Debugger Deleted]
* bs120.exe debugger. [IFEO Debugger Deleted]
* bspatch.exe debugger. [IFEO Debugger Deleted]
* bundle.exe debugger. [IFEO Debugger Deleted]
* bvt.exe debugger. [IFEO Debugger Deleted]
* c.exe debugger. [IFEO Debugger Deleted]
* cavscan.exe debugger. [IFEO Debugger Deleted]
* ccapp.exe debugger. [IFEO Debugger Deleted]
* ccevtmgr.exe debugger. [IFEO Debugger Deleted]
* ccpxysvc.exe debugger. [IFEO Debugger Deleted]
* ccSvcHst.exe debugger. [IFEO Debugger Deleted]
* cdp.exe debugger. [IFEO Debugger Deleted]
* cfd.exe debugger. [IFEO Debugger Deleted]
* cfgwiz.exe debugger. [IFEO Debugger Deleted]
* cfiadmin.exe debugger. [IFEO Debugger Deleted]
* cfiaudit.exe debugger. [IFEO Debugger Deleted]
* cfinet.exe debugger. [IFEO Debugger Deleted]
* cfinet32.exe debugger. [IFEO Debugger Deleted]
* cfp.exe debugger. [IFEO Debugger Deleted]
* cfpconfg.exe debugger. [IFEO Debugger Deleted]
* cfplogvw.exe debugger. [IFEO Debugger Deleted]
* cfpupdat.exe debugger. [IFEO Debugger Deleted]
* claw95.exe debugger. [IFEO Debugger Deleted]
* claw95cf.exe debugger. [IFEO Debugger Deleted]
* clean.exe debugger. [IFEO Debugger Deleted]
* cleaner.exe debugger. [IFEO Debugger Deleted]
* cleaner3.exe debugger. [IFEO Debugger Deleted]
* cleanIELow.exe debugger. [IFEO Debugger Deleted]
* cleanpc.exe debugger. [IFEO Debugger Deleted]
* click.exe debugger. [IFEO Debugger Deleted]
* cmd32.exe debugger. [IFEO Debugger Deleted]
* cmdagent.exe debugger. [IFEO Debugger Deleted]
* cmesys.exe debugger. [IFEO Debugger Deleted]
* cmgrdian.exe debugger. [IFEO Debugger Deleted]
* cmon016.exe debugger. [IFEO Debugger Deleted]
* connectionmonitor.exe debugger. [IFEO Debugger Deleted]
* control debugger. [IFEO Debugger Deleted]
* cpd.exe debugger. [IFEO Debugger Deleted]
* cpf9x206.exe debugger. [IFEO Debugger Deleted]
* cpfnt206.exe debugger. [IFEO Debugger Deleted]
* crashrep.exe debugger. [IFEO Debugger Deleted]
* csc.exe debugger. [IFEO Debugger Deleted]
* cssconfg.exe debugger. [IFEO Debugger Deleted]
* cssupdat.exe debugger. [IFEO Debugger Deleted]
* cssurf.exe debugger. [IFEO Debugger Deleted]
* ctrl.exe debugger. [IFEO Debugger Deleted]
* cv.exe debugger. [IFEO Debugger Deleted]
* cwnb181.exe debugger. [IFEO Debugger Deleted]
* cwntdwmo.exe debugger. [IFEO Debugger Deleted]
* d.exe debugger. [IFEO Debugger Deleted]
* datemanager.exe debugger. [IFEO Debugger Deleted]
* dcomx.exe debugger. [IFEO Debugger Deleted]
* defalert.exe debugger. [IFEO Debugger Deleted]
* defscangui.exe debugger. [IFEO Debugger Deleted]
* defwatch.exe debugger. [IFEO Debugger Deleted]
* deloeminfs.exe debugger. [IFEO Debugger Deleted]
* deputy.exe debugger. [IFEO Debugger Deleted]
* divx.exe debugger. [IFEO Debugger Deleted]
* dllcache.exe debugger. [IFEO Debugger Deleted]
* dllreg.exe debugger. [IFEO Debugger Deleted]
* doors.exe debugger. [IFEO Debugger Deleted]
* dop.exe debugger. [IFEO Debugger Deleted]
* dpf.exe debugger. [IFEO Debugger Deleted]
* dpfsetup.exe debugger. [IFEO Debugger Deleted]
* dpps2.exe debugger. [IFEO Debugger Deleted]
* driverctrl.exe debugger. [IFEO Debugger Deleted]
* drwatson.exe debugger. [IFEO Debugger Deleted]
* drweb32.exe debugger. [IFEO Debugger Deleted]
* drwebupw.exe debugger. [IFEO Debugger Deleted]
* dssagent.exe debugger. [IFEO Debugger Deleted]
* dvp95.exe debugger. [IFEO Debugger Deleted]
* dvp95_0.exe debugger. [IFEO Debugger Deleted]
* ecengine.exe debugger. [IFEO Debugger Deleted]
* efpeadm.exe debugger. [IFEO Debugger Deleted]
* emsw.exe debugger. [IFEO Debugger Deleted]
* ent.exe debugger. [IFEO Debugger Deleted]
* esafe.exe debugger. [IFEO Debugger Deleted]
* escanhnt.exe debugger. [IFEO Debugger Deleted]
* escanv95.exe debugger. [IFEO Debugger Deleted]
* espwatch.exe debugger. [IFEO Debugger Deleted]
* ethereal.exe debugger. [IFEO Debugger Deleted]
* etrustcipe.exe debugger. [IFEO Debugger Deleted]
* evpn.exe debugger. [IFEO Debugger Deleted]
* exantivirus-cnet.exe debugger. [IFEO Debugger Deleted]
* exe.avxw.exe debugger. [IFEO Debugger Deleted]
* expert.exe debugger. [IFEO Debugger Deleted]
* explore.exe debugger. [IFEO Debugger Deleted]
* fact.exe debugger. [IFEO Debugger Deleted]
* f-agnt95.exe debugger. [IFEO Debugger Deleted]
* fameh32.exe debugger. [IFEO Debugger Deleted]
* fast.exe debugger. [IFEO Debugger Deleted]
* fch32.exe debugger. [IFEO Debugger Deleted]
* fih32.exe debugger. [IFEO Debugger Deleted]
* findviru.exe debugger. [IFEO Debugger Deleted]
* firewall.exe debugger. [IFEO Debugger Deleted]
* fixcfg.exe debugger. [IFEO Debugger Deleted]
* fixfp.exe debugger. [IFEO Debugger Deleted]
* fnrb32.exe debugger. [IFEO Debugger Deleted]
* fprot.exe debugger. [IFEO Debugger Deleted]
* f-prot.exe debugger. [IFEO Debugger Deleted]
* f-prot95.exe debugger. [IFEO Debugger Deleted]
* fp-win.exe debugger. [IFEO Debugger Deleted]
* fp-win_trial.exe debugger. [IFEO Debugger Deleted]
* frmwrk32.exe debugger. [IFEO Debugger Deleted]
* frw.exe debugger. [IFEO Debugger Deleted]
* fsaa.exe debugger. [IFEO Debugger Deleted]
* fsav.exe debugger. [IFEO Debugger Deleted]
* fsav32.exe debugger. [IFEO Debugger Deleted]
* fsav530stbyb.exe debugger. [IFEO Debugger Deleted]
* fsav530wtbyb.exe debugger. [IFEO Debugger Deleted]
* fsav95.exe debugger. [IFEO Debugger Deleted]
* fsgk32.exe debugger. [IFEO Debugger Deleted]
* fsm32.exe debugger. [IFEO Debugger Deleted]
* fsma32.exe debugger. [IFEO Debugger Deleted]
* fsmb32.exe debugger. [IFEO Debugger Deleted]
* f-stopw.exe debugger. [IFEO Debugger Deleted]
* gator.exe debugger. [IFEO Debugger Deleted]
* gav.exe debugger. [IFEO Debugger Deleted]
* gbmenu.exe debugger. [IFEO Debugger Deleted]
* gbn976rl.exe debugger. [IFEO Debugger Deleted]
* gbpoll.exe debugger. [IFEO Debugger Deleted]
* generics.exe debugger. [IFEO Debugger Deleted]
* gmt.exe debugger. [IFEO Debugger Deleted]
* guard.exe debugger. [IFEO Debugger Deleted]
* guarddog.exe debugger. [IFEO Debugger Deleted]
* guardgui.exe debugger. [IFEO Debugger Deleted]
* guardxkickoff.exe debugger. [IFEO Debugger Deleted]
* hacktracersetup.exe debugger. [IFEO Debugger Deleted]
* hbinst.exe debugger. [IFEO Debugger Deleted]
* hbsrv.exe debugger. [IFEO Debugger Deleted]
* History.exe debugger. [IFEO Debugger Deleted]
* homeav2010.exe debugger. [IFEO Debugger Deleted]
* hotactio.exe debugger. [IFEO Debugger Deleted]
* hotpatch.exe debugger. [IFEO Debugger Deleted]
* htlog.exe debugger. [IFEO Debugger Deleted]
* htpatch.exe debugger. [IFEO Debugger Deleted]
* hwpe.exe debugger. [IFEO Debugger Deleted]
* hxdl.exe debugger. [IFEO Debugger Deleted]
* hxiul.exe debugger. [IFEO Debugger Deleted]
* iamapp.exe debugger. [IFEO Debugger Deleted]
* iamserv.exe debugger. [IFEO Debugger Deleted]
* iamstats.exe debugger. [IFEO Debugger Deleted]
* ibmasn.exe debugger. [IFEO Debugger Deleted]
* ibmavsp.exe debugger. [IFEO Debugger Deleted]
* icload95.exe debugger. [IFEO Debugger Deleted]
* icloadnt.exe debugger. [IFEO Debugger Deleted]
* icmon.exe debugger. [IFEO Debugger Deleted]
* icsupp95.exe debugger. [IFEO Debugger Deleted]
* icsuppnt.exe debugger. [IFEO Debugger Deleted]
* Identity.exe debugger. [IFEO Debugger Deleted]
* idle.exe debugger. [IFEO Debugger Deleted]
* iedll.exe debugger. [IFEO Debugger Deleted]
* iedriver.exe debugger. [IFEO Debugger Deleted]
* IEShow.exe debugger. [IFEO Debugger Deleted]
* iface.exe debugger. [IFEO Debugger Deleted]
* ifw2000.exe debugger. [IFEO Debugger Deleted]
* inetlnfo.exe debugger. [IFEO Debugger Deleted]
* infus.exe debugger. [IFEO Debugger Deleted]
* infwin.exe debugger. [IFEO Debugger Deleted]
* init.exe debugger. [IFEO Debugger Deleted]
* init32.exe debugger. [IFEO Debugger Deleted]
* install[1].exe debugger. [IFEO Debugger Deleted]
* install[2].exe debugger. [IFEO Debugger Deleted]
* install[3].exe debugger. [IFEO Debugger Deleted]
* install[4].exe debugger. [IFEO Debugger Deleted]
* install[5].exe debugger. [IFEO Debugger Deleted]
* intdel.exe debugger. [IFEO Debugger Deleted]
* intren.exe debugger. [IFEO Debugger Deleted]
* iomon98.exe debugger. [IFEO Debugger Deleted]
* istsvc.exe debugger. [IFEO Debugger Deleted]
* jammer.exe debugger. [IFEO Debugger Deleted]
* jdbgmrg.exe debugger. [IFEO Debugger Deleted]
* jedi.exe debugger. [IFEO Debugger Deleted]
* JsRcGen.exe debugger. [IFEO Debugger Deleted]
* kavlite40eng.exe debugger. [IFEO Debugger Deleted]
* kavpers40eng.exe debugger. [IFEO Debugger Deleted]
* kavpf.exe debugger. [IFEO Debugger Deleted]
* kazza.exe debugger. [IFEO Debugger Deleted]
* keenvalue.exe debugger. [IFEO Debugger Deleted]
* kerio-pf-213-en-win.exe debugger. [IFEO Debugger Deleted]
* kerio-wrl-421-en-win.exe debugger. [IFEO Debugger Deleted]
* kerio-wrp-421-en-win.exe debugger. [IFEO Debugger Deleted]
* killprocesssetup161.exe debugger. [IFEO Debugger Deleted]
* ldnetmon.exe debugger. [IFEO Debugger Deleted]
* ldpro.exe debugger. [IFEO Debugger Deleted]
* ldpromenu.exe debugger. [IFEO Debugger Deleted]
* ldscan.exe debugger. [IFEO Debugger Deleted]
* licmgr.exe debugger. [IFEO Debugger Deleted]
* lnetinfo.exe debugger. [IFEO Debugger Deleted]
* loader.exe debugger. [IFEO Debugger Deleted]
* localnet.exe debugger. [IFEO Debugger Deleted]
* lockdown.exe debugger. [IFEO Debugger Deleted]
* lockdown2000.exe debugger. [IFEO Debugger Deleted]
* lookout.exe debugger. [IFEO Debugger Deleted]
* lordpe.exe debugger. [IFEO Debugger Deleted]
* lsetup.exe debugger. [IFEO Debugger Deleted]
* luall.exe debugger. [IFEO Debugger Deleted]
* luau.exe debugger. [IFEO Debugger Deleted]
* lucomserver.exe debugger. [IFEO Debugger Deleted]
* luinit.exe debugger. [IFEO Debugger Deleted]
* luspt.exe debugger. [IFEO Debugger Deleted]
* MalwareRemoval.exe debugger. [IFEO Debugger Deleted]
* mapisvc32.exe debugger. [IFEO Debugger Deleted]
* mbam.exe debugger. [IFEO Debugger Deleted]
* mbamgui.exe debugger. [IFEO Debugger Deleted]
* mbamservice.exe debugger. [IFEO Debugger Deleted]
* mcagent.exe debugger. [IFEO Debugger Deleted]
* mcmnhdlr.exe debugger. [IFEO Debugger Deleted]
* mcmpeng.exe debugger. [IFEO Debugger Deleted]
* mcmscsvc.exe debugger. [IFEO Debugger Deleted]
* mcnasvc.exe debugger. [IFEO Debugger Deleted]
* mcproxy.exe debugger. [IFEO Debugger Deleted]
* McSACore.exe debugger. [IFEO Debugger Deleted]
* mcshell.exe debugger. [IFEO Debugger Deleted]
* mcshield.exe debugger. [IFEO Debugger Deleted]
* mcsysmon.exe debugger. [IFEO Debugger Deleted]
* mctool.exe debugger. [IFEO Debugger Deleted]
* mcupdate.exe debugger. [IFEO Debugger Deleted]
* mcvsrte.exe debugger. [IFEO Debugger Deleted]
* mcvsshld.exe debugger. [IFEO Debugger Deleted]
* md.exe debugger. [IFEO Debugger Deleted]
* mfin32.exe debugger. [IFEO Debugger Deleted]
* mfw2en.exe debugger. [IFEO Debugger Deleted]
* mfweng3.02d30.exe debugger. [IFEO Debugger Deleted]
* mgavrtcl.exe debugger. [IFEO Debugger Deleted]
* mgavrte.exe debugger. [IFEO Debugger Deleted]
* mghtml.exe debugger. [IFEO Debugger Deleted]
* mgui.exe debugger. [IFEO Debugger Deleted]
* minilog.exe debugger. [IFEO Debugger Deleted]
* mmod.exe debugger. [IFEO Debugger Deleted]
* monitor.exe debugger. [IFEO Debugger Deleted]
* moolive.exe debugger. [IFEO Debugger Deleted]
* mostat.exe debugger. [IFEO Debugger Deleted]
* mpfagent.exe debugger. [IFEO Debugger Deleted]
* mpfservice.exe debugger. [IFEO Debugger Deleted]
* MPFSrv.exe debugger. [IFEO Debugger Deleted]
* mpftray.exe debugger. [IFEO Debugger Deleted]
* mrflux.exe debugger. [IFEO Debugger Deleted]
* mrt.exe debugger. [IFEO Debugger Deleted]
* msa.exe debugger. [IFEO Debugger Deleted]
* msapp.exe debugger. [IFEO Debugger Deleted]
* MSASCui.exe debugger. [IFEO Debugger Deleted]
* msbb.exe debugger. [IFEO Debugger Deleted]
* msblast.exe debugger. [IFEO Debugger Deleted]
* mscache.exe debugger. [IFEO Debugger Deleted]
* msccn32.exe debugger. [IFEO Debugger Deleted]
* mscman.exe debugger. [IFEO Debugger Deleted]
* msconfig debugger. [IFEO Debugger Deleted]
* msdm.exe debugger. [IFEO Debugger Deleted]
* msdos.exe debugger. [IFEO Debugger Deleted]
* msiexec16.exe debugger. [IFEO Debugger Deleted]
* mslaugh.exe debugger. [IFEO Debugger Deleted]
* msmgt.exe debugger. [IFEO Debugger Deleted]
* msmsgri32.exe debugger. [IFEO Debugger Deleted]
* msseces.exe debugger. [IFEO Debugger Deleted]
* mssmmc32.exe debugger. [IFEO Debugger Deleted]
* mssys.exe debugger. [IFEO Debugger Deleted]
* msvxd.exe debugger. [IFEO Debugger Deleted]
* mu0311ad.exe debugger. [IFEO Debugger Deleted]
* mwatch.exe debugger. [IFEO Debugger Deleted]
* n32scanw.exe debugger. [IFEO Debugger Deleted]
* nav.exe debugger. [IFEO Debugger Deleted]
* navap.navapsvc.exe debugger. [IFEO Debugger Deleted]
* navapsvc.exe debugger. [IFEO Debugger Deleted]
* navapw32.exe debugger. [IFEO Debugger Deleted]
* navdx.exe debugger. [IFEO Debugger Deleted]
* navlu32.exe debugger. [IFEO Debugger Deleted]
* navnt.exe debugger. [IFEO Debugger Deleted]
* navstub.exe debugger. [IFEO Debugger Deleted]
* navw32.exe debugger. [IFEO Debugger Deleted]
* navwnt.exe debugger. [IFEO Debugger Deleted]
* nc2000.exe debugger. [IFEO Debugger Deleted]
* ncinst4.exe debugger. [IFEO Debugger Deleted]
* ndd32.exe debugger. [IFEO Debugger Deleted]
* neomonitor.exe debugger. [IFEO Debugger Deleted]
* neowatchlog.exe debugger. [IFEO Debugger Deleted]
* netarmor.exe debugger. [IFEO Debugger Deleted]
* netd32.exe debugger. [IFEO Debugger Deleted]
* netinfo.exe debugger. [IFEO Debugger Deleted]
* netmon.exe debugger. [IFEO Debugger Deleted]
* netscanpro.exe debugger. [IFEO Debugger Deleted]
* netspyhunter-1.2.exe debugger. [IFEO Debugger Deleted]
* netutils.exe debugger. [IFEO Debugger Deleted]
* nisserv.exe debugger. [IFEO Debugger Deleted]
* nisum.exe debugger. [IFEO Debugger Deleted]
* nmain.exe debugger. [IFEO Debugger Deleted]
* nod32.exe debugger. [IFEO Debugger Deleted]
* normist.exe debugger. [IFEO Debugger Deleted]
* norton_internet_secu_3.0_407.exe debugger. [IFEO Debugger Deleted]
* notstart.exe debugger. [IFEO Debugger Deleted]
* npf40_tw_98_nt_me_2k.exe debugger. [IFEO Debugger Deleted]
* npfmessenger.exe debugger. [IFEO Debugger Deleted]
* nprotect.exe debugger. [IFEO Debugger Deleted]
* npscheck.exe debugger. [IFEO Debugger Deleted]
* npssvc.exe debugger. [IFEO Debugger Deleted]
* nsched32.exe debugger. [IFEO Debugger Deleted]
* nssys32.exe debugger. [IFEO Debugger Deleted]
* nstask32.exe debugger. [IFEO Debugger Deleted]
* nsupdate.exe debugger. [IFEO Debugger Deleted]
* nt.exe debugger. [IFEO Debugger Deleted]
* ntrtscan.exe debugger. [IFEO Debugger Deleted]
* ntvdm.exe debugger. [IFEO Debugger Deleted]
* ntxconfig.exe debugger. [IFEO Debugger Deleted]
* nui.exe debugger. [IFEO Debugger Deleted]
* nupgrade.exe debugger. [IFEO Debugger Deleted]
* nvarch16.exe debugger. [IFEO Debugger Deleted]
* nvc95.exe debugger. [IFEO Debugger Deleted]
* nvsvc32.exe debugger. [IFEO Debugger Deleted]
* nwinst4.exe debugger. [IFEO Debugger Deleted]
* nwservice.exe debugger. [IFEO Debugger Deleted]
* nwtool16.exe debugger. [IFEO Debugger Deleted]
* OAcat.exe debugger. [IFEO Debugger Deleted]
* OAhlp.exe debugger. [IFEO Debugger Deleted]
* OAReg.exe debugger. [IFEO Debugger Deleted]
* oasrv.exe debugger. [IFEO Debugger Deleted]
* oaui.exe debugger. [IFEO Debugger Deleted]
* oaview.exe debugger. [IFEO Debugger Deleted]
* ODSW.exe debugger. [IFEO Debugger Deleted]
* ollydbg.exe debugger. [IFEO Debugger Deleted]
* onsrvr.exe debugger. [IFEO Debugger Deleted]
* optimize.exe debugger. [IFEO Debugger Deleted]
* ostronet.exe debugger. [IFEO Debugger Deleted]
* otfix.exe debugger. [IFEO Debugger Deleted]
* outpost.exe debugger. [IFEO Debugger Deleted]
* outpostinstall.exe debugger. [IFEO Debugger Deleted]
* outpostproinstall.exe debugger. [IFEO Debugger Deleted]
* ozn695m5.exe debugger. [IFEO Debugger Deleted]
* padmin.exe debugger. [IFEO Debugger Deleted]
* panixk.exe debugger. [IFEO Debugger Deleted]
* patch.exe debugger. [IFEO Debugger Deleted]
* pav.exe debugger. [IFEO Debugger Deleted]
* pavcl.exe debugger. [IFEO Debugger Deleted]
* PavFnSvr.exe debugger. [IFEO Debugger Deleted]
* pavproxy.exe debugger. [IFEO Debugger Deleted]
* pavprsrv.exe debugger. [IFEO Debugger Deleted]
* pavsched.exe debugger. [IFEO Debugger Deleted]
* pavsrv51.exe debugger. [IFEO Debugger Deleted]
* pavw.exe debugger. [IFEO Debugger Deleted]
* pc.exe debugger. [IFEO Debugger Deleted]
* PC_Antispyware2010.exe debugger. [IFEO Debugger Deleted]
* pccwin98.exe debugger. [IFEO Debugger Deleted]
* pcfwallicon.exe debugger. [IFEO Debugger Deleted]
* pcip10117_0.exe debugger. [IFEO Debugger Deleted]
* pcscan.exe debugger. [IFEO Debugger Deleted]
* pctsAuxs.exe debugger. [IFEO Debugger Deleted]
* pctsGui.exe debugger. [IFEO Debugger Deleted]
* pctsSvc.exe debugger. [IFEO Debugger Deleted]
* pctsTray.exe debugger. [IFEO Debugger Deleted]
* pdfndr.exe debugger. [IFEO Debugger Deleted]
* pdsetup.exe debugger. [IFEO Debugger Deleted]
* PerAvir.exe debugger. [IFEO Debugger Deleted]
* periscope.exe debugger. [IFEO Debugger Deleted]
* persfw.exe debugger. [IFEO Debugger Deleted]
* personalguard debugger. [IFEO Debugger Deleted]
* personalguard.exe debugger. [IFEO Debugger Deleted]
* perswf.exe debugger. [IFEO Debugger Deleted]
* pf2.exe debugger. [IFEO Debugger Deleted]
* pfwadmin.exe debugger. [IFEO Debugger Deleted]
* pgmonitr.exe debugger. [IFEO Debugger Deleted]
* pingscan.exe debugger. [IFEO Debugger Deleted]
* platin.exe debugger. [IFEO Debugger Deleted]
* pop3trap.exe debugger. [IFEO Debugger Deleted]
* poproxy.exe debugger. [IFEO Debugger Deleted]
* popscan.exe debugger. [IFEO Debugger Deleted]
* portdetective.exe debugger. [IFEO Debugger Deleted]
* portmonitor.exe debugger. [IFEO Debugger Deleted]
* powerscan.exe debugger. [IFEO Debugger Deleted]
* ppinupdt.exe debugger. [IFEO Debugger Deleted]
* pptbc.exe debugger. [IFEO Debugger Deleted]
* ppvstop.exe debugger. [IFEO Debugger Deleted]
* prizesurfer.exe debugger. [IFEO Debugger Deleted]
* prmt.exe debugger. [IFEO Debugger Deleted]
* prmvr.exe debugger. [IFEO Debugger Deleted]
* procdump.exe debugger. [IFEO Debugger Deleted]
* processmonitor.exe debugger. [IFEO Debugger Deleted]
* procexplorerv1.0.exe debugger. [IFEO Debugger Deleted]
* programauditor.exe debugger. [IFEO Debugger Deleted]
* proport.exe debugger. [IFEO Debugger Deleted]
* protector.exe debugger. [IFEO Debugger Deleted]
* protectx.exe debugger. [IFEO Debugger Deleted]
* PSANCU.exe debugger. [IFEO Debugger Deleted]
* PSANHost.exe debugger. [IFEO Debugger Deleted]
* PSANToManager.exe debugger. [IFEO Debugger Deleted]
* PsCtrls.exe debugger. [IFEO Debugger Deleted]
* PsImSvc.exe debugger. [IFEO Debugger Deleted]
* PskSvc.exe debugger. [IFEO Debugger Deleted]
* pspf.exe debugger. [IFEO Debugger Deleted]
* PSUNMain.exe debugger. [IFEO Debugger Deleted]
* purge.exe debugger. [IFEO Debugger Deleted]
* qconsole.exe debugger. [IFEO Debugger Deleted]
* qh.exe debugger. [IFEO Debugger Deleted]
* qserver.exe debugger. [IFEO Debugger Deleted]
* Quick Heal.exe debugger. [IFEO Debugger Deleted]
* QuickHealCleaner.exe debugger. [IFEO Debugger Deleted]
* rapapp.exe debugger. [IFEO Debugger Deleted]
* rav7.exe debugger. [IFEO Debugger Deleted]
* rav7win.exe debugger. [IFEO Debugger Deleted]
* rav8win32eng.exe debugger. [IFEO Debugger Deleted]
* ray.exe debugger. [IFEO Debugger Deleted]
* rb32.exe debugger. [IFEO Debugger Deleted]
* rcsync.exe debugger. [IFEO Debugger Deleted]
* realmon.exe debugger. [IFEO Debugger Deleted]
* reged.exe debugger. [IFEO Debugger Deleted]
* regedt32.exe debugger. [IFEO Debugger Deleted]
* rescue.exe debugger. [IFEO Debugger Deleted]
* rescue32.exe debugger. [IFEO Debugger Deleted]
* rrguard.exe debugger. [IFEO Debugger Deleted]
* rscdwld.exe debugger. [IFEO Debugger Deleted]
* rshell.exe debugger. [IFEO Debugger Deleted]
* rtvscan.exe debugger. [IFEO Debugger Deleted]
* rtvscn95.exe debugger. [IFEO Debugger Deleted]
* rulaunch.exe debugger. [IFEO Debugger Deleted]
* rwg debugger. [IFEO Debugger Deleted]
* rwg.exe debugger. [IFEO Debugger Deleted]
* SafetyKeeper.exe debugger. [IFEO Debugger Deleted]
* safeweb.exe debugger. [IFEO Debugger Deleted]
* sahagent.exe debugger. [IFEO Debugger Deleted]
* Save.exe debugger. [IFEO Debugger Deleted]
* SaveArmor.exe debugger. [IFEO Debugger Deleted]
* SaveDefense.exe debugger. [IFEO Debugger Deleted]
* SaveKeep.exe debugger. [IFEO Debugger Deleted]
* savenow.exe debugger. [IFEO Debugger Deleted]
* sbserv.exe debugger. [IFEO Debugger Deleted]
* sc.exe debugger. [IFEO Debugger Deleted]
* scam32.exe debugger. [IFEO Debugger Deleted]
* scan32.exe debugger. [IFEO Debugger Deleted]
* scan95.exe debugger. [IFEO Debugger Deleted]
* scanpm.exe debugger. [IFEO Debugger Deleted]
* scrscan.exe debugger. [IFEO Debugger Deleted]
* Secure Veteran.exe debugger. [IFEO Debugger Deleted]
* secureveteran.exe debugger. [IFEO Debugger Deleted]
* Security Center.exe debugger. [IFEO Debugger Deleted]
* SecurityFighter.exe debugger. [IFEO Debugger Deleted]
* securitysoldier.exe debugger. [IFEO Debugger Deleted]
* serv95.exe debugger. [IFEO Debugger Deleted]
* setloadorder.exe debugger. [IFEO Debugger Deleted]
* setup_flowprotector_us.exe debugger. [IFEO Debugger Deleted]
* setupvameeval.exe debugger. [IFEO Debugger Deleted]
* sgssfw32.exe debugger. [IFEO Debugger Deleted]
* sh.exe debugger. [IFEO Debugger Deleted]
* shellspyinstall.exe debugger. [IFEO Debugger Deleted]
* shield.exe debugger. [IFEO Debugger Deleted]
* shn.exe debugger. [IFEO Debugger Deleted]
* showbehind.exe debugger. [IFEO Debugger Deleted]
* signcheck.exe debugger. [IFEO Debugger Deleted]
* smart.exe debugger. [IFEO Debugger Deleted]
* smartprotector.exe debugger. [IFEO Debugger Deleted]
* smc.exe debugger. [IFEO Debugger Deleted]
* smrtdefp.exe debugger. [IFEO Debugger Deleted]
* sms.exe debugger. [IFEO Debugger Deleted]
* smss32.exe debugger. [IFEO Debugger Deleted]
* snetcfg.exe debugger. [IFEO Debugger Deleted]
* soap.exe debugger. [IFEO Debugger Deleted]
* sofi.exe debugger. [IFEO Debugger Deleted]
* SoftSafeness.exe debugger. [IFEO Debugger Deleted]
* sperm.exe debugger. [IFEO Debugger Deleted]
* spf.exe debugger. [IFEO Debugger Deleted]
* sphinx.exe debugger. [IFEO Debugger Deleted]
* spoler.exe debugger. [IFEO Debugger Deleted]
* spoolcv.exe debugger. [IFEO Debugger Deleted]
* spoolsv32.exe debugger. [IFEO Debugger Deleted]
* spywarexpguard.exe debugger. [IFEO Debugger Deleted]
* spyxx.exe debugger. [IFEO Debugger Deleted]
* srexe.exe debugger. [IFEO Debugger Deleted]
* srng.exe debugger. [IFEO Debugger Deleted]
* ss3edit.exe debugger. [IFEO Debugger Deleted]
* ssg_4104.exe debugger. [IFEO Debugger Deleted]
* ssgrate.exe debugger. [IFEO Debugger Deleted]
* st2.exe debugger. [IFEO Debugger Deleted]
* start.exe debugger. [IFEO Debugger Deleted]
* stcloader.exe debugger. [IFEO Debugger Deleted]
* supftrl.exe debugger. [IFEO Debugger Deleted]
* support.exe debugger. [IFEO Debugger Deleted]
* supporter5.exe debugger. [IFEO Debugger Deleted]
* svc.exe debugger. [IFEO Debugger Deleted]
* svchostc.exe debugger. [IFEO Debugger Deleted]
* svchosts.exe debugger. [IFEO Debugger Deleted]
* svshost.exe debugger. [IFEO Debugger Deleted]
* sweep95.exe debugger. [IFEO Debugger Deleted]
* sweepnet.sweepsrv.sys.swnetsup.exe debugger. [IFEO Debugger Deleted]
* symlcsvc.exe debugger. [IFEO Debugger Deleted]
* symproxysvc.exe debugger. [IFEO Debugger Deleted]
* symtray.exe debugger. [IFEO Debugger Deleted]
* system.exe debugger. [IFEO Debugger Deleted]
* system32.exe debugger. [IFEO Debugger Deleted]
* sysupd.exe debugger. [IFEO Debugger Deleted]
* tapinstall.exe debugger. [IFEO Debugger Deleted]
* taumon.exe debugger. [IFEO Debugger Deleted]
* tbscan.exe debugger. [IFEO Debugger Deleted]
* tc.exe debugger. [IFEO Debugger Deleted]
* tca.exe debugger. [IFEO Debugger Deleted]
* tcm.exe debugger. [IFEO Debugger Deleted]
* tds2-98.exe debugger. [IFEO Debugger Deleted]
* tds2-nt.exe debugger. [IFEO Debugger Deleted]
* tds-3.exe debugger. [IFEO Debugger Deleted]
* teekids.exe debugger. [IFEO Debugger Deleted]
* tfak.exe debugger. [IFEO Debugger Deleted]
* tfak5.exe debugger. [IFEO Debugger Deleted]
* tgbob.exe debugger. [IFEO Debugger Deleted]
* titanin.exe debugger. [IFEO Debugger Deleted]
* titaninxp.exe debugger. [IFEO Debugger Deleted]
* TPSrv.exe debugger. [IFEO Debugger Deleted]
* trickler.exe debugger. [IFEO Debugger Deleted]
* trjscan.exe debugger. [IFEO Debugger Deleted]
* trjsetup.exe debugger. [IFEO Debugger Deleted]
* trojantrap3.exe debugger. [IFEO Debugger Deleted]
* TrustWarrior.exe debugger. [IFEO Debugger Deleted]
* tsadbot.exe debugger. [IFEO Debugger Deleted]
* tsc.exe debugger. [IFEO Debugger Deleted]
* tvmd.exe debugger. [IFEO Debugger Deleted]
* tvtmd.exe debugger. [IFEO Debugger Deleted]
* undoboot.exe debugger. [IFEO Debugger Deleted]
* updat.exe debugger. [IFEO Debugger Deleted]
* upgrad.exe debugger. [IFEO Debugger Deleted]
* utpost.exe debugger. [IFEO Debugger Deleted]
* vbcmserv.exe debugger. [IFEO Debugger Deleted]
* vbcons.exe debugger. [IFEO Debugger Deleted]
* vbust.exe debugger. [IFEO Debugger Deleted]
* vbwin9x.exe debugger. [IFEO Debugger Deleted]
* vbwinntw.exe debugger. [IFEO Debugger Deleted]
* vcsetup.exe debugger. [IFEO Debugger Deleted]
* vet32.exe debugger. [IFEO Debugger Deleted]
* vet95.exe debugger. [IFEO Debugger Deleted]
* vettray.exe debugger. [IFEO Debugger Deleted]
* vfsetup.exe debugger. [IFEO Debugger Deleted]
* vir-help.exe debugger. [IFEO Debugger Deleted]
* virusmdpersonalfirewall.exe debugger. [IFEO Debugger Deleted]
* virusutilities.exe debugger. [IFEO Debugger Deleted]
* VisthAux.exe debugger. [IFEO Debugger Deleted]
* VisthLic.exe debugger. [IFEO Debugger Deleted]
* VisthUpd.exe debugger. [IFEO Debugger Deleted]
* vnlan300.exe debugger. [IFEO Debugger Deleted]
* vnpc3000.exe debugger. [IFEO Debugger Deleted]
* vpc32.exe debugger. [IFEO Debugger Deleted]
* vpc42.exe debugger. [IFEO Debugger Deleted]
* vpfw30s.exe debugger. [IFEO Debugger Deleted]
* vptray.exe debugger. [IFEO Debugger Deleted]
* vscan40.exe debugger. [IFEO Debugger Deleted]
* vscenu6.02d30.exe debugger. [IFEO Debugger Deleted]
* vsched.exe debugger. [IFEO Debugger Deleted]
* vsecomr.exe debugger. [IFEO Debugger Deleted]
* vshwin32.exe debugger. [IFEO Debugger Deleted]
* vsisetup.exe debugger. [IFEO Debugger Deleted]
* vsmain.exe debugger. [IFEO Debugger Deleted]
* vsmon.exe debugger. [IFEO Debugger Deleted]
* vsstat.exe debugger. [IFEO Debugger Deleted]
* vswin9xe.exe debugger. [IFEO Debugger Deleted]
* vswinntse.exe debugger. [IFEO Debugger Deleted]
* vswinperse.exe debugger. [IFEO Debugger Deleted]
* w32dsm89.exe debugger. [IFEO Debugger Deleted]
* W3asbas.exe debugger. [IFEO Debugger Deleted]
* w9x.exe debugger. [IFEO Debugger Deleted]
* watchdog.exe debugger. [IFEO Debugger Deleted]
* webdav.exe debugger. [IFEO Debugger Deleted]
* WebProxy.exe debugger. [IFEO Debugger Deleted]
* webscanx.exe debugger. [IFEO Debugger Deleted]
* webtrap.exe debugger. [IFEO Debugger Deleted]
* wfindv32.exe debugger. [IFEO Debugger Deleted]
* whoswatchingme.exe debugger. [IFEO Debugger Deleted]
* wimmun32.exe debugger. [IFEO Debugger Deleted]
* win32.exe debugger. [IFEO Debugger Deleted]
* win32us.exe debugger. [IFEO Debugger Deleted]
* winactive.exe debugger. [IFEO Debugger Deleted]
* winav.exe debugger. [IFEO Debugger Deleted]
* win-bugsfix.exe debugger. [IFEO Debugger Deleted]
* windll32.exe debugger. [IFEO Debugger Deleted]
* window.exe debugger. [IFEO Debugger Deleted]
* windows Police Pro.exe debugger. [IFEO Debugger Deleted]
* windows.exe debugger. [IFEO Debugger Deleted]
* wininetd.exe debugger. [IFEO Debugger Deleted]
* wininitx.exe debugger. [IFEO Debugger Deleted]
* winlogin.exe debugger. [IFEO Debugger Deleted]
* winmain.exe debugger. [IFEO Debugger Deleted]
* winppr32.exe debugger. [IFEO Debugger Deleted]
* winrecon.exe debugger. [IFEO Debugger Deleted]
* winservn.exe debugger. [IFEO Debugger Deleted]
* winssk32.exe debugger. [IFEO Debugger Deleted]
* winstart.exe debugger. [IFEO Debugger Deleted]
* winstart001.exe debugger. [IFEO Debugger Deleted]
* wintsk32.exe debugger. [IFEO Debugger Deleted]
* winupdate.exe debugger. [IFEO Debugger Deleted]
* wkufind.exe debugger. [IFEO Debugger Deleted]
* wnad.exe debugger. [IFEO Debugger Deleted]
* wnt.exe debugger. [IFEO Debugger Deleted]
* wradmin.exe debugger. [IFEO Debugger Deleted]
* wrctrl.exe debugger. [IFEO Debugger Deleted]
* wsbgate.exe debugger. [IFEO Debugger Deleted]
* wscfxas.exe debugger. [IFEO Debugger Deleted]
* wscfxav.exe debugger. [IFEO Debugger Deleted]
* wscfxfw.exe debugger. [IFEO Debugger Deleted]
* wsctool.exe debugger. [IFEO Debugger Deleted]
* wupdater.exe debugger. [IFEO Debugger Deleted]
* wupdt.exe debugger. [IFEO Debugger Deleted]
* wyvernworksfirewall.exe debugger. [IFEO Debugger Deleted]
* xp_antispyware.exe debugger. [IFEO Debugger Deleted]
* xpdeluxe.exe debugger. [IFEO Debugger Deleted]
* xpf202en.exe debugger. [IFEO Debugger Deleted]
* zapro.exe debugger. [IFEO Debugger Deleted]
* zapsetup3001.exe debugger. [IFEO Debugger Deleted]
* zatutor.exe debugger. [IFEO Debugger Deleted]
* zonalm2601.exe debugger. [IFEO Debugger Deleted]
* zonealarm.exe debugger. [IFEO Debugger Deleted]
Backup Registry file created at:
C:\Users\beau \Desktop\rkill\rkill-01-02-2013-06-45-10.reg
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* Windows Defender Disabled
[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
Checking Windows Service Integrity:
* Windows Defender (WinDefend) is not Running.
Startup Type set to: Disabled
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 01/02/2013 06:45:22 PM
Execution time: 0 hours(s), 0 minute(s), and 20 seconds(s)
 

Enegue

Thread Starter
Joined
Dec 31, 2012
Messages
14
Mark,
Strange??????
After running the scans I can now open McAfee!
I've done nothing and will do nothing untill I hear from you.
McAfee is requesting I update it's files.
Gene
 
Joined
May 7, 2011
Messages
14,142
Not strange, that was expected. If you look at the list of what Rkill deleted you may recognize some of the names as Anti Virus programs. The infection created those entries to block as many security programs from running as it possibly could, that is why RKill was required. As long as you do not reboot, those entries will remain deleted.

If you have rebooted the system please run Rkill again, no need to post the log, then run Mbar again, as follows, and post both the logs:

I am in Spain which is GMT+1.


1. Download Malwarebytes Anti-Rootkit from this link Mbar
2. Unzip the File to a convenient location. (Recommend the Desktop)
3. Open the folder where the contents were unzipped to run mbar.exe



4. Double-click on the mbar.exe file, you may receive a User Account Control prompt asking if you are sure you wish to allow the program to run. Please allow the program to run and MBAR will now start to install any necessary drivers that are required for the program to operate correctly. If a rootkit is interfering with the installation of the drivers you will see a message that states that the DDA driver was not installed and that you should reboot your computer to install it. You will see this image:



5. If you receive this message, please click on the Yes button and Malwarebytes Anti-Rootkit will now restart your computer. Once the computer is rebooted and you login, MBAR will automatically start and you will now be at the start screen. (If no Rootkit warning you will go from step 4 to 6.)

6. The following image opens, select Next.



7. The following image opens, select Update



8. When the update completes select Next.



9. In the following window ensure "Targets" are ticked. Then select "Scan"



10. If an infection is found select the "Cleanup Button" to remove threats, Reboot if prompted. Wait while the system shuts down and the cleanup process is performed.



11. Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click "Cleanup Button" once more and repeat the process.
12. If no threats were found you will see the following image, Select Exit:



13. Verify that your system is now running normally, making sure that the following items are functional:

  • Internet access
  • Windows Update
  • Windows Firewall

14. If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included within Malwarebytes Anti-Rootkit folder.



15. The following Window will open, Select "Y" from your Keyboard, tap Enter.



16. The fix will be applied, select any key to Exit.



15. Let me know how your system now responds. Copy and paste the two following logs from the mbar folder:

System - log
Mbar - log Date and time of scan will also be shown

 

Enegue

Thread Starter
Joined
Dec 31, 2012
Messages
14
Looks like all is well.Was able to update McAfee and their firewall seems be in place,not Windows firewall.
Mbar reported no more problems.
Logs are herewith. I leave it to your judgement IF we are done. If so please mark this as completed and put a BIG red feather in your hat! ( Or whatever color you like.)
Thanks so much for your help!

Malwarebytes Anti-Rootkit 1.01.0.1011
www.malwarebytes.org
Database version: v2013.01.03.07
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
beau :: BEAU-PC [administrator]
1/3/2013 5:15:20 PM
mbar-log-2013-01-03 (17-15-20).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 28286
Time elapsed: 16 minute(s), 14 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1011
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_14
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.094000 GHz
Memory total: 3082801152, free: 2047860736
------------ Kernel report ------------
01/02/2013 18:48:26
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\TVALZ_O.SYS
\SystemRoot\system32\DRIVERS\tos_sps32.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\McPvDrv.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\TVALZFL.sys
\SystemRoot\system32\DRIVERS\FwLnk.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\rtl8192se.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\tdcmdpst.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\System32\Drivers\RootMdm.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\RimSerial.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\point32.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\pgeffect.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\cfwids.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\gdi32.dll
\Windows\System32\advapi32.dll
\Windows\System32\ole32.dll
\Windows\System32\imm32.dll
\Windows\System32\wininet.dll
\Windows\System32\user32.dll
\Windows\System32\lpk.dll
\Windows\System32\shlwapi.dll
\Windows\System32\imagehlp.dll
\Windows\System32\Wldap32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\difxapi.dll
\Windows\System32\sechost.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\usp10.dll
\Windows\System32\shell32.dll
\Windows\System32\urlmon.dll
\Windows\System32\msvcrt.dll
\Windows\System32\normaliz.dll
\Windows\System32\oleaut32.dll
\Windows\System32\iertutil.dll
\Windows\System32\clbcatq.dll
\Windows\System32\setupapi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\kernel32.dll
\Windows\System32\nsi.dll
\Windows\System32\msctf.dll
\Windows\System32\psapi.dll
\Windows\System32\KernelBase.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\wintrust.dll
\Windows\System32\comctl32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\msasn1.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8701c030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff861e8028
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
DriverEntry returned 0x0
Function returned 0x0
Downloaded database version: v2013.01.02.10
Downloaded database version: v2012.12.27.02
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8701c030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8701cd10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8701c030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff861e8028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Upper DeviceData: 0xffffffffc1572b70, 0xffffffff8701c030, 0xffffffff8a248530
Lower DeviceData: 0xffffffffc19911d8, 0xffffffff861e8028, 0xffffffff8a1e63f8
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\windows\system32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1902C2AF
Partition information:
Partition 0 type is Other (0x27)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 3072000
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 3074048 Numsec = 605280256
Partition 2 type is HIDDEN (0x17)
Partition is NOT ACTIVE.
Partition starts at LBA: 608354304 Numsec = 16787456
Partition is not bootable
Hidden partition VBR is not infected.
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 320072933376 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Done!
Performing system, memory and registry scan...
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} --> [PUP.MyWebSearch]
Infected: HKCU\SOFTWARE\avsoft --> [Trojan.Fraudpack]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|DisableRegedit --> [Hijack.Regedit]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|xoxuxkub --> [Trojan.FakeAlert.Gen]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|wokkkjsp --> [Trojan.FakeAlert.Gen]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ifnndpev --> [Trojan.FakeAlert.Gen]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|anrspkym --> [Trojan.FakeAlert.Gen]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|yndhbfyr --> [Trojan.FakeAlert.Gen]
Done!
Scan finished
=======================================

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1011
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_14
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.094000 GHz
Memory total: 3082801152, free: 2282098688
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1011
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_14
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.094000 GHz
Memory total: 3082801152, free: 2329694208
------------ Kernel report ------------
01/03/2013 12:58:22
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\TVALZ_O.SYS
\SystemRoot\system32\DRIVERS\tos_sps32.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\McPvDrv.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\TVALZFL.sys
\SystemRoot\system32\DRIVERS\FwLnk.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\rtl8192se.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\tdcmdpst.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\System32\Drivers\RootMdm.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\RimSerial.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\usbccgp.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\pgeffect.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\point32.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\mfeapfk.sys
\SystemRoot\system32\drivers\mfebopk.sys
\SystemRoot\system32\drivers\cfwids.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\urlmon.dll
\Windows\System32\normaliz.dll
\Windows\System32\kernel32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\nsi.dll
\Windows\System32\msctf.dll
\Windows\System32\usp10.dll
\Windows\System32\ole32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\setupapi.dll
\Windows\System32\shell32.dll
\Windows\System32\iertutil.dll
\Windows\System32\sechost.dll
\Windows\System32\user32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\gdi32.dll
\Windows\System32\imm32.dll
\Windows\System32\wininet.dll
\Windows\System32\Wldap32.dll
\Windows\System32\difxapi.dll
\Windows\System32\psapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\advapi32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\comdlg32.dll
\Windows\System32\lpk.dll
\Windows\System32\oleaut32.dll
\Windows\System32\comctl32.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\crypt32.dll
\Windows\System32\devobj.dll
\Windows\System32\msasn1.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8701c030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff861e8028
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
DriverEntry returned 0x0
Function returned 0x0
Downloaded database version: v2013.01.03.01
Downloaded database version: v2013.01.03.02
Downloaded database version: v2013.01.03.03
Downloaded database version: v2013.01.03.04
Downloaded database version: v2013.01.03.05
Downloaded database version: v2013.01.03.06
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8701c030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8701d830, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8701c030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff861e8028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Upper DeviceData: 0xffffffffb5c72e00, 0xffffffff8701c030, 0xffffffff85deb808
Lower DeviceData: 0xffffffffbb24d630, 0xffffffff861e8028, 0xffffffff85e485f0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\windows\system32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1902C2AF
Partition information:
Partition 0 type is Other (0x27)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 3072000
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 3074048 Numsec = 605280256
Partition 2 type is HIDDEN (0x17)
Partition is NOT ACTIVE.
Partition starts at LBA: 608354304 Numsec = 16787456
Partition is not bootable
Hidden partition VBR is not infected.
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 320072933376 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Done!
Performing system, memory and registry scan...
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} --> [PUP.MyWebSearch]
Infected: HKCU\SOFTWARE\avsoft --> [Trojan.Fraudpack]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM|DisableRegedit --> [Hijack.Regedit]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|xoxuxkub --> [Trojan.FakeAlert.Gen]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|wokkkjsp --> [Trojan.FakeAlert.Gen]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ifnndpev --> [Trojan.FakeAlert.Gen]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|anrspkym --> [Trojan.FakeAlert.Gen]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|yndhbfyr --> [Trojan.FakeAlert.Gen]
Done!
Scan finished
Creating System Restore point...
Scheduling clean up...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1011
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_14
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.094000 GHz
Memory total: 3082801152, free: 2349395968
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1011
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_14
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.094000 GHz
Memory total: 3082801152, free: 2130354176
------------ Kernel report ------------
01/03/2013 16:58:44
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\halmacpi.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\compbatt.sys
\SystemRoot\system32\DRIVERS\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\TVALZ_O.SYS
\SystemRoot\system32\DRIVERS\tos_sps32.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\McPvDrv.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\TVALZFL.sys
\SystemRoot\system32\DRIVERS\FwLnk.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\igdkmd32.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt86win7.sys
\SystemRoot\system32\DRIVERS\rtl8192se.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\drivers\i8042prt.sys
\SystemRoot\system32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\tdcmdpst.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\System32\Drivers\RootMdm.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\RimSerial.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\umbus.sys
\SystemRoot\system32\drivers\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\pgeffect.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\point32.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\Device\mfehidk01.sys
\Device\mfeavfk01.sys
\SystemRoot\system32\drivers\mfeapfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\system32\drivers\cfwids.sys
\??\C:\windows\system32\drivers\mbamchameleon.sys
\??\C:\windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\ws2_32.dll
\Windows\System32\usp10.dll
\Windows\System32\lpk.dll
\Windows\System32\imm32.dll
\Windows\System32\kernel32.dll
\Windows\System32\urlmon.dll
\Windows\System32\imagehlp.dll
\Windows\System32\user32.dll
\Windows\System32\shell32.dll
\Windows\System32\gdi32.dll
\Windows\System32\advapi32.dll
\Windows\System32\setupapi.dll
\Windows\System32\ole32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\difxapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\psapi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\iertutil.dll
\Windows\System32\normaliz.dll
\Windows\System32\msvcrt.dll
\Windows\System32\clbcatq.dll
\Windows\System32\nsi.dll
\Windows\System32\comdlg32.dll
\Windows\System32\msctf.dll
\Windows\System32\wininet.dll
\Windows\System32\sechost.dll
\Windows\System32\devobj.dll
\Windows\System32\wintrust.dll
\Windows\System32\comctl32.dll
\Windows\System32\crypt32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\msasn1.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff87020030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xffffffff861c6028
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
DriverEntry returned 0x0
Function returned 0x0
Downloaded database version: v2013.01.03.07
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff87020030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff87020d10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff87020030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff861c6028, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Upper DeviceData: 0xffffffffb9b04440, 0xffffffff87020030, 0xffffffff87418ac8
Lower DeviceData: 0xffffffffbff46278, 0xffffffff861c6028, 0xffffffff86230048
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\windows\system32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1902C2AF
Partition information:
Partition 0 type is Other (0x27)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 3072000
Partition file system is NTFS
Partition is bootable
Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 3074048 Numsec = 605280256
Partition 2 type is HIDDEN (0x17)
Partition is NOT ACTIVE.
Partition starts at LBA: 608354304 Numsec = 16787456
Partition is not bootable
Hidden partition VBR is not infected.
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 320072933376 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1011
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x86
Account is Administrative
Internet Explorer version: 9.0.8112.16421
Java version: 1.6.0_14
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.094000 GHz
Memory total: 3082801152, free: 2526093312
 
Joined
May 7, 2011
Messages
14,142
It's looking good, but we still have Java to deal with and your use of more than one Anti Virus, but first I'd like you to do one more scan that will do some cleaning up.

Please follow that with the quick scan at the bottom of this post and post the result into your next reply with the Combofix log.

STEP 1
NOTE: If you have already used Combofix please delete the icon from your desktop.

  • Please download DeFogger and save it to your desktop.
  • Once downloaded, double-click on the DeFogger icon to start the tool.
  • The application window will appear.
  • You should now click on the Disable button to disable your CD Emulation drivers.
  • When it prompts you whether or not you want to continue, please click on the Yes button to continue.
  • When the program has completed you will see a Finished! message. Click on the OK button to exit the program.
  • If CD Emulation programs are present and have been disabled, DeFogger will now ask you to reboot the machine. Please allow it to do so by clicking on the OK button.



STEP 2
Please download ComboFix
from one of the locations below and save it to your Desktop. <-Important!!!


Be sure to print out and follow these instructions: A guide and tutorial on using ComboFix

Vista/Windows 7 users can skip the Recovery Console instructions and use the Windows DVD to boot into the Vista Recovery Environment or Windows 7 System Recovery Options if something goes awry. If you do not have a Windows 7 DVD then please create a Windows 7 Repair Disc. XP users need to install the Recovery Console first.

  • Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Click this link to see a list of such programs and how to disable them.
  • If ComboFix detects an older version of itself, you will be asked to update the program.
  • ComboFix will begin by showing a Disclaimer. Read it and click I Agree if you want to continue.
  • Follow the prompts and click on Yes to continue scanning for malware.
  • If using Windows 7 or Vista and you receive a UAC prompt asking if you want to continue running the program, you should press the Continue button.
  • When finished, please copy and paste the contents of C:\ComboFix.txt (which will open after reboot) in your next reply.
  • Be sure to re-enable your anti-virus and other security programs.

-- Do not touch your mouse/keyboard until the ComboFix scan has completed, as this may cause the process to stall or the computer to lock.
-- ComboFix will temporarily disable your desktop, and if interrupted may leave it disabled. If this occurs, please reboot to restore it.
-- ComboFix disables autorun of all CD, floppy and USB devices to assist with malware removal and increase security.


If you no longer have access to your Internet connection after running ComboFix, please reboot to restore it. If that does not restore the connection, then follow the instructions for Manually restoring the Internet connection provided in the "How to Guide" you printed out earlier. Those instructions only apply to XP, for Vista and Windows 7 go here: Internet connection repair

NOTE: if you see a message like this when you attempt to open anything after the reboot "Illegal Operation attempted on a registry key that has been marked for deletion" please reboot the system again and the warning should not return.

Do NOT use ComboFix unless you have been instructed to do so by a Malware Removal Expert. It is a powerful tool intended by its creator to be used under the guidance and supervision of an expert, NOT for general public or personal use. Using this tool incorrectly could lead to serious problems with your operating system such as preventing it from ever starting again. This site, sUBs and myself will not be responsible for any damage caused to your machine by misusing or running ComboFix on your own. Please read ComboFix's Disclaimer.
============================================================

Download Security Check by screen317 from Here or Here.
Save it to your Desktop.
Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please Copy & Paste the contents of that document into your next reply.
 

Enegue

Thread Starter
Joined
Dec 31, 2012
Messages
14
Mark,
Couple of things.
1. Can we start another thread, as the size of this file is slowing down my laptop. I'm now using my PC which as more memory.
2.There is no Norton on the machine, just vestiges of it. When I installed McAfee I used the Norton uninstaller AND McAfee did not detect amything Norton. The only thing "Norton" I find on my machine is an empty folder named Norton in My Favorites.
3.What is it we hope to "fix" with ComboFix?
4.I'll be off line untill ,my time ,the evening of January 7,2013. I'm leaving town 1/4/2013 after work.
Regards
Gene
 
Joined
May 7, 2011
Messages
14,142
1. Can we start another thread, as the size of this file is slowing down my laptop. I'm now using my PC which as more memory.

No need to start another thread and I don't quite understand how the Combofix log could be slowing down you PC. Please copy and Paste the log into your next reply.

2.There is no Norton on the machine, just vestiges of it. When I installed McAfee I used the Norton uninstaller AND McAfee did not detect amything Norton. The only thing "Norton" I find on my machine is an empty folder named Norton in My Favorites.

McAfee would not detect old Norton files. Norton Internet Security is listed in the DDS Attach.txt log under the installed programs list. Remnants should have been removed with the uninstall tool, please run it again.

3.What is it we hope to "fix" with ComboFix?

Combofix should find any remnants of the infection that may still be there and its log may show us any other problems you may not be aware of.

4.I'll be off line untill ,my time ,the evening of January 7,2013. I'm leaving town 1/4/2013 after work.

No problem, please post the Combofix and Security Check logs when ready.
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top