WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93121 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Google Redirect

Started by Kellydawn , Aug 23 2011 01:33 PM

This topic is locked

11 replies to this topic

#1 Kellydawn

New Member

Authentic Member
9 posts

Posted 23 August 2011 - 01:33 PM

Hey so this problem all started when I had a bad virus that completely shut down my computer. I took it in to get fixed since I am not very computer savvy and everything worked well for a couple days. All of a sudden I started getting alerts that trojans where being detected and that avg was unable to get rid of them, they are listed as "Tojan Horse generic23.CFQD" and "Tojan horse PSW.generic8.ASEK". I also cannot search things on google without being constantly redirected. I have ran AVG every day, ran malware bytes and it also does not detect anything on quick or full scans. I am currently running everything up to date and am very frustrated as I do not have the money to take it in again! btw, it is a an HP probook 4720s with windows vista. I only use internet explorer

Advertisements

Register to Remove

#2 mowman

SuperMember

Malware Team
2,669 posts

Posted 23 August 2011 - 02:09 PM

Hello,
Welcome to WhatTheTech. My name is mowman, and I will be helping you fix your problems.

If you do not make a reply in 3 days, we will have to close your topic.

You may want to keep the link to this topic in your favorites. Alternatively, you can click the Options button at the top bar of this topic and Track this topic. The topics you are tracking can be found by clicking on My Topics at the top of any page.

Please take note of some guidelines for this fix:

•Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools. Doing so could cause changes to the directions I have to give you and prolong the time required. Further more, you should not be taking any advice relating to this computer from any other source throughout the course of this fix.
•If you do not understand any step(s) provided, please do not hesitate to ask before continuing. I would much rather clarify instructions or explain them differently than have something important broken.
•Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean". We do not want to clean you part-way, only to have the system re-infect itself.
•Please reply using the button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply.
Only attach them if requested or if they do not fit into the post

Please download TDSSKiller.zip

Extract it to your desktop
Double click TDSSKiller.exe
Press Start Scan
- Only if Malicious objects are found then ensure Cure is selected
  If suspicious objects are found select skip
- Then click Continue > Reboot now
Copy and paste the log in your next reply
- A copy of the log will be saved automatically to the root of the drive (typically C:\)

Download OTL to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Check the boxes beside LOP Check and Purity Check.
Under Custom Scan paste this in

netsvcs
drivers32
%SYSTEMDRIVE%\*.*
%systemroot%\Fonts\*.com
%systemroot%\Fonts\*.dll
%systemroot%\Fonts\*.ini
%systemroot%\Fonts\*.ini2
%systemroot%\Fonts\*.exe
%systemroot%\system32\spool\prtprocs\w32x86\*.*
%systemroot%\REPAIR\*.bak1
%systemroot%\REPAIR\*.ini
%systemroot%\system32\*.jpg
%systemroot%\*.jpg
%systemroot%\*.png
%systemroot%\*.scr
%systemroot%\*._sy
%APPDATA%\Adobe\Update\*.*
%ALLUSERSPROFILE%\Favorites\*.*
%APPDATA%\Microsoft\*.*
%PROGRAMFILES%\*.*
%APPDATA%\Update\*.*
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\System32\config\*.sav
%PROGRAMFILES%\bak. /s
%systemroot%\system32\bak. /s
%ALLUSERSPROFILE%\Start Menu\*.lnk /x
%systemroot%\system32\config\systemprofile\*.dat /x
%systemroot%\*.config
%systemroot%\system32\*.db
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x
%USERPROFILE%\Desktop\*.exe
%PROGRAMFILES%\Common Files\*.*
%systemroot%\*.src
%systemroot%\install\*.*
%systemroot%\system32\DLL\*.*
%systemroot%\system32\HelpFiles\*.*
%systemroot%\system32\rundll\*.*
%systemroot%\winn32\*.*
%systemroot%\Java\*.*
%systemroot%\system32\test\*.*
%systemroot%\system32\Rundll32\*.*
%systemroot%\AppPatch\Custom\*.*
%APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x
%PROGRAMFILES%\PC-Doctor\Downloads\*.*
%PROGRAMFILES%\Internet Explorer\*.tmp
%PROGRAMFILES%\Internet Explorer\*.dat
%USERPROFILE%\My Documents\*.exe
%USERPROFILE%\*.exe
%systemroot%\ADDINS\*.*
%systemroot%\assembly\*.bak2
%systemroot%\Config\*.*
%systemroot%\REPAIR\*.bak2
%systemroot%\SECURITY\Database\*.sdb /x
%systemroot%\SYSTEM\*.bak2
%systemroot%\Web\*.bak2
%systemroot%\Driver Cache\*.*
%PROGRAMFILES%\Mozilla Firefox\0*.exe
%ProgramFiles%\Microsoft Common\*.*
%ProgramFiles%\TinyProxy.
%USERPROFILE%\Favorites\*.url /x
%systemroot%\system32\*.bk
%systemroot%\*.te
%systemroot%\system32\system32\*.*
%ALLUSERSPROFILE%\*.dat /x
%systemroot%\system32\drivers\*.rmv
dir /b "%systemroot%\system32\*.exe" | find /i " " /c
dir /b "%systemroot%\*.exe" | find /i " " /c
%PROGRAMFILES%\Microsoft\*.*
%systemroot%\System32\Wbem\proquota.exe
%PROGRAMFILES%\Mozilla Firefox\*.dat
%USERPROFILE%\Cookies\*.txt /x
%SystemRoot%\system32\fonts\*.*
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.
You may need two posts to fit them both in.

#3 Kellydawn

New Member

Authentic Member
9 posts

Posted 23 August 2011 - 05:33 PM

here is what the TDSSkiller said: 2011/08/23 19:25:42.0078 5828 TDSS rootkit removing tool 2.5.17.0 Aug 22 2011 15:46:57 2011/08/23 19:25:42.0562 5828 ================================================================================ 2011/08/23 19:25:42.0562 5828 SystemInfo: 2011/08/23 19:25:42.0562 5828 2011/08/23 19:25:42.0562 5828 OS Version: 6.1.7600 ServicePack: 0.0 2011/08/23 19:25:42.0562 5828 Product type: Workstation 2011/08/23 19:25:42.0562 5828 ComputerName: KELLYR-HP 2011/08/23 19:25:42.0562 5828 UserName: Kelly R 2011/08/23 19:25:42.0562 5828 Windows directory: C:\windows 2011/08/23 19:25:42.0562 5828 System windows directory: C:\windows 2011/08/23 19:25:42.0562 5828 Processor architecture: Intel x86 2011/08/23 19:25:42.0562 5828 Number of processors: 4 2011/08/23 19:25:42.0562 5828 Page size: 0x1000 2011/08/23 19:25:42.0562 5828 Boot type: Normal boot 2011/08/23 19:25:42.0562 5828 ================================================================================ 2011/08/23 19:25:43.0077 5828 Initialize success 2011/08/23 19:25:53.0638 5464 ================================================================================ 2011/08/23 19:25:53.0638 5464 Scan started 2011/08/23 19:25:53.0638 5464 Mode: Manual; 2011/08/23 19:25:53.0638 5464 ================================================================================ 2011/08/23 19:25:56.0743 5464 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys 2011/08/23 19:25:56.0821 5464 Accelerometer (cc1f1d3d70dc13c2c281488d347d4415) C:\windows\system32\DRIVERS\Accelerometer.sys 2011/08/23 19:25:56.0883 5464 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys 2011/08/23 19:25:56.0945 5464 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys 2011/08/23 19:25:57.0008 5464 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys 2011/08/23 19:25:57.0055 5464 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys 2011/08/23 19:25:57.0117 5464 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys 2011/08/23 19:25:57.0179 5464 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\windows\system32\drivers\Afc.sys 2011/08/23 19:25:57.0242 5464 AFD (0db7a48388d54d154ebec120461a0fcd) C:\windows\system32\drivers\afd.sys 2011/08/23 19:25:57.0289 5464 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\windows\system32\DRIVERS\AGRSM.sys 2011/08/23 19:25:57.0398 5464 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys 2011/08/23 19:25:57.0445 5464 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys 2011/08/23 19:25:57.0507 5464 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys 2011/08/23 19:25:57.0710 5464 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys 2011/08/23 19:25:57.0850 5464 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys 2011/08/23 19:25:58.0006 5464 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys 2011/08/23 19:25:58.0521 5464 amdkmdag (75ea00e209ca27bb12d5c80861f996c9) C:\windows\system32\DRIVERS\atikmdag.sys 2011/08/23 19:25:58.0942 5464 amdkmdap (b8b417bd93ed09a1d20b406410bd8b11) C:\windows\system32\DRIVERS\atikmpag.sys 2011/08/23 19:25:59.0036 5464 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys 2011/08/23 19:25:59.0161 5464 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\windows\system32\drivers\amdsata.sys 2011/08/23 19:25:59.0223 5464 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys 2011/08/23 19:25:59.0270 5464 amdxata (869e67d66be326a5a9159fba8746fa70) C:\windows\system32\drivers\amdxata.sys 2011/08/23 19:25:59.0379 5464 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys 2011/08/23 19:25:59.0551 5464 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys 2011/08/23 19:25:59.0722 5464 archlp (20da1dc31893e1ad82a9c79011f5b344) C:\windows\system32\drivers\archlp.sys 2011/08/23 19:25:59.0847 5464 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys 2011/08/23 19:25:59.0909 5464 ARCVCAM (74fc764f43e68548b9024773cb94979c) C:\windows\system32\DRIVERS\ArcSoftVCapture.sys 2011/08/23 19:25:59.0972 5464 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys 2011/08/23 19:26:00.0050 5464 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys 2011/08/23 19:26:00.0237 5464 athr (b01751cc563aecac09bbe36aaa21fbef) C:\windows\system32\DRIVERS\athr.sys 2011/08/23 19:26:00.0362 5464 AtiHdmiService (8df873d0587596c1d35a9cececc61da1) C:\windows\system32\drivers\AtiHdmi.sys 2011/08/23 19:26:00.0596 5464 atikmdag (75ea00e209ca27bb12d5c80861f996c9) C:\windows\system32\DRIVERS\atikmdag.sys 2011/08/23 19:26:00.0845 5464 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\windows\system32\Drivers\avgldx86.sys 2011/08/23 19:26:00.0986 5464 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\windows\system32\Drivers\avgmfx86.sys 2011/08/23 19:26:01.0126 5464 AvgTdiX (9a7a93388f503a34e7339ae7f9997449) C:\windows\system32\Drivers\avgtdix.sys 2011/08/23 19:26:01.0360 5464 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys 2011/08/23 19:26:01.0547 5464 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys 2011/08/23 19:26:01.0937 5464 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys 2011/08/23 19:26:02.0047 5464 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys 2011/08/23 19:26:02.0109 5464 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\windows\system32\DRIVERS\bowser.sys 2011/08/23 19:26:02.0187 5464 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys 2011/08/23 19:26:02.0249 5464 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys 2011/08/23 19:26:02.0405 5464 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys 2011/08/23 19:26:02.0499 5464 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys 2011/08/23 19:26:02.0577 5464 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys 2011/08/23 19:26:02.0639 5464 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys 2011/08/23 19:26:02.0780 5464 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys 2011/08/23 19:26:02.0873 5464 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys 2011/08/23 19:26:02.0936 5464 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys 2011/08/23 19:26:02.0998 5464 BTHPORT (88059ff1ded4472acd17eebabd393069) C:\windows\System32\Drivers\BTHport.sys 2011/08/23 19:26:03.0061 5464 BTHUSB (80e6384beec03b8bd45edea29802d657) C:\windows\System32\Drivers\BTHUSB.sys 2011/08/23 19:26:03.0123 5464 btusbflt (f549c3fb145a4928e40bb1518b2034dc) C:\windows\system32\drivers\btusbflt.sys 2011/08/23 19:26:03.0201 5464 btwaudio (ce5833c144ca6623bcbde93b188aa850) C:\windows\system32\drivers\btwaudio.sys 2011/08/23 19:26:03.0248 5464 btwavdt (af9148c3e844131ac954cb53ff43d971) C:\windows\system32\DRIVERS\btwavdt.sys 2011/08/23 19:26:03.0326 5464 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\windows\system32\DRIVERS\btwl2cap.sys 2011/08/23 19:26:03.0388 5464 btwrchid (480b3d195854b2e55299cddddc50bcf9) C:\windows\system32\DRIVERS\btwrchid.sys 2011/08/23 19:26:03.0544 5464 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys 2011/08/23 19:26:03.0653 5464 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys 2011/08/23 19:26:03.0747 5464 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys 2011/08/23 19:26:03.0809 5464 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys 2011/08/23 19:26:03.0903 5464 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys 2011/08/23 19:26:03.0950 5464 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys 2011/08/23 19:26:04.0153 5464 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys 2011/08/23 19:26:04.0246 5464 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys 2011/08/23 19:26:04.0293 5464 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys 2011/08/23 19:26:04.0324 5464 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys 2011/08/23 19:26:04.0402 5464 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\windows\system32\drivers\csc.sys 2011/08/23 19:26:04.0480 5464 DAMDrv (a05433f6218dcb8f0dec232de65f8b26) C:\windows\system32\DRIVERS\DAMDrv.sys 2011/08/23 19:26:04.0589 5464 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\windows\system32\Drivers\dfsc.sys 2011/08/23 19:26:04.0699 5464 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys 2011/08/23 19:26:04.0792 5464 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys 2011/08/23 19:26:04.0917 5464 Dot4 (b5e479eb83707dd698f66953e922042c) C:\windows\system32\DRIVERS\Dot4.sys 2011/08/23 19:26:04.0979 5464 Dot4Print (c25fea07a8e7767e8b89ab96a3b96519) C:\windows\system32\DRIVERS\Dot4Prt.sys 2011/08/23 19:26:05.0011 5464 dot4usb (cf491ff38d62143203c065260567e2f7) C:\windows\system32\DRIVERS\dot4usb.sys 2011/08/23 19:26:05.0089 5464 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys 2011/08/23 19:26:05.0167 5464 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\windows\System32\drivers\dxgkrnl.sys 2011/08/23 19:26:05.0291 5464 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys 2011/08/23 19:26:05.0494 5464 eeCtrl (8f7dbc4be48f5388a6fe1f285e7948ef) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys 2011/08/23 19:26:05.0681 5464 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys 2011/08/23 19:26:05.0837 5464 EraserUtilRebootDrv (3ee14d400e0fdd0d214275a4a20b7022) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys 2011/08/23 19:26:05.0978 5464 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys 2011/08/23 19:26:06.0056 5464 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys 2011/08/23 19:26:06.0149 5464 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys 2011/08/23 19:26:06.0243 5464 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys 2011/08/23 19:26:06.0383 5464 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys 2011/08/23 19:26:06.0446 5464 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys 2011/08/23 19:26:06.0571 5464 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys 2011/08/23 19:26:06.0680 5464 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys 2011/08/23 19:26:06.0711 5464 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys 2011/08/23 19:26:06.0742 5464 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys 2011/08/23 19:26:06.0805 5464 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\windows\system32\DRIVERS\fvevol.sys 2011/08/23 19:26:06.0883 5464 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys 2011/08/23 19:26:06.0961 5464 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys 2011/08/23 19:26:07.0070 5464 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys 2011/08/23 19:26:07.0148 5464 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys 2011/08/23 19:26:07.0179 5464 HECI (a88485dc6a7136c10d9a6c7e38fdfe3c) C:\windows\system32\DRIVERS\HECI.sys 2011/08/23 19:26:07.0226 5464 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys 2011/08/23 19:26:07.0304 5464 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys 2011/08/23 19:26:07.0382 5464 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys 2011/08/23 19:26:07.0460 5464 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys 2011/08/23 19:26:07.0912 5464 hpdskflt (4ef10b866c62abbeaf7511cdd05a19be) C:\windows\system32\DRIVERS\hpdskflt.sys 2011/08/23 19:26:08.0099 5464 HpqKbFiltr (1210960ff8928950d2a786895b0c424a) C:\windows\system32\DRIVERS\HpqKbFiltr.sys 2011/08/23 19:26:08.0162 5464 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys 2011/08/23 19:26:08.0240 5464 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys 2011/08/23 19:26:08.0318 5464 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys 2011/08/23 19:26:08.0380 5464 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys 2011/08/23 19:26:08.0443 5464 iaStor (01446278d4563b3013c92830ae6cbb26) C:\windows\system32\DRIVERS\iaStor.sys 2011/08/23 19:26:08.0489 5464 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\windows\system32\drivers\iaStorV.sys 2011/08/23 19:26:08.0723 5464 igfx (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys 2011/08/23 19:26:08.0973 5464 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys 2011/08/23 19:26:09.0020 5464 Impcd (2db41ba61d5e44d0667cf126d35dcf34) C:\windows\system32\DRIVERS\Impcd.sys 2011/08/23 19:26:09.0098 5464 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys 2011/08/23 19:26:09.0238 5464 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys 2011/08/23 19:26:09.0347 5464 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys 2011/08/23 19:26:09.0441 5464 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys 2011/08/23 19:26:09.0472 5464 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys 2011/08/23 19:26:09.0535 5464 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys 2011/08/23 19:26:09.0644 5464 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys 2011/08/23 19:26:09.0753 5464 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys 2011/08/23 19:26:09.0862 5464 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys 2011/08/23 19:26:10.0003 5464 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys 2011/08/23 19:26:10.0081 5464 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys 2011/08/23 19:26:10.0159 5464 KSecPkg (365c6154bbbc5377173f1ca7bfb6cc59) C:\windows\system32\Drivers\ksecpkg.sys 2011/08/23 19:26:10.0377 5464 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys 2011/08/23 19:26:10.0471 5464 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys 2011/08/23 19:26:10.0549 5464 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys 2011/08/23 19:26:10.0595 5464 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys 2011/08/23 19:26:10.0627 5464 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys 2011/08/23 19:26:10.0689 5464 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys 2011/08/23 19:26:10.0751 5464 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys 2011/08/23 19:26:10.0814 5464 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys 2011/08/23 19:26:10.0861 5464 MfeAVFK (64b96de8c492bd435372d9130a535f1d) C:\windows\system32\drivers\MfeAVFK.sys 2011/08/23 19:26:10.0954 5464 MfeBOPK (078e87a89d36cc3516f19d5fb518bddc) C:\windows\system32\drivers\MfeBOPK.sys 2011/08/23 19:26:11.0017 5464 mfehidk (168c565101fd5b9db694efdec91fafa9) C:\windows\system32\drivers\mfehidk.sys 2011/08/23 19:26:11.0048 5464 MfeRKDK (e0842f67dc9bc4d21d1e319610ebe9e5) C:\windows\system32\drivers\MfeRKDK.sys 2011/08/23 19:26:11.0095 5464 mfetdik (43a7acbbd70ecd62f0b63486c72089a3) C:\windows\system32\drivers\mfetdik.sys 2011/08/23 19:26:11.0157 5464 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys 2011/08/23 19:26:11.0219 5464 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys 2011/08/23 19:26:11.0266 5464 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys 2011/08/23 19:26:11.0313 5464 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys 2011/08/23 19:26:11.0344 5464 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys 2011/08/23 19:26:11.0375 5464 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys 2011/08/23 19:26:11.0407 5464 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys 2011/08/23 19:26:11.0485 5464 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys 2011/08/23 19:26:11.0594 5464 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\windows\system32\DRIVERS\mrxsmb.sys 2011/08/23 19:26:11.0843 5464 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\windows\system32\DRIVERS\mrxsmb10.sys 2011/08/23 19:26:11.0906 5464 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\windows\system32\DRIVERS\mrxsmb20.sys 2011/08/23 19:26:11.0953 5464 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys 2011/08/23 19:26:12.0093 5464 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys 2011/08/23 19:26:12.0249 5464 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys 2011/08/23 19:26:12.0280 5464 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys 2011/08/23 19:26:12.0343 5464 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys 2011/08/23 19:26:12.0405 5464 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys 2011/08/23 19:26:12.0452 5464 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys 2011/08/23 19:26:12.0499 5464 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys 2011/08/23 19:26:12.0530 5464 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys 2011/08/23 19:26:12.0608 5464 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys 2011/08/23 19:26:12.0670 5464 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys 2011/08/23 19:26:12.0748 5464 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys 2011/08/23 19:26:12.0779 5464 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys 2011/08/23 19:26:12.0857 5464 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys 2011/08/23 19:26:12.0998 5464 NAVENG (862f55824ac81295837b0ab63f91071f) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20110823.002\NAVENG.SYS 2011/08/23 19:26:13.0045 5464 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20110823.002\NAVEX15.SYS 2011/08/23 19:26:13.0138 5464 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys 2011/08/23 19:26:13.0185 5464 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys 2011/08/23 19:26:13.0232 5464 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys 2011/08/23 19:26:13.0263 5464 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys 2011/08/23 19:26:13.0294 5464 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys 2011/08/23 19:26:13.0325 5464 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys 2011/08/23 19:26:13.0388 5464 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys 2011/08/23 19:26:13.0403 5464 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys 2011/08/23 19:26:13.0466 5464 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys 2011/08/23 19:26:13.0513 5464 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys 2011/08/23 19:26:13.0528 5464 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys 2011/08/23 19:26:13.0715 5464 Ntfs (187002ce05693c306f43c873f821381f) C:\windows\system32\drivers\Ntfs.sys 2011/08/23 19:26:13.0903 5464 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys 2011/08/23 19:26:13.0949 5464 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\windows\system32\drivers\nvraid.sys 2011/08/23 19:26:13.0996 5464 nvstor (4520b63899e867f354ee012d34e11536) C:\windows\system32\drivers\nvstor.sys 2011/08/23 19:26:14.0043 5464 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys 2011/08/23 19:26:14.0137 5464 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys 2011/08/23 19:26:14.0277 5464 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys 2011/08/23 19:26:14.0308 5464 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys 2011/08/23 19:26:14.0339 5464 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys 2011/08/23 19:26:14.0417 5464 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys 2011/08/23 19:26:14.0480 5464 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys 2011/08/23 19:26:14.0573 5464 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys 2011/08/23 19:26:14.0683 5464 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys 2011/08/23 19:26:14.0979 5464 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys 2011/08/23 19:26:15.0307 5464 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys 2011/08/23 19:26:15.0353 5464 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys 2011/08/23 19:26:15.0603 5464 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys 2011/08/23 19:26:16.0274 5464 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys 2011/08/23 19:26:16.0492 5464 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys 2011/08/23 19:26:16.0617 5464 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys 2011/08/23 19:26:16.0711 5464 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys 2011/08/23 19:26:16.0773 5464 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys 2011/08/23 19:26:16.0867 5464 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys 2011/08/23 19:26:16.0976 5464 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys 2011/08/23 19:26:17.0007 5464 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys 2011/08/23 19:26:17.0038 5464 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys 2011/08/23 19:26:17.0069 5464 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys 2011/08/23 19:26:17.0116 5464 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys 2011/08/23 19:26:17.0225 5464 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\windows\system32\drivers\rdpdr.sys 2011/08/23 19:26:17.0397 5464 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys 2011/08/23 19:26:17.0459 5464 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys 2011/08/23 19:26:17.0506 5464 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys 2011/08/23 19:26:17.0818 5464 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys 2011/08/23 19:26:18.0489 5464 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys 2011/08/23 19:26:18.0754 5464 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys 2011/08/23 19:26:18.0895 5464 RSUSBSTOR (6b065c88a4c05cf44793ac2bfc331ac5) C:\windows\system32\Drivers\RtsUStor.sys 2011/08/23 19:26:19.0004 5464 RsvLock (92787f633f2724772aa03cffc2ccffe0) C:\windows\system32\drivers\RsvLock.sys 2011/08/23 19:26:19.0097 5464 RTL8167 (06bd46be6141556125f89df738333720) C:\windows\system32\DRIVERS\Rt86win7.sys 2011/08/23 19:26:19.0160 5464 s3cap (5423d8437051e89dd34749f242c98648) C:\windows\system32\DRIVERS\vms3cap.sys 2011/08/23 19:26:19.0207 5464 SafeBoot (fbf042e3750acbf512e599b37b75bb53) C:\windows\system32\drivers\SafeBoot.sys 2011/08/23 19:26:19.0222 5464 Suspicious file (NoAccess): C:\windows\system32\drivers\SafeBoot.sys. md5: fbf042e3750acbf512e599b37b75bb53 2011/08/23 19:26:19.0238 5464 SafeBoot - detected LockedFile.Multi.Generic (1) 2011/08/23 19:26:19.0316 5464 SbAlg (7adbb5d76fc0452a413dc01f453112a0) C:\windows\system32\drivers\SbAlg.sys 2011/08/23 19:26:19.0394 5464 SbFsLock (0b722e0e599e9dc6c3763daad1b2bbe3) C:\windows\system32\drivers\SbFsLock.sys 2011/08/23 19:26:19.0456 5464 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys 2011/08/23 19:26:19.0550 5464 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys 2011/08/23 19:26:19.0877 5464 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys 2011/08/23 19:26:20.0158 5464 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys 2011/08/23 19:26:20.0221 5464 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys 2011/08/23 19:26:20.0299 5464 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys 2011/08/23 19:26:20.0361 5464 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys 2011/08/23 19:26:20.0423 5464 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys 2011/08/23 19:26:20.0470 5464 sffp_sd (a0708bbd07d245c06ff9de549ca47185) C:\windows\system32\DRIVERS\sffp_sd.sys 2011/08/23 19:26:20.0517 5464 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys 2011/08/23 19:26:20.0579 5464 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys 2011/08/23 19:26:20.0626 5464 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys 2011/08/23 19:26:20.0673 5464 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys 2011/08/23 19:26:20.0751 5464 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys 2011/08/23 19:26:20.0969 5464 SNP2UVC (1fdd4915fd7e49d320aa8eec9827eb09) C:\windows\system32\DRIVERS\snp2uvc.sys 2011/08/23 19:26:21.0219 5464 SPBBCDrv (e621bb5839cf45fa477f48092edd2b40) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys 2011/08/23 19:26:21.0297 5464 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys 2011/08/23 19:26:21.0375 5464 SRTSP (2abf82c8452ab0b9ffc74a2d5da91989) C:\windows\system32\Drivers\SRTSP.SYS 2011/08/23 19:26:21.0437 5464 SRTSPL (e2f9e5887bea5bd8784d337e06eda31b) C:\windows\system32\Drivers\SRTSPL.SYS 2011/08/23 19:26:21.0547 5464 SRTSPX (3b974c158fabd910186f98df8d3e23f3) C:\windows\system32\Drivers\SRTSPX.SYS 2011/08/23 19:26:22.0030 5464 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\windows\system32\DRIVERS\srv.sys 2011/08/23 19:26:22.0077 5464 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\windows\system32\DRIVERS\srv2.sys 2011/08/23 19:26:22.0108 5464 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\windows\system32\DRIVERS\srvnet.sys 2011/08/23 19:26:22.0171 5464 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys 2011/08/23 19:26:22.0233 5464 STHDA (8a8246f40792956e957f3e8d0c188963) C:\windows\system32\DRIVERS\stwrt.sys 2011/08/23 19:26:22.0389 5464 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\windows\system32\DRIVERS\vmstorfl.sys 2011/08/23 19:26:22.0436 5464 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\windows\system32\DRIVERS\storvsc.sys 2011/08/23 19:26:22.0467 5464 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys 2011/08/23 19:26:22.0529 5464 SymEvent (a54ff04bd6e75dc4d8cb6f3e352635e0) C:\windows\system32\Drivers\SYMEVENT.SYS 2011/08/23 19:26:22.0592 5464 SYMREDRV (394b2368212114d538316812af60fddd) C:\windows\System32\Drivers\SYMREDRV.SYS 2011/08/23 19:26:22.0623 5464 SYMTDI (d46676bb414c7531bdffe637a33f5033) C:\windows\System32\Drivers\SYMTDI.SYS 2011/08/23 19:26:22.0701 5464 SynTP (0e8676fb3bb95aa40fdf7a4a31018c8b) C:\windows\system32\DRIVERS\SynTP.sys 2011/08/23 19:26:22.0857 5464 Tcpip (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\drivers\tcpip.sys 2011/08/23 19:26:22.0951 5464 TCPIP6 (c2daaeb48f3a47c410b041a0d2382ee1) C:\windows\system32\DRIVERS\tcpip.sys 2011/08/23 19:26:23.0044 5464 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys 2011/08/23 19:26:23.0075 5464 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys 2011/08/23 19:26:23.0107 5464 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys 2011/08/23 19:26:23.0153 5464 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys 2011/08/23 19:26:23.0185 5464 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys 2011/08/23 19:26:23.0278 5464 TPM (5ad05191dc8b444a7ba4d79b76c42a30) C:\windows\system32\drivers\tpm.sys 2011/08/23 19:26:23.0356 5464 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys 2011/08/23 19:26:23.0403 5464 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys 2011/08/23 19:26:23.0450 5464 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys 2011/08/23 19:26:23.0528 5464 udfs (2efee45a340e1590e37c2f2bac16d051) C:\windows\system32\DRIVERS\udfs.sys 2011/08/23 19:26:23.0746 5464 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys 2011/08/23 19:26:23.0793 5464 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys 2011/08/23 19:26:23.0824 5464 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys 2011/08/23 19:26:23.0887 5464 usbccgp (5c233aefb566ee78c1efbc0493fb066a) C:\windows\system32\DRIVERS\usbccgp.sys 2011/08/23 19:26:23.0918 5464 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys 2011/08/23 19:26:23.0965 5464 usbehci (5b71019a6aca0116fd21b368f19c0b91) C:\windows\system32\drivers\usbehci.sys 2011/08/23 19:26:24.0011 5464 usbhub (5823d3965c2a4f6f785ed1a3b403f3b8) C:\windows\system32\DRIVERS\usbhub.sys 2011/08/23 19:26:24.0043 5464 usbohci (e753ed6c49da13967ebabf9ea616454a) C:\windows\system32\drivers\usbohci.sys 2011/08/23 19:26:24.0105 5464 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys 2011/08/23 19:26:24.0152 5464 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys 2011/08/23 19:26:24.0230 5464 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\windows\system32\drivers\USBSTOR.SYS 2011/08/23 19:26:24.0308 5464 usbuhci (6a30928a469ce802600e1ea8c0f2f53f) C:\windows\system32\drivers\usbuhci.sys 2011/08/23 19:26:24.0355 5464 usbvideo (b5f6a992d996282b7fae7048e50af83a) C:\windows\System32\Drivers\usbvideo.sys 2011/08/23 19:26:24.0433 5464 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys 2011/08/23 19:26:24.0479 5464 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys 2011/08/23 19:26:24.0526 5464 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys 2011/08/23 19:26:24.0557 5464 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys 2011/08/23 19:26:24.0620 5464 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys 2011/08/23 19:26:24.0667 5464 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys 2011/08/23 19:26:24.0698 5464 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys 2011/08/23 19:26:24.0745 5464 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\windows\system32\DRIVERS\vmbus.sys 2011/08/23 19:26:24.0791 5464 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\windows\system32\DRIVERS\VMBusHID.sys 2011/08/23 19:26:24.0823 5464 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys 2011/08/23 19:26:24.0869 5464 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys 2011/08/23 19:26:24.0901 5464 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys 2011/08/23 19:26:24.0947 5464 vpcbus (33e74df34753fcaab06f6f2bdc8cabf5) C:\windows\system32\DRIVERS\vpchbus.sys 2011/08/23 19:26:24.0994 5464 vpcnfltr (5f04362ceb5fb5901037e9d9eadd3760) C:\windows\system32\DRIVERS\vpcnfltr.sys 2011/08/23 19:26:25.0057 5464 vpcusb (625088d6ee9ede977fd03cf18d1cd5c5) C:\windows\system32\DRIVERS\vpcusb.sys 2011/08/23 19:26:25.0088 5464 vpcvmm (b21e23c100d6d5162b95cf6f05b4e035) C:\windows\system32\drivers\vpcvmm.sys 2011/08/23 19:26:25.0135 5464 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys 2011/08/23 19:26:25.0181 5464 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys 2011/08/23 19:26:25.0228 5464 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys 2011/08/23 19:26:25.0291 5464 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys 2011/08/23 19:26:25.0322 5464 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys 2011/08/23 19:26:25.0337 5464 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys 2011/08/23 19:26:25.0431 5464 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys 2011/08/23 19:26:25.0493 5464 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys 2011/08/23 19:26:25.0649 5464 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys 2011/08/23 19:26:25.0712 5464 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys 2011/08/23 19:26:25.0883 5464 WinUSB (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUSB.sys 2011/08/23 19:26:25.0993 5464 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys 2011/08/23 19:26:26.0351 5464 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys 2011/08/23 19:26:26.0507 5464 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys 2011/08/23 19:26:26.0585 5464 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys 2011/08/23 19:26:26.0663 5464 MBR (0x1B8) (04d4350ae5fb6fc2ad3e7c26b1323c68) \Device\Harddisk0\DR0 2011/08/23 19:26:26.0679 5464 \Device\Harddisk0\DR0 - detected Rootkit.Win32.TDSS.tdl4 (0) 2011/08/23 19:26:26.0710 5464 Boot (0x1200) (68cb415dfa9ababdaf6cac85f972ebe3) \Device\Harddisk0\DR0\Partition0 2011/08/23 19:26:26.0741 5464 Boot (0x1200) (16c5b03141ca3c363cb7f2dac47d6a76) \Device\Harddisk0\DR0\Partition1 2011/08/23 19:26:26.0773 5464 Boot (0x1200) (7805b5cbaeaa8e56aa3c364eb4bf4230) \Device\Harddisk0\DR0\Partition2 2011/08/23 19:26:26.0819 5464 Boot (0x1200) (4e1914b8fa82576d6e6e24c1883a6012) \Device\Harddisk0\DR0\Partition3 2011/08/23 19:26:26.0819 5464 ================================================================================ 2011/08/23 19:26:26.0819 5464 Scan finished 2011/08/23 19:26:26.0819 5464 ================================================================================ 2011/08/23 19:26:26.0835 3972 Detected object count: 2 2011/08/23 19:26:26.0835 3972 Actual detected object count: 2 2011/08/23 19:27:11.0384 3972 LockedFile.Multi.Generic(SafeBoot) - User select action: Skip 2011/08/23 19:27:11.0415 3972 \Device\Harddisk0\DR0 (Rootkit.Win32.TDSS.tdl4) - will be cured after reboot 2011/08/23 19:27:11.0415 3972 \Device\Harddisk0\DR0 - ok 2011/08/23 19:27:11.0415 3972 Rootkit.Win32.TDSS.tdl4(\Device\Harddisk0\DR0) - User select action: Cure 2011/08/23 19:27:18.0529 5820 Deinitialize success

#4 Kellydawn

New Member

Authentic Member
9 posts

Posted 23 August 2011 - 05:48 PM

OTL.txt said:

OTL logfile created on: 8/23/2011 7:39:32 PM - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Kelly R\Pictures
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.99 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 56.06% Memory free
5.98 Gb Paging File | 4.00 Gb Available in Paging File | 66.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 448.47 Gb Total Space | 405.78 Gb Free Space | 90.48% Space Free | Partition Type: NTFS
Drive F: | 1.99 Gb Total Space | 1.49 Gb Free Space | 74.82% Space Free | Partition Type: FAT32

Computer Name: KELLYR-HP | User Name: Kelly R | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Kelly R\Pictures\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
PRC - C:\Program Files\IDT\WDM\stacsv.exe (IDT, Inc.)
PRC - C:\Program Files\IDT\WDM\AEstSrv.exe (Andrea Electronics Corporation)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Program Files\PaperCut NG Client\pc-client.exe ()
PRC - C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe (Hewlett-Packard Development Company L.P.)
PRC - C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
PRC - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
PRC - C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe (Symantec Corporation)
PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
PRC - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (Hewlett-Packard)
PRC - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe (McAfee, Inc.)
PRC - C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
PRC - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)
PRC - C:\Windows\System32\uArcCapture.exe (ArcSoft, Inc.)
PRC - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
PRC - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (DigitalPersona, Inc.)
PRC - c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)
PRC - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)

========== Modules (No Company Name) ==========

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\5914966008346d5e9341ba1f9d6d2760\System.Core.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\60aa01ac9637903f30ac346c55ce58bb\PresentationFramework.Aero.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\627ae56ed87ebc7408346520c746352f\System.Web.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\456d5e9d3a0a37697ab28c150e9ac5b7\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\86f429e0a23238cf277d464bd0433d86\System.Data.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\462ca53f84ff85f159d5555d91a5e28d\PresentationFramework.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad9c2f4737e1e07fa774af31a7d74235\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eba4ec48e3f7f16864c6d96f510fafd9\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\808e41877f992187276492aa2e55e909\PresentationCore.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cea5d9b8e3d6ff3bf3be32cf5fcbcd02\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\155679a9c8991cc33f90d6b27bac1977\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\0bddc91cbf37d143f08f6684b2919566\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\610374fef100556da252243e673ac64b\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\efadc7a54e78f3755da53c95bdc293fd\UIAutomationTypes.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\23bc3936180ff789f44259a211dfc7fc\mscorlib.ni.dll ()
MOD - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
MOD - C:\windows\assembly\GAC_MSIL\CaslShared\3.5.1.1__9c6f83d5b7f3d097\CaslShared.dll ()
MOD - C:\windows\assembly\GAC_MSIL\hpcasl\3.5.1.1__9c6f83d5b7f3d097\hpcasl.dll ()
MOD - C:\windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll ()
MOD - C:\Program Files\PaperCut NG Client\pc-client.exe ()
MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
MOD - C:\Program Files\Adobe\Reader 9.0\Reader\ViewerPS.dll ()
MOD - C:\windows\assembly\GAC_MSIL\hpCASLLibrary\3.0.1.1__67b8d1b5179ba5f8\hpCASLLibrary.dll ()
MOD - C:\windows\assembly\GAC_MSIL\Interop.HPQWMIEXLib\1.0.0.0__67b8d1b5179ba5f8\Interop.HPQWMIEXLib.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Power Assistant\Graphs.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Power Assistant\HardwareAccess.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPCommon.XmlSerializers.dll ()
MOD - C:\Windows\System32\SUPSDK.dll ()
MOD - C:\Windows\System32\flcdlmsg.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingServer.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingClients.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Advisor\RemotingClient.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingInterface.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP Advisor\MessagingMessages.dll ()
MOD - C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll ()
MOD - C:\Program Files\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll ()
MOD - C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files\Adobe\Reader 9.0\Reader\sqlite.dll ()
MOD - C:\Program Files\Adobe\Reader 9.0\Reader\ccme_base.dll ()
MOD - C:\Program Files\Adobe\Reader 9.0\Reader\cryptocme2.dll ()

========== Win32 Services (SafeList) ==========

SRV - (STacSV) -- C:\Program Files\IDT\WDM\stacsv.exe (IDT, Inc.)
SRV - (AESTFilters) -- C:\Program Files\IDT\WDM\AEstSrv.exe (Andrea Electronics Corporation)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (AVG Security Toolbar Service) -- C:\Program Files\AVG\AVG9\Toolbar\ToolbarBroker.exe ()
SRV - (HPDrvMntSvc.exe) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (ccSetMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (ccEvtMgr) -- C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (Symantec Corporation)
SRV - (Symantec AntiVirus) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe (Symantec Corporation)
SRV - (SmcService) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe (Symantec Corporation)
SRV - (SNAC) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE (Symantec Corporation)
SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (HPDayStarterService) -- c:\Program Files\Hewlett-Packard\HP QuickLook\HPDayStarterService.exe (Hewlett-Packard Company)
SRV - (hpHotkeyMonitor) -- C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe (Hewlett-Packard Company)
SRV - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard)
SRV - (HP Power Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe (Hewlett-Packard)
SRV - (HpFkCryptService) -- c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe (McAfee, Inc.)
SRV - (vcsFPService) -- C:\Windows\System32\vcsFPService.exe (Validity Sensors, Inc.)
SRV - (HPFSService) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe (Hewlett-Packard)
SRV - (uArcCapture) -- C:\Windows\System32\uArcCapture.exe (ArcSoft, Inc.)
SRV - (DpHost) -- c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe (DigitalPersona, Inc.)
SRV - (HP ProtectTools Service) -- c:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe (Hewlett-Packard Development Company, L.P)
SRV - (FLCDLOCK) -- C:\Windows\System32\flcdlock.exe (Hewlett-Packard Ltd)
SRV - (UNS) Intel® -- C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel® -- C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (pdfcDispatcher) -- C:\Program Files\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (IAANTMON) Intel® -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (LiveUpdate) -- C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE (Symantec Corporation)
SRV - (PSI_SVC_2) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)

========== Driver Services (SafeList) ==========

DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (NAVEX15) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110823.002\NAVEX15.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Symantec\Definitions\VirusDefs\20110823.002\NAVENG.SYS (Symantec Corporation)
DRV - (hpdskflt) -- C:\windows\system32\DRIVERS\hpdskflt.sys (Hewlett-Packard Company)
DRV - (Accelerometer) -- C:\Windows\System32\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV - (AvgTdiX) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (SRTSPL) -- C:\Windows\System32\drivers\srtspl.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) -- C:\Windows\System32\drivers\srtspx.sys (Symantec Corporation)
DRV - (SPBBCDrv) -- C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys (Symantec Corporation)
DRV - (SYMTDI) -- C:\windows\System32\Drivers\SYMTDI.SYS (Symantec Corporation)
DRV - (SYMREDRV) -- C:\windows\System32\Drivers\SYMREDRV.SYS (Symantec Corporation)
DRV - (AvgLdx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (btusbflt) -- C:\Windows\System32\drivers\btusbflt.sys (Broadcom Corporation.)
DRV - (vpcbus) -- C:\windows\system32\DRIVERS\vpchbus.sys (Microsoft Corporation)
DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation)
DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (SbAlg) -- C:\windows\System32\drivers\SbAlg.sys (McAfee, Inc.)
DRV - (SbFsLock) -- C:\windows\System32\drivers\SbFsLock.sys (McAfee, Inc.)
DRV - (RsvLock) -- C:\windows\System32\drivers\rsvlock.sys (McAfee, Inc.)
DRV - (SafeBoot) -- C:\windows\System32\drivers\SafeBoot.sys ()
DRV - (ARCVCAM) -- C:\Windows\System32\drivers\ArcSoftVCapture.sys (ArcSoft, Inc.)
DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation)
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (Impcd) -- C:\Windows\System32\drivers\Impcd.sys (Intel Corporation)
DRV - (DAMDrv) -- C:\Windows\System32\drivers\DAMDrv.sys (Hewlett-Packard Development Company L.P.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (HECI) Intel® -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (HpqKbFiltr) -- C:\windows\system32\DRIVERS\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (vmbus) -- C:\windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WinUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (LSI Corp)
DRV - (archlp) -- C:\Windows\System32\drivers\ArcHlp.sys ()
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (MfeAVFK) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfetdik) -- C:\Windows\System32\drivers\mfetdik.sys (McAfee, Inc.)
DRV - (MfeBOPK) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (MfeRKDK) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.)
DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPCOM/7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sympatico.ca/
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ [2010/01/14 23:19:02 | 000,000,000 | ---D | M]

Hosts file not found
O2 - BHO: (File Sanitizer for HP ProtectTools) - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files\Hewlett-Packard\File Sanitizer\IEBHO.dll (Hewlett-Packard)
O2 - BHO: (HP ProtectTools Security Manager Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - No CLSID value found.
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe (Symantec Corporation)
O4 - HKLM..\Run: [DTRun] c:\Program Files\Arcsoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPPowerAssistant] C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe (Hewlett-Packard)
O4 - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [NortonOnlineBackupReminder] C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe (Symantec Corporation)
O4 - HKLM..\Run: [PaperCut NG Client] C:\Program Files\PaperCut NG Client\pc-client.exe ()
O4 - HKLM..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O15 - HKLM\..Trusted Domains: //about.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Exclude.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //LanguageSelection.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Message.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryCmd.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyAgttryNag.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //MyNotification.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //NOCLessUpdate.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //quarantine.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //ScanNow.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //strings.vbs/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Template.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //Update.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: //VirFound.htm/ ([]myui in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafee.com ([*] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([betavscan] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([vs] https in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] http in Trusted sites)
O15 - HKLM\..Trusted Domains: mcafeeasap.com ([www] https in Trusted sites)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} http://myitlab.pears...ces/ax/stub.cab (Enlite 2.x Simulation Engine Installer)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe) - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\DeviceNP: DllName - DeviceNP.dll - C:\windows\System32\DeviceNP.dll (Hewlett-Packard Limited)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/08/23 16:36:49 | 000,000,000 | ---D | C] -- C:\Users\Kelly R\AppData\Local\Symantec
[2011/08/23 16:36:15 | 000,124,976 | ---- | C] (Symantec Corporation) -- C:\windows\System32\drivers\SYMEVENT.SYS
[2011/08/23 16:33:38 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\capicom.dll
[2011/08/23 16:33:34 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MFC71.DLL
[2011/08/23 16:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2011/08/23 16:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symantec Endpoint Protection
[2011/08/23 16:11:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011/08/23 16:10:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011/08/23 16:10:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011/08/23 16:10:10 | 000,000,000 | ---D | C] -- C:\windows\PCHEALTH
[2011/08/23 16:10:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011/08/23 16:05:54 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2011/08/23 15:51:12 | 000,000,000 | ---D | C] -- C:\Users\Kelly R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PaperCut NG
[2011/08/23 15:51:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PaperCut NG
[2011/08/23 15:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\PaperCut NG Client
[2011/08/23 15:51:04 | 000,090,112 | ---- | C] (Sheridan College Institute of Technology and Advanced Learning) -- C:\windows\System32\CookieHunter.exe
[2011/08/23 15:51:04 | 000,049,152 | ---- | C] (Sheridan College Institute of Technology and Advanced Learning) -- C:\windows\System32\s_d.exe
[2011/08/23 15:51:04 | 000,000,000 | ---D | C] -- C:\windows\System32\wins
[2011/08/23 14:33:27 | 000,000,000 | ---D | C] -- C:\Users\Kelly R\AppData\Roaming\Malwarebytes
[2011/08/23 14:33:21 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbamswissarmy.sys
[2011/08/23 14:33:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/08/23 14:33:18 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys
[2011/08/22 15:48:36 | 001,406,768 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Kelly R\Desktop\TDSSKiller.exe
[2011/08/21 15:29:57 | 000,531,968 | ---- | C] (IDT, Inc.) -- C:\windows\System32\stapi32.dll
[2011/08/21 15:29:33 | 000,380,928 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\aestecap.dll
[2011/08/21 15:29:33 | 000,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\aestaren.dll
[2011/08/21 15:29:32 | 012,705,884 | ---- | C] (IDT, Inc.) -- C:\windows\System32\idtcpl.cpl
[2011/08/21 15:29:32 | 001,953,792 | ---- | C] (IDT, Inc.) -- C:\windows\System32\stlang.dll
[2011/08/21 15:29:32 | 000,495,708 | ---- | C] (IDT, Inc.) -- C:\windows\sttray.exe
[2011/08/21 15:29:32 | 000,140,288 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\aestacap.dll
[2011/08/21 15:29:32 | 000,086,016 | ---- | C] (Andrea Electronics Corporation) -- C:\windows\System32\AESTCom.dll
[2011/08/21 15:29:29 | 000,179,712 | ---- | C] (IDT, Inc.) -- C:\windows\System32\staco.dll
[2011/08/21 15:28:54 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\windows\System32\drivers\stwrt.sys
[2011/08/21 15:28:54 | 000,405,504 | ---- | C] (IDT, Inc.) -- C:\windows\System32\stcplx.dll
[2011/08/21 15:28:53 | 000,934,912 | ---- | C] (IDT, Inc.) -- C:\windows\System32\stapo.dll
[2011/08/21 15:24:25 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/08/21 15:23:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011/08/21 15:20:32 | 015,180,800 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\System32\atioglxx.dll
[2011/08/21 15:20:32 | 005,590,016 | ---- | C] (ATI Technologies Inc.) -- C:\windows\System32\drivers\atikmdag.sys
[2011/08/21 15:20:32 | 004,096,000 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\System32\aticaldd.dll
[2011/08/21 15:20:32 | 000,511,488 | ---- | C] (ATI Technologies Inc. ) -- C:\windows\System32\aticfx32.dll
[2011/08/21 15:20:32 | 000,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\System32\ATIDEMGX.dll
[2011/08/21 15:20:32 | 000,376,832 | ---- | C] (AMD) -- C:\windows\System32\atieclxx.exe
[2011/08/21 15:20:32 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\System32\atipdlxx.dll
[2011/08/21 15:20:32 | 000,237,568 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\System32\atiadlxx.dll
[2011/08/21 15:20:32 | 000,210,432 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\System32\drivers\atikmpag.sys
[2011/08/21 15:20:32 | 000,176,128 | ---- | C] (AMD) -- C:\windows\System32\atiesrxx.exe
[2011/08/21 15:20:32 | 000,159,744 | ---- | C] (AMD) -- C:\windows\System32\atitmmxx.dll
[2011/08/21 15:20:32 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\windows\System32\atiapfxx.exe
[2011/08/21 15:20:32 | 000,108,560 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\System32\drivers\AtiHdmi.sys
[2011/08/21 15:20:32 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\windows\System32\drivers\ati2erec.dll
[2011/08/21 15:20:32 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\System32\aticalrt.dll
[2011/08/21 15:20:32 | 000,053,248 | ---- | C] (Advanced Micro Devices Inc.) -- C:\windows\System32\aticalcl.dll
[2011/08/21 15:20:32 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\System32\atimpc32.dll
[2011/08/21 15:20:32 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\System32\amdpcom32.dll
[2011/08/21 15:20:32 | 000,050,176 | ---- | C] (AMD) -- C:\windows\System32\coinst.dll
[2011/08/21 15:20:32 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\windows\System32\ati2edxx.dll
[2011/08/21 15:20:32 | 000,030,208 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\System32\atiuxpag.dll
[2011/08/21 15:20:32 | 000,022,528 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\System32\atiu9pag.dll
[2011/08/21 15:20:32 | 000,016,896 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\System32\atigktxx.dll
[2011/08/21 15:20:32 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\windows\System32\atiglpxx.dll
[2011/08/21 15:20:32 | 000,011,776 | ---- | C] (AMD) -- C:\windows\System32\atimuixx.dll
[2011/08/21 14:53:01 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\conhost.exe
[2011/08/21 14:53:01 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\winsrv.dll
[2011/08/21 14:53:00 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011/08/21 14:53:00 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011/08/21 14:53:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011/08/21 14:53:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011/08/21 14:53:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011/08/21 14:53:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011/08/21 14:53:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011/08/21 14:53:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011/08/21 14:53:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011/08/21 14:52:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011/08/21 14:52:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011/08/21 14:52:50 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbcjt32.dll
[2011/08/21 14:52:50 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbctrac.dll
[2011/08/21 14:52:50 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbccp32.dll
[2011/08/21 14:52:50 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbccu32.dll
[2011/08/21 14:52:50 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\odbccr32.dll
[2011/08/21 14:46:40 | 000,000,000 | ---D | C] -- C:\Users\Kelly R\AppData\Roaming\Remote
[2011/08/02 13:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2011/08/02 13:03:34 | 000,000,000 | ---D | C] -- C:\Users\Kelly R\AppData\Roaming\AVS4YOU
[2011/08/02 13:02:51 | 010,833,920 | ---- | C] (Intel Corporation) -- C:\windows\System32\libmfxsw32.dll
[2011/08/02 13:02:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2011/08/02 13:02:49 | 010,915,840 | ---- | C] (Intel Corporation) -- C:\windows\System32\libmfxhw32.dll
[2011/08/02 13:02:48 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msxml3a.dll
[2011/08/02 13:02:24 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2011/07/26 03:19:29 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\ks.sys
[2011/07/26 03:18:40 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\windows\explorer.exe
[2011/07/26 03:18:40 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\prevhost.exe
[2011/07/26 03:18:39 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbport.sys
[2011/07/26 03:18:39 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\dxgmms1.sys
[2011/07/26 03:18:39 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\cdd.dll
[2011/07/26 03:18:39 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\usbd.sys
[2011/07/26 03:18:35 | 000,146,304 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\storport.sys
[2011/07/26 03:18:35 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\fsutil.exe
[2011/07/26 03:18:33 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msdri.dll
[2011/07/26 03:18:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\MSNP.ax
[2011/07/26 03:18:28 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\tquery.dll
[2011/07/26 03:18:28 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssrch.dll
[2011/07/26 03:18:27 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssvp.dll
[2011/07/26 03:18:27 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssph.dll
[2011/07/26 03:18:27 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsGdiConverter.dll
[2011/07/26 03:18:27 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mssphtb.dll
[2011/07/26 03:18:27 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\msscntrs.dll
[2011/07/26 03:18:25 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsPrint.dll
[2011/07/26 03:18:25 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\wscapi.dll
[2011/07/26 03:18:25 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\slwga.dll
[2011/07/26 03:18:24 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\DWrite.dll
[2011/07/26 03:18:24 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d2d1.dll
[2011/07/26 03:18:23 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1.dll
[2011/07/26 03:18:23 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\drivers\Diskdump.sys
[2011/07/26 02:36:23 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\WMVDECOD.DLL
[2011/07/26 02:36:23 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll
[2011/07/26 02:36:23 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll
[2011/07/26 02:36:23 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\XpsRasterService.dll
[2011/07/26 02:36:22 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mf.dll
[2011/07/26 02:36:22 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\ExplorerFrame.dll
[2011/07/26 02:36:22 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\mfreadwrite.dll
[2011/07/26 02:05:13 | 000,000,000 | ---D | C] -- C:\83d44599bbd6a65d51c1fb92
[2011/07/26 01:46:26 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011/07/26 01:46:26 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011/07/26 01:37:09 | 000,000,000 | ---D | C] -- C:\ProgramData\{E91883C8-8CDC-46A4-A45F-CB40EB82ED60}
[2011/07/26 01:36:43 | 000,000,000 | ---D | C] -- C:\Users\Kelly R\AppData\Roaming\hpqLog
[2011/07/26 01:15:35 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/07/26 01:15:02 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaws.exe
[2011/07/26 01:15:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\javaw.exe
[2011/07/26 01:15:02 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\windows\System32\java.exe
[2011/07/26 01:10:33 | 002,332,672 | ---- | C] (Microsoft Corporation) -- C:\windows\System32\win32k.sys
[2010/03/28 15:04:25 | 000,255,360 | ---- | C] ( ) -- C:\windows\System32\rsnp2uvc.dll
[2010/03/28 15:04:24 | 000,211,840 | ---- | C] ( ) -- C:\windows\System32\csnp2uvc.dll
[2 C:\Users\Kelly R\Documents\*.tmp files -> C:\Users\Kelly R\Documents\*.tmp -> ]
[1 C:\Users\Kelly R\*.tmp files -> C:\Users\Kelly R\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2039/03/20 21:02:00 | 001,214,288 | ---- | M] () -- C:\Users\Kelly R\Documents\101_0470.JPG
[2039/03/20 21:02:00 | 001,070,512 | ---- | M] () -- C:\Users\Kelly R\Documents\101_0472.JPG
[2039/03/20 21:02:00 | 000,959,640 | ---- | M] () -- C:\Users\Kelly R\Documents\101_0453.JPG
[2011/08/23 19:37:02 | 000,020,944 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/08/23 19:37:02 | 000,020,944 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/08/23 19:35:04 | 000,633,494 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2011/08/23 19:35:04 | 000,112,576 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2011/08/23 19:28:37 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2011/08/23 19:28:30 | 2407,952,384 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/23 19:20:17 | 084,472,207 | ---- | M] () -- C:\windows\System32\drivers\Avg\incavi.avm
[2011/08/23 16:36:21 | 000,124,976 | ---- | M] (Symantec Corporation) -- C:\windows\System32\drivers\SYMEVENT.SYS
[2011/08/23 16:36:21 | 000,007,456 | ---- | M] () -- C:\windows\System32\drivers\SYMEVENT.CAT
[2011/08/23 16:36:21 | 000,000,806 | ---- | M] () -- C:\windows\System32\drivers\SYMEVENT.INF
[2011/08/23 16:29:31 | 000,415,288 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2011/08/23 14:33:21 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/23 13:44:02 | 000,000,655 | ---- | M] () -- C:\PreCheck.htm
[2011/08/22 16:44:51 | 000,000,127 | ---- | M] () -- C:\windows\System32\MRT.INI
[2011/08/22 15:48:36 | 001,406,768 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Kelly R\Desktop\TDSSKiller.exe
[2011/08/21 15:28:20 | 001,953,792 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stlang.dll
[2011/08/21 15:28:20 | 000,934,912 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stapo.dll
[2011/08/21 15:28:20 | 000,531,968 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stapi32.dll
[2011/08/21 15:28:20 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\windows\sttray.exe
[2011/08/21 15:28:20 | 000,431,616 | ---- | M] (IDT, Inc.) -- C:\windows\System32\drivers\stwrt.sys
[2011/08/21 15:28:20 | 000,405,504 | ---- | M] (IDT, Inc.) -- C:\windows\System32\stcplx.dll
[2011/08/21 15:28:20 | 000,179,712 | ---- | M] (IDT, Inc.) -- C:\windows\System32\staco.dll
[2011/08/21 15:28:19 | 012,705,884 | ---- | M] (IDT, Inc.) -- C:\windows\System32\idtcpl.cpl
[2011/08/21 15:28:19 | 000,380,928 | ---- | M] (Andrea Electronics Corporation) -- C:\windows\System32\aestecap.dll
[2011/08/21 15:28:19 | 000,140,288 | ---- | M] (Andrea Electronics Corporation) -- C:\windows\System32\aestacap.dll
[2011/08/21 15:28:19 | 000,086,016 | ---- | M] (Andrea Electronics Corporation) -- C:\windows\System32\AESTCom.dll
[2011/08/21 15:28:19 | 000,061,440 | ---- | M] (Andrea Electronics Corporation) -- C:\windows\System32\aestaren.dll
[2011/08/21 15:20:12 | 015,180,800 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\windows\System32\atioglxx.dll
[2011/08/21 15:20:12 | 005,590,016 | ---- | M] (ATI Technologies Inc.) -- C:\windows\System32\drivers\atikmdag.sys
[2011/08/21 15:20:12 | 004,096,000 | ---- | M] (Advanced Micro Devices Inc.) -- C:\windows\System32\aticaldd.dll
[2011/08/21 15:20:12 | 003,809,792 | ---- | M] (ATI Technologies Inc. ) -- C:\windows\System32\atiumdag.dll
[2011/08/21 15:20:12 | 003,668,480 | ---- | M] (ATI Technologies Inc. ) -- C:\windows\System32\atidxx32.dll
[2011/08/21 15:20:12 | 003,025,408 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\System32\atiumdva.dll
[2011/08/21 15:20:12 | 000,534,960 | ---- | M] () -- C:\windows\System32\atiumdva.cap
[2011/08/21 15:20:12 | 000,511,488 | ---- | M] (ATI Technologies Inc. ) -- C:\windows\System32\aticfx32.dll
[2011/08/21 15:20:12 | 000,446,464 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\windows\System32\ATIDEMGX.dll
[2011/08/21 15:20:12 | 000,376,832 | ---- | M] (AMD) -- C:\windows\System32\atieclxx.exe
[2011/08/21 15:20:12 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\windows\System32\atipdlxx.dll
[2011/08/21 15:20:12 | 000,237,568 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\windows\System32\atiadlxx.dll
[2011/08/21 15:20:12 | 000,210,432 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\windows\System32\drivers\atikmpag.sys
[2011/08/21 15:20:12 | 000,203,336 | ---- | M] () -- C:\windows\System32\atiicdxx.dat
[2011/08/21 15:20:12 | 000,176,128 | ---- | M] (AMD) -- C:\windows\System32\atiesrxx.exe
[2011/08/21 15:20:12 | 000,159,744 | ---- | M] (AMD) -- C:\windows\System32\atitmmxx.dll
[2011/08/21 15:20:12 | 000,143,360 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\windows\System32\atiapfxx.exe
[2011/08/21 15:20:12 | 000,108,560 | ---- | M] (ATI Technologies, Inc.) -- C:\windows\System32\drivers\AtiHdmi.sys
[2011/08/21 15:20:12 | 000,057,816 | ---- | M] () -- C:\windows\System32\atiapfxx.blb
[2011/08/21 15:20:12 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\windows\System32\drivers\ati2erec.dll
[2011/08/21 15:20:12 | 000,053,248 | ---- | M] (Advanced Micro Devices Inc.) -- C:\windows\System32\aticalrt.dll
[2011/08/21 15:20:12 | 000,053,248 | ---- | M] (Advanced Micro Devices Inc.) -- C:\windows\System32\aticalcl.dll
[2011/08/21 15:20:12 | 000,052,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\System32\atimpc32.dll
[2011/08/21 15:20:12 | 000,052,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\System32\amdpcom32.dll
[2011/08/21 15:20:12 | 000,050,176 | ---- | M] (AMD) -- C:\windows\System32\coinst.dll
[2011/08/21 15:20:12 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\windows\System32\ati2edxx.dll
[2011/08/21 15:20:12 | 000,030,208 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\System32\atiuxpag.dll
[2011/08/21 15:20:12 | 000,022,528 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\System32\atiu9pag.dll
[2011/08/21 15:20:12 | 000,021,544 | ---- | M] () -- C:\windows\atiogl.xml
[2011/08/21 15:20:12 | 000,016,896 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\System32\atigktxx.dll
[2011/08/21 15:20:12 | 000,012,800 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\windows\System32\atiglpxx.dll
[2011/08/21 15:20:12 | 000,011,776 | ---- | M] (AMD) -- C:\windows\System32\atimuixx.dll
[2011/08/21 15:20:12 | 000,002,189 | ---- | M] () -- C:\windows\System32\atipblag.dat
[2011/08/11 14:48:16 | 000,090,112 | ---- | M] (Sheridan College Institute of Technology and Advanced Learning) -- C:\windows\System32\CookieHunter.exe
[2011/07/26 02:41:36 | 000,001,411 | ---- | M] () -- C:\Users\Kelly R\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/07/26 02:36:23 | 001,619,456 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\WMVDECOD.DLL
[2011/07/26 02:36:23 | 001,170,944 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3d10warp.dll
[2011/07/26 02:36:23 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\d3d10_1core.dll
[2011/07/26 02:36:23 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\XpsRasterService.dll
[2011/07/26 02:36:22 | 003,181,568 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mf.dll
[2011/07/26 02:36:22 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\ExplorerFrame.dll
[2011/07/26 02:36:22 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\windows\System32\mfreadwrite.dll
[2011/07/26 01:47:00 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/07/26 01:38:20 | 000,002,137 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2011/07/26 00:46:39 | 000,012,484 | -HS- | M] () -- C:\Users\Kelly R\AppData\Local\05a3a062i5h21hn5r14r184j8402x6866h8
[2011/07/26 00:46:39 | 000,012,484 | -HS- | M] () -- C:\ProgramData\05a3a062i5h21hn5r14r184j8402x6866h8
[2 C:\Users\Kelly R\Documents\*.tmp files -> C:\Users\Kelly R\Documents\*.tmp -> ]
[1 C:\Users\Kelly R\*.tmp files -> C:\Users\Kelly R\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/08/23 16:36:15 | 000,007,456 | ---- | C] () -- C:\windows\System32\drivers\SYMEVENT.CAT
[2011/08/23 16:36:15 | 000,000,806 | ---- | C] () -- C:\windows\System32\drivers\SYMEVENT.INF
[2011/08/23 15:51:04 | 000,028,386 | ---- | C] () -- C:\windows\System32\wcita.dll
[2011/08/23 15:51:04 | 000,028,384 | ---- | C] () -- C:\windows\System32\ttlbzho.dll
[2011/08/23 15:51:04 | 000,001,450 | ---- | C] () -- C:\windows\System32\clones.ini
[2011/08/23 15:51:04 | 000,000,028 | ---- | C] () -- C:\windows\System32\wfc1.ini
[2011/08/23 14:33:21 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/23 13:44:03 | 000,000,655 | ---- | C] () -- C:\PreCheck.htm
[2011/08/21 15:29:32 | 000,001,641 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IDT HD Audio.lnk
[2011/08/21 15:20:32 | 000,534,960 | ---- | C] () -- C:\windows\System32\atiumdva.cap
[2011/08/21 15:20:32 | 000,203,336 | ---- | C] () -- C:\windows\System32\atiicdxx.dat
[2011/08/21 15:20:32 | 000,057,816 | ---- | C] () -- C:\windows\System32\atiapfxx.blb
[2011/08/21 15:20:32 | 000,021,544 | ---- | C] () -- C:\windows\atiogl.xml
[2011/08/21 15:20:32 | 000,002,189 | ---- | C] () -- C:\windows\System32\atipblag.dat
[2011/07/26 02:07:45 | 000,000,127 | ---- | C] () -- C:\windows\System32\MRT.INI
[2011/07/26 01:46:29 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/07/26 01:46:29 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/07/26 01:38:20 | 000,002,137 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
[2011/07/25 01:09:07 | 000,012,484 | -HS- | C] () -- C:\Users\Kelly R\AppData\Local\05a3a062i5h21hn5r14r184j8402x6866h8
[2011/07/25 01:09:07 | 000,012,484 | -HS- | C] () -- C:\ProgramData\05a3a062i5h21hn5r14r184j8402x6866h8
[2011/02/11 01:55:51 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
[2010/09/11 19:42:30 | 000,164,673 | ---- | C] () -- C:\windows\hpoins29.dat
[2010/09/11 19:42:30 | 000,000,457 | ---- | C] () -- C:\windows\hpomdl29.dat
[2010/08/31 21:28:55 | 000,000,848 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010/03/28 15:04:25 | 001,763,968 | ---- | C] () -- C:\windows\System32\drivers\snp2uvc.sys
[2010/03/28 15:04:25 | 000,033,280 | ---- | C] () -- C:\windows\System32\drivers\sncduvc.sys
[2010/03/28 15:04:25 | 000,025,984 | ---- | C] () -- C:\windows\snuvcdsm.exe
[2010/03/28 15:04:25 | 000,015,497 | ---- | C] () -- C:\windows\snp2uvc.ini
[2010/03/28 14:51:22 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2010/01/14 23:41:27 | 000,000,188 | ---- | C] () -- C:\windows\System32\HPWA.ini
[2010/01/14 23:21:58 | 000,000,178 | ---- | C] () -- C:\windows\System32\HPPA.ini
[2010/01/14 22:58:11 | 000,080,416 | ---- | C] () -- C:\windows\System32\RtNicProp32.dll
[2009/12/15 21:12:10 | 000,110,520 | ---- | C] () -- C:\windows\System32\drivers\SafeBoot.sys
[2009/12/14 17:26:00 | 000,000,256 | ---- | C] () -- C:\windows\System32\vcsAPIShared.dll.hpsign
[2009/12/11 15:20:30 | 000,648,464 | ---- | C] () -- C:\windows\System32\SUPSDK.dll
[2009/12/11 15:20:18 | 000,050,448 | ---- | C] () -- C:\windows\System32\ExpSnapShotAPI.dll
[2009/11/24 22:57:20 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPSCEL.dll.hpsign
[2009/11/24 22:57:20 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPFPApi.dll.hpsign
[2009/11/24 22:57:20 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPClback.dll.hpsign
[2009/11/24 17:55:38 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPFPApiUI.dll.hpsign
[2009/11/24 17:55:20 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPPassFilter.dll.hpsign
[2009/11/24 17:55:20 | 000,000,256 | ---- | C] () -- C:\windows\System32\DPCrProv.dll.hpsign
[2009/11/17 18:39:36 | 000,329,272 | ---- | C] () -- C:\windows\System32\flcdlmsg.dll
[2009/09/29 19:25:16 | 000,013,312 | ---- | C] () -- C:\windows\LPRES.DLL
[2009/07/14 00:57:37 | 000,067,584 | --S- | C] () -- C:\windows\bootstat.dat
[2009/07/14 00:33:53 | 000,415,288 | ---- | C] () -- C:\windows\System32\FNTCACHE.DAT
[2009/07/13 22:05:48 | 000,633,494 | ---- | C] () -- C:\windows\System32\perfh009.dat
[2009/07/13 22:05:48 | 000,291,294 | ---- | C] () -- C:\windows\System32\perfi009.dat
[2009/07/13 22:05:48 | 000,112,576 | ---- | C] () -- C:\windows\System32\perfc009.dat
[2009/07/13 22:05:48 | 000,031,548 | ---- | C] () -- C:\windows\System32\perfd009.dat
[2009/07/13 22:05:05 | 000,000,741 | ---- | C] () -- C:\windows\System32\NOISE.DAT
[2009/07/13 22:04:11 | 000,215,943 | ---- | C] () -- C:\windows\System32\dssec.dat
[2009/07/13 20:19:49 | 000,066,048 | ---- | C] () -- C:\windows\System32\PrintBrmUi.exe
[2009/07/13 19:55:01 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin
[2009/07/13 19:51:43 | 000,073,728 | ---- | C] () -- C:\windows\System32\BthpanContextHandler.dll
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- C:\windows\System32\BWContextHandler.dll
[2009/07/13 18:09:19 | 000,982,196 | ---- | C] () -- C:\windows\System32\igkrng500.bin
[2009/07/13 18:09:19 | 000,417,344 | ---- | C] () -- C:\windows\System32\igcompkrng500.bin
[2009/07/13 18:09:19 | 000,139,824 | ---- | C] () -- C:\windows\System32\igfcg500.bin
[2009/07/13 18:09:19 | 000,097,448 | ---- | C] () -- C:\windows\System32\igfcg500m.bin
[2009/07/10 14:46:30 | 007,488,032 | R--- | C] () -- C:\windows\System32\CogentData1.dat
[2009/07/10 14:46:28 | 000,002,432 | R--- | C] () -- C:\windows\System32\CogentData2.dat
[2009/06/22 18:08:10 | 016,128,032 | R--- | C] () -- C:\windows\System32\CogentData4.dat
[2009/06/22 18:08:10 | 000,004,032 | R--- | C] () -- C:\windows\System32\CogentData5.dat
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- C:\windows\System32\mlang.dat
[2009/06/03 19:17:14 | 000,131,584 | ---- | C] () -- C:\windows\System32\drivers\ArcHlp.sys
[2009/02/18 03:55:22 | 000,294,912 | ---- | C] () -- C:\windows\System32\ATIODE.exe
[2009/02/03 06:52:04 | 000,045,056 | ---- | C] () -- C:\windows\System32\ATIODCLI.exe

========== LOP Check ==========

[2010/08/30 01:31:00 | 000,000,000 | ---D | M] -- C:\Users\Kelly R\AppData\Roaming\DigitalPersona
[2011/08/21 14:46:40 | 000,000,000 | ---D | M] -- C:\Users\Kelly R\AppData\Roaming\Remote
[2011/08/21 19:18:31 | 000,032,602 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*.* >
[2009/07/13 21:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2011/08/23 19:28:30 | 2407,952,384 | -HS- | M] () -- C:\hiberfil.sys
[2011/08/23 19:28:31 | 3210,604,544 | -HS- | M] () -- C:\pagefile.sys
[2011/08/23 13:44:02 | 000,000,655 | ---- | M] () -- C:\PreCheck.htm
[2011/08/23 19:27:18 | 000,080,162 | ---- | M] () -- C:\TDSSKiller.2.5.17.0_23.08.2011_19.25.42_log.txt
[2009/10/19 16:43:06 | 000,047,104 | ---- | M] () -- C:\Thumbs.db

< %systemroot%\Fonts\*.com >
[2009/07/14 00:52:25 | 000,026,040 | ---- | M] () -- C:\windows\Fonts\GlobalMonospace.CompositeFont
[2009/07/14 00:52:25 | 000,026,489 | ---- | M] () -- C:\windows\Fonts\GlobalSansSerif.CompositeFont
[2009/07/14 00:52:25 | 000,029,779 | ---- | M] () -- C:\windows\Fonts\GlobalSerif.CompositeFont
[2009/07/14 00:52:25 | 000,043,318 | ---- | M] () -- C:\windows\Fonts\GlobalUserInterface.CompositeFont

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2009/06/10 17:31:19 | 000,000,065 | -H-- | M] () -- C:\windows\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2009/07/13 21:15:26 | 000,280,064 | ---- | M] (Hewlett-Packard Corporation) -- C:\windows\system32\spool\prtprocs\w32x86\hpzppw71.dll
[2009/07/13 21:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\spool\prtprocs\w32x86\jnwppr.dll
[2006/10/26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
[2009/07/13 21:16:19 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\windows\system32\spool\prtprocs\w32x86\winprint.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >

< %PROGRAMFILES%\*.* >
[2009/07/14 00:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini

< %APPDATA%\Update\*.* >

< %systemroot%\*. /mp /s >

< %systemroot%\System32\config\*.sav >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2011/07/26 02:41:36 | 000,000,221 | -HS- | M] () -- C:\Users\Kelly R\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini

< %USERPROFILE%\Desktop\*.exe >
[2011/08/22 15:48:36 | 001,406,768 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Kelly R\Desktop\TDSSKiller.exe

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >
[2009/07/21 15:08:00 | 000,013,021 | ---- | M] () -- C:\windows\snp2uvc.src

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >
[2009/06/10 17:20:04 | 000,000,802 | ---- | M] () -- C:\windows\ADDINS\FXSEXT.ecf

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\0*.exe >

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2010/08/30 03:02:15 | 000,000,402 | -HS- | M] () -- C:\Users\Kelly R\Favorites\desktop.ini

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2011/07/26 00:46:39 | 000,012,484 | -HS- | M] () -- C:\ProgramData\05a3a062i5h21hn5r14r184j8402x6866h8
[2010/09/16 15:01:36 | 000,002,673 | ---- | M] () -- C:\ProgramData\hpzinstall.log
[2011/02/25 14:18:32 | 000,000,848 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys

< %systemroot%\system32\drivers\*.rmv >

< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >

< dir /b "%systemroot%\*.exe" | find /i " " /c >

< %PROGRAMFILES%\Microsoft\*.* >

< %systemroot%\System32\Wbem\proquota.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.dat >

< %USERPROFILE%\Cookies\*.txt /x >

< %SystemRoot%\system32\fonts\*.* >

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-08-23 19:37:15

< >

< End of report >

#5 Kellydawn

New Member

Authentic Member
9 posts

Posted 23 August 2011 - 05:50 PM

EXTRAS.txt said:

OTL Extras logfile created on: 8/23/2011 7:39:32 PM - Run 1
OTL by OldTimer - Version 3.2.26.5 Folder = C:\Users\Kelly R\Pictures
An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

2.99 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 56.06% Memory free
5.98 Gb Paging File | 4.00 Gb Available in Paging File | 66.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 448.47 Gb Total Space | 405.78 Gb Free Space | 90.48% Space Free | Partition Type: NTFS
Drive F: | 1.99 Gb Total Space | 1.49 Gb Free Space | 74.82% Space Free | Partition Type: FAT32

Computer Name: KELLYR-HP | User Name: Kelly R | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{0279C882-B150-44B6-A769-A7C8A2F31CE3}" = HP Wireless Assistant
"{03564371-AEA7-41CB-B441-B690A47AE5FC}" = CCC Help Korean
"{04801E42-B1A6-4C52-9F3D-CADB5A050433}" = HP Software Setup
"{0497B553-0E3F-4CCD-BE13-E28F1A54B318}" = HP HotKey Support
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0EB565B2-B482-0343-A90E-2984781DC7A0}" = Catalyst Control Center InstallProxy
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{142D2DFA-1FB7-41B9-8509-DAB5F3978CE4}" = Privacy Manager for HP ProtectTools
"{16CBD1DE-9016-FFE0-C4FC-7BC9C433F834}" = CCC Help French
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}" = ArcSoft Webcam Sharing Manager
"{1A1E33D2-9824-454A-B8CB-50072118635A}" = Corel Home Office - CS Templates
"{1D11E96F-0405-4B99-8356-5750B1D9FAE9}" = Corel Home Office - JP Templates
"{1E6219D4-027E-47EE-AB83-DD2F26E31A32}" = HP Setup
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{25E165AC-66FF-B562-5574-D7B7CFD33322}" = Catalyst Control Center Localization All
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java™ 6 Update 26
"{26D19512-874B-4EDA-B7F1-779850B2AD5A}" = Corel Home Office - CT Templates
"{2712DAD6-C1F7-4295-B06E-17D6DC62EC20}" = HP Software Framework
"{2B413011-D8EA-810D-2181-D80C71209BAF}" = CCC Help Hungarian
"{2DA697D7-FED3-4DE2-A174-92A2A12F9688}" = HP SoftPaq Download Manager
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFCC193-D915-4CCB-9201-31773A27BC06}" = Symantec Endpoint Protection
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{31F3F03C-CEAA-4907-3C4D-D9AF6848F6AE}" = CCC Help English
"{32C25CAB-840F-45D7-16A2-090722C091FD}" = CCC Help Danish
"{335CC3A9-E31F-1BA5-E971-BA6FC1273004}" = CCC Help Dutch
"{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"{3513DD3C-7680-4C7C-BF18-BA375D5F4132}" = Pre-Boot Security for HP ProtectTools
"{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = HP Webcam Driver
"{39FE455F-9478-451B-9420-73C15143DF8E}" = Corel Home Office - IPM
"{3BDB9B89-56B5-4953-B052-AEB75FCBFC93}" = HP User Guides 0189
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant
"{454E2EA5-D931-5490-30DF-3A2CA69063AF}" = CCC Help Swedish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A4AC58C-5B6E-A153-F102-CD4212A626B8}" = CCC Help Chinese Standard
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AADE51C-D126-0A5A-A62A-2DE8297224CE}" = CCC Help Finnish
"{4D8F3CDE-0930-25E4-B408-103CE84407E7}" = CCC Help Spanish
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{4F765E00-EE1C-4392-93B4-54310358F41A}" = ArcSoft TotalMedia
"{5017D60D-C0A5-4CC8-8D2F-0BDA1ADF39D0}" = Corel Home Office - Templates1
"{52BE2E98-018F-77CA-3F11-AF09A8E81770}" = ccc-utility
"{55B52830-024A-443E-AF61-61E1E71AFA1B}" = Device Access Manager for HP ProtectTools
"{5746E4F9-77C6-47E8-A737-A5975A57B4AA}" = Corel Home Office - KR Templates
"{5BF8E079-D6E2-4323-B794-75152371122A}" = Windows 7 Default Setting
"{5DCBD841-3768-4D3A-8517-65BFB87E05D3}" = Validity Fingerprint Driver
"{5E0772BF-BE9D-C1FC-576A-53F4432552E4}" = CCC Help Czech
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{670234D0-42BE-493E-B3EB-6B5275530461}" = Corel Home Office
"{67C090D6-109A-47D7-8DED-4160C4D96F32}" = HP 3D DriveGuard
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}" = File Sanitizer For HP ProtectTools
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{715F745B-0594-891F-AC32-6995B9F98EE2}" = CCC Help German
"{7298FBF4-E8A6-E898-09B7-951B3BFCBA33}" = CCC Help Polish
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7861911B-4270-498A-8F7A-FCF0570F485D}" = HP QuickWeb
"{79F4FC67-0479-8078-1B71-FCA6547592CF}" = CCC Help Turkish
"{7E5A8023-0E90-4503-A1EA-C9FC25680AF9}" = PS_AIO_03_C4400_Software_Min
"{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials
"{8181C5B7-2FF5-4677-BA6A-8E2C3F5A7601}" = HP Photosmart C4400 All-In-One Driver Software 13.0 Rel. 3
"{82EF29B1-9B60-4142-A155-0599216DD053}" = LightScribe System Software
"{871732B3-1EE5-4C54-8462-8BFF516880B7}" = HP ESU for Microsoft Windows 7
"{89D7DD37-5A15-46E0-9C3C-A0004C4F1A38}" = Drive Encryption for HP ProtectTools
"{8A0590BF-9036-47D5-BBE7-50590649760C}" = HP ProtectTools Security Manager
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8B49BD5E-C896-4F65-95DC-3F84424226E8}" = HP QuickLook
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{609845CA-DCBB-48DB-8A1A-26876D4CE6DB}" =
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{904459A8-B731-793F-493C-FAA7DACFA325}" = CCC Help Russian
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{995F1E2E-F542-4310-8E1D-9926F5A279B3}" = Windows Live Toolbar
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A62118B-8243-E78D-1C0C-0A45A3D64AA7}" = CCC Help Chinese Traditional
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9C780DBC-F527-FC46-7719-C4B163F75A37}" = Catalyst Control Center InstallProxy
"{9C956880-0FA6-75EA-5B3C-2BAACCD60B37}" = CCC Help Italian
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = HP Integrated Module with Bluetooth wireless technology
"{A4C1127B-470E-2CD4-E544-1D480CD8C141}" = CCC Help Norwegian
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{B1E33614-25CC-4C2A-8CBA-88B51ABF67E0}" = C4400
"{B629F002-202C-C5F7-86B5-C98EDB34A0A6}" = CCC Help Thai
"{BCCB8356-97FD-F9D2-A621-BFC451342049}" = ccc-core-static
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAEFDCE5-D425-41BD-9122-ECC0D357F924}" = PaperCut NG Client 11.2
"{CB65A1C3-533D-4EA6-82B5-FBA926F19079}" = Face Recognition for HP ProtectTools
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}" = WinZip 12.0
"{CF756033-0095-B674-8950-E8C7188F73F5}" = CCC Help Portuguese
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel® Turbo Boost Technology Driver
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DA9660B6-F1DD-41D3-BA3C-E7F7BF9921B2}" = Catalyst Control Center - Branding
"{E366F338-BF6E-4165-BDDB-3DCCB3388F9F}" = HP Power Data
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E74EA3B1-7192-489D-9A57-0AE918FEC001}" = Corel Home Office - Launcher
"{E92D47A1-D27D-430A-8368-0BAFD956507D}" = HP Support Assistant
"{EEB023B5-8EBE-4BEB-90C8-BDA16ABEDBB4}" = HP Power Assistant
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F173C2B3-296F-458C-98FF-1676A42EBA02}" = HP Wallpaper
"{F2E65680-9A39-A666-5C77-11AAA25F9069}" = CCC Help Japanese
"{F3FD0824-91D9-7035-AF64-E8F918ACC9B8}" = Catalyst Control Center Graphics Previews Vista
"{F45048A1-12C4-4B08-A3EB-32D88033368A}" = Corel Home Office - Templates RU
"{F4C3814A-A45D-C8BC-66F4-426D0955E0ED}" = ATI Catalyst Install Manager
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"{FCDA0BA4-E6C9-7493-3CCD-59277A65B537}" = CCC Help Greek
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"A6A8668C0A13640CA28FE2A7D9654BE4AE478B13" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ArcSoft TotalMedia" = ArcSoft TotalMedia
"AVG9Uninstall" = AVG Free 9.0
"B7541EC5F72AA713F557569278EB6273725F5607" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"Drive Encryption" = Drive Encryption for HP ProtectTools
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"HPProtectTools" = HP ProtectTools Security Manager
"InstallShield_{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}" = Theft Recovery
"InstallShield_{CB65A1C3-533D-4EA6-82B5-FBA926F19079}" = Face Recognition for HP ProtectTools
"LiveUpdate" = LiveUpdate 3.3 (Symantec Corporation)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.1.1800
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PDF Complete" = PDF Complete Special Edition
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinLiveSuite_Wave3" = Windows Live Essentials
"YTdetect" = Yahoo! Detect

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 7/28/2011 12:00:01 PM | Computer Name = KellyR-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 7/28/2011 12:13:13 PM | Computer Name = KellyR-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/1/2011 11:30:31 PM | Computer Name = KellyR-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/1/2011 11:30:34 PM | Computer Name = KellyR-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/1/2011 11:31:18 PM | Computer Name = KellyR-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/1/2011 11:31:20 PM | Computer Name = KellyR-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/1/2011 11:31:38 PM | Computer Name = KellyR-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/2/2011 1:44:05 AM | Computer Name = KellyR-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/2/2011 12:47:26 PM | Computer Name = KellyR-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

Error - 8/2/2011 12:47:28 PM | Computer Name = KellyR-HP | Source = SideBySide | ID = 16842785
Description = Activation context generation failed for "C:\windows\system32\conhost.exe".
Dependent
Assembly Microsoft.Windows.SystemCompatible,processorArchitecture="x86",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.7600.16823"
could not be found. Please use sxstrace.exe for detailed diagnosis.

[ HP Power Assistant Events ]
Error - 8/23/2011 3:44:02 PM | Computer Name = KellyR-HP | Source = HP PA Application | ID = 0
Description = Device not found in the dat file (planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B).

Error - 8/23/2011 3:44:02 PM | Computer Name = KellyR-HP | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B). at HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) at HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) at HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)

at HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)

Error - 8/23/2011 4:02:45 PM | Computer Name = KellyR-HP | Source = HP PA Application | ID = 0
Description = Device not found in the dat file (planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B).

Error - 8/23/2011 4:02:45 PM | Computer Name = KellyR-HP | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B). at HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) at HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) at HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)

at HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)

Error - 8/23/2011 4:32:25 PM | Computer Name = KellyR-HP | Source = HP PA Application | ID = 0
Description = Device not found in the dat file (planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B).

Error - 8/23/2011 4:32:25 PM | Computer Name = KellyR-HP | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B). at HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) at HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) at HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)

at HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)

Error - 8/23/2011 7:19:07 PM | Computer Name = KellyR-HP | Source = HP PA Application | ID = 0
Description = Device not found in the dat file (planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B).

Error - 8/23/2011 7:19:07 PM | Computer Name = KellyR-HP | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B). at HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) at HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) at HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)

at HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)

Error - 8/23/2011 7:32:07 PM | Computer Name = KellyR-HP | Source = HP PA Application | ID = 0
Description = Device not found in the dat file (planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B).

Error - 8/23/2011 7:32:07 PM | Computer Name = KellyR-HP | Source = HP PA Application | ID = 0
Description = HPPA_Main.IncompleteDatFileException Device not found in the dat file
(planName=HP powerSource=AC deviceId=PCI\VEN_168C&DEV_002B). at HPPA_Main.DatFileAccess.LogError(Nullable`1
throwException, String formatString, Object[] args) at HPPA_Main.DatFileAccess.EnsureDevicesExist(PowerUsage
pu) at HPPA_Main.DatFileAccess.EnsurePowerUsagesExist(Boolean throwOnSystemIdNotFound)

at HPPA_Main.DatFileAccess.IsValid(Boolean throwOnSystemIdNotFound)

[ HP Wireless Assistant Events ]
Error - 8/10/2011 10:39:47 PM | Computer Name = KellyR-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext
()

at HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 8/21/2011 3:59:42 PM | Computer Name = KellyR-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext
()

at HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 8/21/2011 3:59:42 PM | Computer Name = KellyR-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext
()

at HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 8/21/2011 4:09:28 PM | Computer Name = KellyR-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext
()

at HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 8/21/2011 4:09:28 PM | Computer Name = KellyR-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext
()

at HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 8/21/2011 7:18:30 PM | Computer Name = KellyR-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException The RPC server is unavailable.
(Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.SinkForEventQuery.Cancel()
at System.Management.ManagementEventWatcher.Stop() at MessageHandlers.MessageHandler.stopListening()

Error - 8/21/2011 7:18:31 PM | Computer Name = KellyR-HP | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException (0x800706BA): The RPC
server is unavailable. (Exception from HRESULT: 0x800706BA) at System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
errorCode, IntPtr errorInfo) at System.Management.SinkForEventQuery.Cancel()
at System.Management.ManagementEventWatcher.Stop() at System.Management.ManagementEventWatcher.Finalize()

Error - 8/23/2011 1:38:35 PM | Computer Name = KellyR-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext
()

at HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 8/23/2011 1:39:54 PM | Computer Name = KellyR-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext
()

at HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

Error - 8/23/2011 1:39:54 PM | Computer Name = KellyR-HP | Source = HP WA Service | ID = 0
Description = System.Management.ManagementException Not supported at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus
errorCode) at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext
()

at HPPA_Service.CurrentConfiguration.GetPanelBrightnessPercentage()

[ System Events ]
Error - 2/8/2011 11:38:38 AM | Computer Name = KellyR-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HP Power Assistant Service service.

Error - 2/12/2011 12:21:41 AM | Computer Name = KellyR-HP | Source = NetBT | ID = 4311
Description = Initialization failed because the driver device could not be created.
Use
the string "D8D385E93AEB" to identify the interface for which initialization failed.
It represents the MAC address of the failed interface or the Globally Unique Interface
Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither
the MAC address nor the GUID were available, the string represents a cluster device
name.

Error - 2/12/2011 12:21:41 AM | Computer Name = KellyR-HP | Source = NetBT | ID = 4311
Description = Initialization failed because the driver device could not be created.
Use
the string "D8D385E93AEB" to identify the interface for which initialization failed.
It represents the MAC address of the failed interface or the Globally Unique Interface
Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither
the MAC address nor the GUID were available, the string represents a cluster device
name.

Error - 3/7/2011 3:01:00 PM | Computer Name = KellyR-HP | Source = Service Control Manager | ID = 7000
Description = The Intel® Management & Security Application User Notification Service
service failed to start due to the following error: %%109

Error - 3/13/2011 10:30:54 PM | Computer Name = KellyR-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HP Wireless Assistant Service service.

Error - 3/29/2011 7:41:08 AM | Computer Name = KellyR-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HP Wireless Assistant Service service.

Error - 3/30/2011 4:11:44 PM | Computer Name = KellyR-HP | Source = EventLog | ID = 6008
Description = The previous system shutdown at 4:11:42 PM on ?29/?03/?2011 was unexpected.

Error - 4/13/2011 4:20:45 PM | Computer Name = KellyR-HP | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the HP Wireless Assistant Service service.

Error - 6/2/2011 12:47:52 PM | Computer Name = KellyR-HP | Source = DCOM | ID = 10010
Description =

Error - 6/2/2011 12:47:57 PM | Computer Name = KellyR-HP | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80080005: Update for Windows 7 (KB2534366).

< End of report >

#6 Kellydawn

New Member

Authentic Member
9 posts

Posted 23 August 2011 - 05:52 PM

by the way, I by mistake said earlier that I had vista but I have Windows 7! SORRY

#7 mowman

SuperMember

Malware Team
2,669 posts

Posted 24 August 2011 - 02:42 AM

We need to run Combofix,to do this you will have to uninstall AVG first as it conflicts with it.Use the removal tool from the link below (top one).Do not reinstall until we are finished.
http://www.avg.com/us-en/utilities

Download Combofix from either of the links below, and save it to your desktop.

Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.

When finished, it will produce a report for you.
Please post the C:\ComboFix.txt for further review.

#8 Kellydawn

New Member

Authentic Member
9 posts

Posted 24 August 2011 - 10:59 AM

I can't get into Internet explorer now so can't post the report... Doing this on my phone

#9 mowman

SuperMember

Malware Team
2,669 posts

Posted 24 August 2011 - 02:13 PM

When did this happen,did you manage to run Combofix,if so reboot the computer and see if you have internet back.

#10 Kellydawn

New Member

Authentic Member
9 posts

Posted 24 August 2011 - 09:10 PM

I ran it and everything is gone off my computer now!

#11 mowman

SuperMember

Malware Team
2,669 posts

Posted 25 August 2011 - 02:10 AM

What do you mean when you say everything is gone,you need to be very specific,do you have a log from Combofix,it should be at C:combofix.txt

#12 mowman

SuperMember

Malware Team
2,669 posts

Posted 28 August 2011 - 10:57 AM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic

Body Background

skin color theme