Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PC Antispyware 2010


  • Please log in to reply
10 replies to this topic

#1 sbarron7

sbarron7

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 09 September 2009 - 08:49 AM

This is my first post so please bear with me. I am no computer whiz, but I will try to give you all the info you rneed. I am infected with PC Antispyware 2010. I did a google search, and downloaded and ran SpyDoctor. I was also able to download Spybot, but it will not let me access it ( I keep getting the message that I do not have permission. I was able to run Spydoctor , & it cleared up some aspects of the Spyware, but not all. I cannot access my task manager & it redirects my searches.

I am currently running Windows XP. Please let mne know what other information you need to help me.

Thanks in advance
:thumbsup:

BC AdBot (Login to Remove)

 


#2 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:04 AM

Posted 09 September 2009 - 10:17 PM

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen:
  • Click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
  • Exit MBAM when done.
Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#3 sbarron7

sbarron7
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 10 September 2009 - 12:22 PM

Thanks for getting back to me so quickly. Iwas able to download the file successfully, but when I clicked the start scan, the window closed. Now when I try to open it up again, I get the window stating "Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item".

Not sure where to go from here...

#4 sbarron7

sbarron7
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 10 September 2009 - 02:34 PM

Just wanted to add that I will be out of town so I will not be able to check back until late Sunday or monday morning...

#5 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:04 AM

Posted 10 September 2009 - 04:45 PM

We Need to check for Rootkits with RootRepeal
  • Download RootRepeal from the following location and save it to your desktop.
  • Extract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).
  • Open Posted Image on your desktop.
  • Click the Posted Image tab.
  • Click the Posted Image button.
  • Check all seven boxes: Posted Image
  • Push Ok
  • Check the box for your main system drive (Usually C:), and press Ok.
  • Allow RootRepeal to run a scan of your system. This may take some time.
  • Once the scan completes, push the Posted Image button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#6 sbarron7

sbarron7
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 14 September 2009 - 07:36 AM

Once again, I was able to download the file successfully, but when I clicked the scan button, the window closed, and I get the same message when I try to open it up "Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item". I then tried to run it directly from the site, but was unalbe to do so. I got the error message "Could not load driver (Oxc0000035)!

#7 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:04 AM

Posted 14 September 2009 - 04:05 PM

  • Please download System Repair Engineer from here
  • Unzip/extract sreng2.zip to a folder on your desktop
  • Double-click on SREngLdr.EXE to launch System Repair Engineer
  • Click the Smart Scan Icon
  • Click Scan
  • Wait for the scan to finish
  • Click on the Save Reports button
  • Save it to your desktop, using the recommended name of SREngLOG.log
  • Close System Repair Engineer
  • Use notepad to open the SREngLOG.log file
  • Copy & paste the contents of that file as a reply to this topic
  • Note: The log may be long, and you may need several posts to post all of it
  • If you are using a custom HOSTS file, please leave out the HOSTS File section, as it will make the log far too long

The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw

#8 sbarron7

sbarron7
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 15 September 2009 - 07:41 AM

Thanks for your help. Here is the 1st part of the log:

[code=auto:0]

2009-09-15,07:34:02

System Repair Engineer 2.8.1.1279
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Running Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Scheduled Tasks
Windows Security Update Check
API HOOK
Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher]
<SUPERAntiSpyware><C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe> []
<braviax><C:\WINDOWS\system32\braviax.exe> []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<nwiz><nwiz.exe /installquiet> []
<NVHotkey><rundll32.exe nvHotkey.dll,Start> [NVIDIA Corporation]
<NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SigmatelSysTrayApp><%ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<Broadcom Wireless Manager UI><C:\WINDOWS\system32\WLTRAY.exe> [Dell Inc.]
<Apoint><C:\Program Files\DellTPad\Apoint.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<Dell QuickSet><C:\Program Files\Dell\QuickSet\quickset.exe> [Dell Inc.]
<ShStatEXE><"C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE> [(Verified)"McAfee, Inc."]
<McAfeeUpdaterUI><"C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey> [(Verified)"McAfee, Inc."]
<Adobe Reader Speed Launcher><"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"]
<SunJavaUpdateSched><"C:\Program Files\Java\jre6\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
<DVDLauncher><"C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"> [CyberLink Corp.]
<ISUSPM Startup><C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup> [InstallShield Software Corporation]
<ISUSScheduler><"C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start> [InstallShield Software Corporation]
<Acrobat Assistant 7.0><"C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"> [Adobe Systems Inc.]
<ACQTMOUSE><"C:\Program Files\Mouse Setting\Mouse Setting Software\4.0\ACQTMAPP.exe"> []
<QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Inc.]
<ISTray><"C:\Program Files\Spyware Doctor\pctsTray.exe"> [(Verified)PC Tools]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [File is missing]
<braviax><C:\WINDOWS\system32\braviax.exe> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><C:\WINDOWS\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
<WinlogonNotify: WgaLogon><WgaLogon.dll> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
<Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\WINDOWS\system32\logon.scr> [(Verified)Microsoft Windows Component Publisher]

==================================
Startup Folders
[Adobe Acrobat Speed Launcher]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk --> C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe [N/A]><N>
[Adobe Gamma Loader]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk --> C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [Adobe Systems, Inc.]><N>
[AutoCAD Startup Accelerator]
<C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AutoCAD Startup Accelerator.lnk --> C:\PROGRA~1\COMMON~1\AUTODE~1\ACSTAR~1.EXE [Autodesk, Inc]><N>
[OUTLOOK]
<C:\Documents and Settings\sabarron\Start Menu\Programs\Startup\OUTLOOK.lnk --> C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE [Microsoft Corporation]><N>

==================================
Services
[Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start]
<"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk, Inc.>
[Intuit Update Service / IntuitUpdateService][Running/Auto Start]
<"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe"><Intuit Inc.>
[Java Quick Starter / JavaQuickStarterService][Running/Auto Start]
<"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"><Sun Microsystems, Inc.>
[McAfee Framework Service / McAfeeFramework][Running/Auto Start]
<"C:\Program Files\McAfee\Common Framework\FrameworkService.exe" /ServiceStart><McAfee, Inc.>
[McAfee McShield / McShield][Running/Auto Start]
<"C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe"><McAfee, Inc.>
[McAfee Task Manager / McTaskManager][Running/Auto Start]
<"C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe"><McAfee, Inc.>
[NICCONFIGSVC / NICCONFIGSVC][Running/Auto Start]
<C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe><Dell Inc.>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[PC Tools Auxiliary Service / sdAuxService][Running/Auto Start]
<C:\Program Files\Spyware Doctor\pctsAuxs.exe><PC Tools>
[PC Tools Security Service / sdCoreService][Running/Auto Start]
<C:\Program Files\Spyware Doctor\pctsSvc.exe><PC Tools>
[STOPzilla Service / szserver][Stopped/Auto Start]
<"C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe"><N/A>
[Dell Wireless WLAN Tray Service / wltrysvc][Running/Auto Start]
<C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe><N/A>

==================================
Drivers
[ACRUSBTM / ACRUSBTM][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\ACRUSBTM.SYS><>
[Alps Touch Pad Filter Driver for Windows 2000/XP/Vista / ApfiltrService][Running/Manual Start]
<system32\DRIVERS\Apfiltr.sys><Alps Electric Co., Ltd.>
[APPDRV / APPDRV][Running/System Start]
<\SystemRoot\SYSTEM32\DRIVERS\APPDRV.SYS><Dell Inc>
[Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start]
<system32\DRIVERS\b57xp32.sys><Broadcom Corporation>
[Dell Wireless WLAN Card Driver / BCM43XX][Running/Manual Start]
<system32\DRIVERS\bcmwl5.sys><Broadcom Corporation>
[Logitech QuickCam Pro 3000(CamDrl) / CamDrL][Stopped/Manual Start]
<system32\DRIVERS\Camdrl.sys><Logitech Inc.>
[guardian2 / guardian2][Running/Manual Start]
<System32\Drivers\oz776.sys><O2Micro>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows ® Server 2003 DDK provider>
[HSF_DPV / HSF_DPV][Running/Manual Start]
<system32\DRIVERS\HSX_DPV.sys><Conexant Systems, Inc.>
[HSXHWAZL / HSXHWAZL][Running/Manual Start]
<system32\DRIVERS\HSXHWAZL.sys><Conexant Systems, Inc.>
[IdeaCom HID Touch Screen Driver (PS/2) / IdcPHid][Stopped/Manual Start]
<system32\DRIVERS\idcphid.sys><IdeaCom Technology Inc.>
[Logitech USB Monitor Filter / LVUSBSta][Stopped/Manual Start]
<system32\DRIVERS\LVUSBSta.sys><Logitech Inc.>
[mdmxsdk / mdmxsdk][Running/Auto Start]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[McAfee Inc. / mfeapfk][Running/Manual Start]
<system32\drivers\mfeapfk.sys><McAfee, Inc.>
[McAfee Inc. / mfeavfk][Running/Manual Start]
<system32\drivers\mfeavfk.sys><McAfee, Inc.>
[McAfee Inc. / mfebopk][Running/Manual Start]
<system32\drivers\mfebopk.sys><McAfee, Inc.>
[McAfee Inc. / mfehidk][Running/Manual Start]
<system32\drivers\mfehidk.sys><McAfee, Inc.>
[VSCore mferkdk / mferkdk][Running/System Start]
<\??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys><McAfee, Inc.>
[McAfee Inc. / mfetdik][Running/System Start]
<system32\drivers\mfetdik.sys><McAfee, Inc.>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[NWADI Bus Enumerator / NWADI][Running/Manual Start]
<system32\DRIVERS\NWADIenum.sys><Novatel Wireless Inc>
[Novatel Wireless USB Modem Driver / NWUSBModem][Running/Manual Start]
<system32\DRIVERS\nwusbmdm.sys><Novatel Wireless Inc.>
[Novatel Wireless USB Status Port Driver / NWUSBPort][Running/Manual Start]
<system32\DRIVERS\nwusbser.sys><Novatel Wireless Inc.>
[PCTools KDS / PCTCore][Running/Boot Start]
<\SystemRoot\system32\drivers\PCTCore.sys><PC Tools>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[rootrepeal / rootrepeal][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\rootrepeal.sys><N/A>
[rootrepeal[1] / rootrepeal[1]][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\rootrepeal[1].sys><N/A>
[SASKUTIL / SASKUTIL][Stopped/System Start]
<\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys><N/A>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start]
<system32\drivers\sthda.sys><SigmaTel, Inc.>
[Conexant Setup API / UIUSys][Stopped/Manual Start]
<system32\DRIVERS\UIUSYS.SYS><N/A>
[winachsf / winachsf][Running/Manual Start]
<system32\DRIVERS\HSX_CNXT.sys><Conexant Systems, Inc.>

#9 sbarron7

sbarron7
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 15 September 2009 - 07:43 AM

Here is the 2nd part of log:

==================================
Browser Add-ons
[&Research]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>
[Office Genuine Advantage Validation Tool]
{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} <C:\WINDOWS\system32\OGACheckControl.DLL, (Signed) >
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\Adobe\Director\SwDir.dll, (Signed) Adobe Systems, Inc.>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[Java Plug-in 1.6.0_10]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[]
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, >
[Java Plug-in 1.6.0_10]
{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Java Plug-in 1.6.0_10]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre6\bin\npjpi160_10.dll, (Signed) Sun Microsystems, Inc.>
[Oberon Flash Game Host]
{D0C0F75C-683A-4390-A791-1ACFD5599AB8} <C:\WINDOWS\Downloaded Program Files\OberonGameHost.dll, (Signed) Oberon Media, Inc.>
[Microsoft Office Template and Media Control]
{02BCC737-B171-4746-94C9-0D8A0B2C0089} <C:\PROGRA~1\MICROS~2\OFFICE11\IEAWSDC.DLL, (Signed) >
[QuickTime Object]
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} <C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[Office Genuine Advantage Validation Tool]
{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} <C:\WINDOWS\system32\OGACheckControl.DLL, (Signed) >
[AcroIEHlprObj Class]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>
[]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, >
[InformationCardSigninHelper Class]
{19916E01-B44E-4E31-94A4-4696DF46157B} <C:\WINDOWS\system32\icardie.dll, (Signed) Microsoft Corporation>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[Shockwave ActiveX Control]
{233C1507-6A77-46A4-9443-F871F945D258} <C:\WINDOWS\system32\Adobe\Director\swdir.dll, (Signed) Adobe Systems, Inc.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XSL Template]
{2933BF94-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[IETag Factory]
{38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, (Signed) Microsoft Corporation>
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69} <C:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[Microsoft Office Control]
{4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} <C:\PROGRA~1\MICROS~2\OFFICE11\AUTHZAX.DLL, (Signed) Microsoft Corporation>
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
{53707962-6F74-2D53-2644-206D7942484F} <, >
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Java™ Plug-In SSV Helper]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre6\bin\ssv.dll, (Signed) Sun Microsystems, Inc.>
[scriptproxy]
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} <C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll, (Signed) McAfee, Inc.>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[XML DOM Document 4.0]
{88D969C0-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML HTTP 4.0]
{88D969C5-F192-11D4-A65F-0040963251E5} <c:\WINDOWS\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML HTTP 5.0]
{88D969EA-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
{88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[Free Threaded XML DOM Document 6.0]
{88D96A06-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XSL Template 6.0]
{88D96A08-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[XML HTTP 6.0]
{88D96A0A-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[Adobe PDF Conversion Menu Helper]
{8AD0743E-113B-4E26-BA21-1E9A71098F41} <C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>
[Java Plug-in 1.6.0_10]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre6\bin\jp2iexp.dll, >
[Microsoft Terminal Services Client Control (redist)]
{9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[Adobe PDF Conversion Toolbar Helper]
{AE7CD045-E861-484F-8273-0445EE161910} <C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>
[Adobe Acrobat 7.0 Browser Control]
{CA8A9780-280D-11CF-A24D-444553540000} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll, (Signed) Adobe Systems, Inc.>
[Deployment Toolkit]
{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} <C:\WINDOWS\system32\deploytk.dll, (Signed) Sun Microsystems, Inc.>
[AUDIO__MID Moniker Class]
{CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Oberon Flash Game Host]
{D0C0F75C-683A-4390-A791-1ACFD5599AB8} <C:\WINDOWS\Downloaded Program Files\OberonGameHost.dll, (Signed) Oberon Media, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.>
[Java™ Plug-In 2 SSV Helper]
{DBC80044-A445-435B-BC74-9C25C1C588A9} <C:\Program Files\Java\jre6\bin\jp2ssv.dll, Sun Microsystems, Inc.>
[QuickTimeCheck Class]
{DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\Program Files\QuickTime\QTSystem\QuickTimeCheck.ocx, (Signed) Apple Inc.>
[]
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} <, >
[Microsoft Silverlight]
{DFEAF541-F3E1-4C24-ACAC-99C30715084A} <c:\Program Files\Microsoft Silverlight\2.0.40115.0\npctrl.dll, (Signed) Microsoft Corporation>
[]
{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[JQSIEStartDetectorImpl Class]
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} <C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll, Sun Microsystems, Inc.>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Free Threaded XML DOM Document 3.0]
{F5078F33-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XSL Template 3.0]
{F5078F36-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML DOM Document]
{F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Free Threaded XML DOM Document]
{F6D90F12-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[Convert link target to Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[Convert link target to existing PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[Convert selected links to Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html, N/A>
[Convert selected links to existing PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html, N/A>
[Convert selection to Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[Convert selection to existing PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[Convert to Adobe PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[Convert to existing PDF]
<res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[E&xport to Microsoft Excel]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

#10 sbarron7

sbarron7
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:06:04 PM

Posted 15 September 2009 - 07:45 AM

Here is the 3rd part of log:

==================================
Running Processes
[PID: 776 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 864 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 896 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 940 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 952 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 1116 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 1188 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 1228 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 1348 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[PID: 1380 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[PID: 1516 / SYSTEM][C:\WINDOWS\System32\WLTRYSVC.EXE] [N/A, ]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 1564 / SYSTEM][C:\WINDOWS\System32\bcmwltry.exe] [Dell Inc., 4.170.77.13]
[C:\WINDOWS\System32\bcm1xsup.dll] [N/A, ]
[C:\WINDOWS\System32\bcmwlpkt.dll] [CACE Technologies, 3, 1, 0, 27]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80ENU.DLL] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\System32\wltrynt.dll] [Broadcom Corporation, 4.170.77.13]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 1616 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\WINDOWS\system32\AdobePDF.dll] [Adobe Systems Incorporated., 7.0.0.00]
[C:\Program Files\Adobe\Acrobat 7.0\Distillr\adistres.dll] [Adobe Systems Incorporated., 7.1.0.2008042300]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 1672 / LOCAL SERVICE][C:\WINDOWS\System32\SCardSvr.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 1736 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[PID: 1812 / SYSTEM][C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe] [Intuit Inc., 1.0.24.0]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.dll] [Intuit Inc., 1.0.24.0]
[C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract\1.0.0.0__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateService.PluginContract.dll] [Intuit Inc., 1.0.24.0]
[C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Application.UpdateServicePlugin.dll] [Intuit Inc., 2.1.72.22]
[C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.Common\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.Common.dll] [Intuit Inc., 2.1.72.22]
[C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Core\2.0.145.4__540d4816ead86321\Intuit.Spc.Esd.Core.dll] [Intuit Inc., 2.0.145.4]
[C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Ipc.Remoting.UpdateServiceWorker.dll] [Intuit Inc., 2.1.72.22]
[C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Logging\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Logging.dll] [Intuit Inc., 3.1.2.2]
[C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Portability\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Portability.dll] [Intuit, Inc., 3.1.2.2]
[C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.ExceptionHandling\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.ExceptionHandling.dll] [Intuit Inc., 3.1.2.2]
[C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Foundations.Primary.Config\3.1.2.2__540d4816ead86321\Intuit.Spc.Foundations.Primary.Config.dll] [Intuit Inc., 3.1.2.2]
[C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.WinClient.Api.Net\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.WinClient.Api.Net.dll] [Intuit Inc., 2.1.72.22]
[C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.DataAccess\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.DataAccess.dll] [Intuit Inc., 2.1.72.22]
[C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Esd.Client.BusinessLogic\2.1.72.22__540d4816ead86321\Intuit.Spc.Esd.Client.BusinessLogic.dll] [Intuit Inc., 2.1.72.22]
[C:\WINDOWS\assembly\GAC_32\System.Data.SQLite\1.0.56.0__28c9bcd4dddc48a1\System.Data.SQLite.dll] [, 1.0.56.0]
[C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.Reporter\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.Reporter.dll] [, 4.0.114.0]
[C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\WINDOWS\assembly\GAC_MSIL\Intuit.Spc.Map.WindowsFirewallUtilities\4.0.114.0__7ce6deabcb36a8ea\Intuit.Spc.Map.WindowsFirewallUtilities.dll] [Intuit, 4.0.114.0]
[C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 1872 / SYSTEM][C:\Program Files\Java\jre6\bin\jqs.exe] [Sun Microsystems, Inc., 6.0.100.33]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 1896 / SYSTEM][C:\Program Files\McAfee\Common Framework\FrameworkService.exe] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\nailog3.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\naxml3_71.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\McAfee\Common Framework\naCmnLib3_71.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\applib.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\cryptocme2.dll] [N/A, ]
[C:\Program Files\McAfee\Common Framework\0409\AgentRes.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\Logging.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\UserSpace.Dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\SecureFrameworkFactory3.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\Management.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\naPolicyManager.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\UpdateSubSys.Dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\updater.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\ipcchannel.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\boost_thread-vc71-mt-1_32.dll] [N/A, ]
[C:\Program Files\McAfee\Common Framework\mfeCmnLib71.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\Scheduler.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\Agent.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\nainet.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\mfecurl.dll] [McAfee, Inc., 1.0.0.151]
[C:\Program Files\McAfee\Common Framework\mfezlib.dll] [McAfee, Inc., 1.0.0.151]
[C:\Program Files\McAfee\Common Framework\inetmgr.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\naSPIPE.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\cmalib.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\ListenServer.dll] [McAfee, Inc., 4.0.0.1345]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\Program Files\McAfee\Common Framework\TCSubSys.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\McAfee\Common Framework\Genevtinf3.dll] [McAfee, Inc., 4.0.0.1345]
[PID: 1948 / SYSTEM][C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\Program Files\McAfee\VirusScan Enterprise\LockDown.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\Program Files\McAfee\VirusScan Enterprise\mytilus.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\Program Files\McAfee\VirusScan Enterprise\mytilus2.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\Program Files\McAfee\VirusScan Enterprise\RES0900\McShield.dll] [McAfee, Inc., VSCORE.13.3.2.123]
[C:\Program Files\McAfee\VirusScan Enterprise\FTL.Dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\Program Files\McAfee\VirusScan Enterprise\naiann.dll] [McAfee, Inc., 8.5.0.895]
[C:\Program Files\McAfee\VirusScan Enterprise\VsEvntUI.dll] [N/A, ]
[C:\Program Files\McAfee\VirusScan Enterprise\NAEvent.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\Program Files\McAfee\VirusScan Enterprise\shutil.dll] [McAfee, Inc., 8.5.0.895]
[C:\Program Files\McAfee\VirusScan Enterprise\wmain.dll] [McAfee, Inc., 8.5.0.781]
[C:\Program Files\McAfee\Common Framework\Genevtinf3.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\VirusScan Enterprise\scriptsv.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\Program Files\Common Files\McAfee\Engine\mcscan32.dll] [McAfee, Inc., 5.3.00]
[C:\Program Files\Common Files\McAfee\Engine\mc5300up.001] [McAfee, Inc., 5.3.00]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\McAfee\VirusScan Enterprise\mfebopa.dll] [McAfee, Inc., SYSCORE.13.3.0.139.x86]
[C:\Program Files\McAfee\VirusScan Enterprise\mfehida.dll] [McAfee, Inc., SYSCORE.13.3.0.139.x86]
[C:\Program Files\McAfee\VirusScan Enterprise\mfeapfa.dll] [McAfee, Inc., SYSCORE.13.3.0.139.x86]
[C:\Program Files\McAfee\VirusScan Enterprise\mfeavfa.dll] [McAfee, Inc., SYSCORE.13.3.0.139.x86]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 1992 / SYSTEM][C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe] [McAfee, Inc., 8.5.0.895]
[C:\Program Files\McAfee\VirusScan Enterprise\LockDown.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\Program Files\McAfee\VirusScan Enterprise\mytilus2.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\Program Files\McAfee\VirusScan Enterprise\mytilus.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\Program Files\McAfee\VirusScan Enterprise\shutil.dll] [McAfee, Inc., 8.5.0.895]
[C:\Program Files\McAfee\VirusScan Enterprise\wmain.dll] [McAfee, Inc., 8.5.0.781]
[C:\Program Files\McAfee\VirusScan Enterprise\condl.dll] [McAfee, Inc., 8.5.0.857]
[C:\Program Files\McAfee\VirusScan Enterprise\RES0900\McShield.dll] [McAfee, Inc., VSCORE.13.3.2.123]
[C:\Program Files\McAfee\VirusScan Enterprise\MIDUtil.Dll] [McAfee, Inc., 8.5.0.148]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\McAfee\VirusScan Enterprise\BBCpl.dll] [McAfee, Inc., 8.5.0.895]
[C:\Program Files\McAfee\VirusScan Enterprise\coptcpl.dll] [McAfee, Inc., 8.5.0.857]
[C:\Program Files\McAfee\VirusScan Enterprise\EmCfgCpl.dll] [McAfee, Inc., 8.5.0.781]
[C:\Program Files\McAfee\VirusScan Enterprise\nvpcpl.dll] [McAfee, Inc., 8.5.0.781]
[C:\Program Files\McAfee\VirusScan Enterprise\ftcfg.dll] [McAfee, Inc., 8.5.0.895]
[C:\Program Files\McAfee\VirusScan Enterprise\OASCpl.dll] [McAfee, Inc., 8.5.0.857]
[C:\Program Files\McAfee\VirusScan Enterprise\QuarCpl.dll] [McAfee, Inc., 8.5.0.781]
[C:\Program Files\McAfee\VirusScan Enterprise\vsodscpl.dll] [McAfee, Inc., 8.5.0.895]
[C:\Program Files\McAfee\VirusScan Enterprise\VsEvntUI.dll] [N/A, ]
[C:\Program Files\McAfee\VirusScan Enterprise\NAEvent.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\Program Files\McAfee\VirusScan Enterprise\ftl.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\Program Files\McAfee\Common Framework\SecureFrameworkFactory3.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\VirusScan Enterprise\vsupdcpl.dll] [McAfee, Inc., 8.5.0.857]
[PID: 248 / SYSTEM][C:\Program Files\McAfee\Common Framework\naPrdMgr.exe] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\naxml3_71.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\McAfee\Common Framework\nailog3.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\naCmnLib3_71.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\applib.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\cryptocme2.dll] [N/A, ]
[C:\Program Files\McAfee\Common Framework\0409\AgentRes.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\agentplugin.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\mfeCmnLib71.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\VirusScan Enterprise\VsPlugin.dll] [McAfee, Inc., 8.5.0.895]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\McAfee\Common Framework\PCRPlug.dll] [Network Associates, Inc., 3.5.0.412]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[PID: 300 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 452 / SYSTEM][C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe] [Dell Inc., 8, 3, 11, 0]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 492 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.11.5683]
[C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.5683]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 520 / SYSTEM][C:\Program Files\Spyware Doctor\pctsAuxs.exe] [PC Tools, 6, 1, 0, 12]
[C:\Program Files\Spyware Doctor\PCTWSC.dll] [PC Tools, 2, 0, 1, 6]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 572 / SYSTEM][C:\Program Files\Spyware Doctor\pctsSvc.exe] [PC Tools, 6.1.0.58]
[C:\Program Files\Spyware Doctor\rtl100.bpl] [CodeGear, 11.0.2902.10471]
[C:\Program Files\Spyware Doctor\vcl100.bpl] [CodeGear, 11.0.2902.10471]
[C:\Program Files\Spyware Doctor\SysAccess.dll] [PC Tools, 6.1.0.9]
[C:\Program Files\Spyware Doctor\CommOM.dll] [PC Tools, 6.1.0.23]
[C:\Program Files\Spyware Doctor\CommLib.dll] [PC Tools, 6.1.0.0]
[C:\Program Files\Spyware Doctor\sdcore.dll] [PC Tools, 6.1.0.10]
[C:\Program Files\Spyware Doctor\commhlpr.dll] [PC Tools, 6.1.0.4]
[C:\Program Files\Spyware Doctor\RegHelper.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\inethlpr.dll] [PC Tools, 6.1.0.27]
[C:\Program Files\Spyware Doctor\filehlpr.dll] [PC Tools, 6.1.0.15]
[C:\Program Files\Common Files\PC Tools\KDS\KDSInterface.dll] [PC Tools, 2, 0, 0, 51]
[C:\Program Files\Spyware Doctor\FileStorage.sdp] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\Settings.sdp] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\IDBLib.sdp] [PC Tools, 6.1.0.9]
[C:\Program Files\Spyware Doctor\SDInfo.sdp] [PC Tools, 6.1.0.24]
[C:\Program Files\Spyware Doctor\SDExtra.sdp] [PC Tools, 6.1.0.29]
[C:\Program Files\Spyware Doctor\Immunizer.sdp] [PC Tools, 6.1.0.5]
[C:\Program Files\Spyware Doctor\Localizer.sdp] [PC Tools, 6.1.0.5]
[C:\Program Files\Spyware Doctor\NfyMan.sdp] [PC Tools, 6.1.0.7]
[C:\Program Files\Spyware Doctor\quarantine.sdp] [PC Tools, 6.1.0.6]
[C:\Program Files\Spyware Doctor\BH.dll] [PC Tools, 6.1.0.12]
[C:\Program Files\Spyware Doctor\RebootManager.sdp] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\scaneng.sdp] [PC Tools, 6.1.0.15]
[C:\Program Files\Spyware Doctor\SOFactory.sdp] [PC Tools, 6.1.0.8]
[C:\Program Files\Spyware Doctor\stasks.sdp] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\SystemMonitor.sdp] [PC Tools, 6.1.0.72]
[C:\Program Files\Spyware Doctor\whitelist.sdp] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\plugins\Behavior.sdp] [PC Tools, 6.1.0.22]
[C:\Program Files\Spyware Doctor\plugins\Browsers.SDP] [PC Tools, 6.1.0.16]
[C:\Program Files\Spyware Doctor\plugins\cookie.sdp] [PC Tools, 6.1.0.4]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\Program Files\Spyware Doctor\plugins\grAV.sdp] [PC Tools, 6.1.0.50]
[C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\Program Files\Spyware Doctor\plugins\grfiles.SDP] [PC Tools, 6.1.0.20]
[C:\Program Files\Spyware Doctor\plugins\grImmunizer.SDP] [PC Tools, 6.1.0.0]
[C:\Program Files\Spyware Doctor\plugins\grregistry.SDP] [PC Tools, 6.1.0.6]
[C:\Program Files\Spyware Doctor\PCToolsComponents.bpl] [PC Tools, 6.1.0.0]
[C:\Program Files\Spyware Doctor\SH.dll] [PC Tools, 6.1.0.8]
[C:\Program Files\Spyware Doctor\plugins\KLGuard.SDP] [PC Tools, 6.1.0.4]
[C:\Program Files\Spyware Doctor\plugins\Network.SDP] [PC Tools, 6.1.0.7]
[C:\Program Files\Spyware Doctor\plugins\Process.SDP] [PC Tools, 6.1.0.7]
[C:\Program Files\Spyware Doctor\plugins\ScriptEngine.SDP] [PC Tools, 6.1.0.5]
[C:\Program Files\Spyware Doctor\plugins\SDNET.SDP] [PC Tools, 6.1.0.5]
[C:\Program Files\Spyware Doctor\plugins\StartUp.SDP] [PC Tools, 6.1.0.11]
[C:\Program Files\Spyware Doctor\TFEngine\TFExtCli.dll] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\avengine\SDAVgate.dll] [PC Tools Research, 6, 5, 3, 58]
[C:\Program Files\Spyware Doctor\avengine\PCTAVEng.dll] [PC Tools Research Pty Ltd, 4.5.11.103]
[C:\Program Files\Spyware Doctor\NetworkLayer\PCTCFHook.dll] [, 1, 0, 15, 0]
[PID: 136 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 176 / sabarron][C:\Program Files\Spyware Doctor\pctsTray.exe] [PC Tools, 6.1.0.26]
[C:\Program Files\Spyware Doctor\rtl100.bpl] [CodeGear, 11.0.2902.10471]
[C:\Program Files\Spyware Doctor\vcl100.bpl] [CodeGear, 11.0.2902.10471]
[C:\Program Files\Spyware Doctor\SysAccess.dll] [PC Tools, 6.1.0.9]
[C:\Program Files\Spyware Doctor\CommOM.dll] [PC Tools, 6.1.0.23]
[C:\Program Files\Spyware Doctor\CommLib.dll] [PC Tools, 6.1.0.0]
[C:\Program Files\Spyware Doctor\PCToolsComponents.bpl] [PC Tools, 6.1.0.0]
[C:\Program Files\Spyware Doctor\sdinfo.sdp] [PC Tools, 6.1.0.24]
[C:\Program Files\Spyware Doctor\cdialogs.dll] [PC Tools, 6.1.0.24]
[C:\Program Files\Spyware Doctor\pwindow.dll] [PC Tools, 6.1.0.4]
[C:\Program Files\Common Files\PC Tools\KDS\KDSInterface.dll] [PC Tools, 2, 0, 0, 51]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[PID: 652 / SYSTEM][C:\WINDOWS\system32\CCM\CLICOMP\RemCtrl\Wuser32.exe] [Microsoft Corporation, 2.50.4253.3000]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 696 / SYSTEM][C:\WINDOWS\system32\CCM\CcmExec.exe] [Microsoft Corporation, 2.50.4253.3000 built by: SMS]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[PID: 2288 / NETWORK SERVICE][C:\WINDOWS\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[PID: 2632 / SYSTEM][C:\WINDOWS\system32\msiexec.exe] [(Verified) Microsoft Corporation, 3.1.4001.5512]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 2816 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 2824 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 3076 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 3244 / sabarron][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 16.1.63.0]
[C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll] [Autodesk, 16.1.63.0]
[C:\Program Files\McAfee\Common Framework\JrMac.dll] [McAfee, Inc., 1.0.0.127]
[C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0]
[C:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll] [Adobe Systems Inc., 7.0.7.2006011200\0]
[C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MFC71ENU.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\McAfee\VirusScan Enterprise\shext.dll] [McAfee, Inc., 8.5.0.781]
[C:\PROGRA~1\SPYWAR~1\SDCONT~1.DLL] [PC Tools, 6.1.0.4]
[C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll] [Malwarebytes Corporation, 1, 2, 0, 0]
[PID: 3356 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[PID: 3588 / sabarron][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[C:\WINDOWS\system32\nvHotkey.dll] [NVIDIA Corporation, 6.14.11.5683]
[PID: 3596 / sabarron][C:\WINDOWS\system32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[C:\WINDOWS\system32\NvMcTray.dll] [NVIDIA Corporation, 6.14.11.5683]
[C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.5683]
[PID: 3608 / sabarron][C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe] [SigmaTel, Inc., 1.0.5515.0 nd596 cp1]
[C:\Program Files\SigmaTel\C-Major Audio\WDM\STLang.dll] [SigmaTel, Inc., 1.0.5469.0 nd575 cp1]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[C:\WINDOWS\system32\stacapi.dll] [SigmaTel, Inc., 1.0.5515.0 nd596 cp1]
[PID: 3636 / sabarron][C:\WINDOWS\system32\WLTRAY.exe] [Dell Inc., 4.170.77.13]
[C:\WINDOWS\system32\preflib.dll] [N/A, ]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80ENU.DLL] [Microsoft Corporation, 8.00.50727.762]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[PID: 3720 / sabarron][C:\Program Files\DellTPad\Apoint.exe] [Alps Electric Co., Ltd., 7.0.101.204]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[C:\Program Files\DellTPad\Apoint.dll] [Alps Electric Co., Ltd., 5.5.104.336]
[C:\WINDOWS\system32\Vxdif.dll] [Alps Electric Co., Ltd., 6.0.3.17]
[C:\Program Files\DellTPad\EzAuto.dll] [Alps Electric Co., Ltd., 5.5.1.92]
[PID: 3792 / sabarron][C:\Program Files\Dell\QuickSet\quickset.exe] [Dell Inc., 8, 3, 11, 0]
[C:\Program Files\Dell\QuickSet\IWH9.dll] [Dell Inc., 8, 3, 11, 0]
[C:\Program Files\Dell\QuickSet\IWH10.dll] [Dell Inc., 8, 3, 11, 0]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[C:\Program Files\Dell\QuickSet\preflibcl.dll] [N/A, ]
[C:\WINDOWS\system32\preflib.dll] [N/A, ]
[C:\Program Files\Dell\QuickSet\dadkeyb.dll] [N/A, ]
[PID: 3848 / sabarron][C:\Program Files\DellTPad\ApMsgFwd.exe] [Alps Electric Co., Ltd., 7, 0, 0, 18]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[PID: 3872 / sabarron][C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE] [McAfee, Inc., 8.5.0.895]
[C:\Program Files\McAfee\VirusScan Enterprise\LockDown.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\Program Files\McAfee\VirusScan Enterprise\ftcfg.dll] [McAfee, Inc., 8.5.0.895]
[C:\Program Files\McAfee\VirusScan Enterprise\mytilus2.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\Program Files\McAfee\VirusScan Enterprise\mytilus.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\Program Files\McAfee\VirusScan Enterprise\wmain.dll] [McAfee, Inc., 8.5.0.781]
[C:\Program Files\McAfee\VirusScan Enterprise\shutil.dll] [McAfee, Inc., 8.5.0.895]
[C:\Program Files\McAfee\VirusScan Enterprise\RES0900\McShield.dll] [McAfee, Inc., VSCORE.13.3.2.123]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[C:\Program Files\McAfee\VirusScan Enterprise\Graphics.dll] [McAfee, Inc., 8.5.0.781]
[PID: 3876 / sabarron][C:\Program Files\DellTPad\HidFind.exe] [Alps Electric Co., Ltd., 7.0.0.26]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[PID: 4020 / sabarron][C:\Program Files\McAfee\Common Framework\udaterui.exe] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\nailog3.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\naCmnLib3_71.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\naxml3_71.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\McAfee\Common Framework\applib.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\cmalib.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\cryptocme2.dll] [N/A, ]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[C:\Program Files\McAfee\Common Framework\0409\UpdRes.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\0409\AgentRes.dll] [McAfee, Inc., 4.0.0.1345]
[C:\Program Files\McAfee\Common Framework\SecureFrameworkFactory3.dll] [McAfee, Inc., 4.0.0.1345]
[PID: 4088 / sabarron][C:\Program Files\DellTPad\Apntex.exe] [Alps Electric Co., Ltd., 7.0.1.27]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[C:\WINDOWS\system32\VXDIF.DLL] [Alps Electric Co., Ltd., 6.0.3.17]
[C:\Program Files\DellTPad\Apoint.DLL] [Alps Electric Co., Ltd., 5.5.104.336]
[PID: 1412 / sabarron][C:\Program Files\Java\jre6\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.100.33]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[PID: 1460 / sabarron][C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe] [CyberLink Corp., 3.00.0000]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[PID: 1808 / sabarron][C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe] [InstallShield Software Corporation, 3, 10, 100, 1155]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[PID: 2080 / sabarron][C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe] [Adobe Systems Inc., 7.1.0.2008042300]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[PID: 2096 / sabarron][C:\Program Files\Mouse Setting\Mouse Setting Software\4.0\ACQTMAPP.exe] [, 6.10.707.9]
[C:\Program Files\Mouse Setting\Mouse Setting Software\4.0\ACQDEVCL.DLL] [, 6.9.707.11]
[C:\Program Files\Mouse Setting\Mouse Setting Software\4.0\ACQTMDLL.DLL] [, 6, 9, 706, 24]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[PID: 2528 / sabarron][C:\Program Files\McAfee\Common Framework\McTray.exe] [McAfee, Inc., 1.0.0.127]
[C:\Program Files\McAfee\Common Framework\JrMac.dll] [McAfee, Inc., 1.0.0.127]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[PID: 2480 / sabarron][C:\WINDOWS\system32\braviax.exe] [N/A, ]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[PID: 2492 / sabarron][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[PID: 2508 / sabarron][C:\Program Files\Mouse Setting\Mouse Setting Software\4.0\ACQHIDCL.DAT] [, 6.9.706.24]
[C:\Program Files\Mouse Setting\Mouse Setting Software\4.0\ACQTMDLL.DLL] [, 6, 9, 706, 24]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[PID: 3512 / sabarron][C:\Program Files\Verizon Wireless\VZAccess Manager\VZAccess Manager.exe] [Smith Micro Software, Inc., 6.10.2]
[C:\Program Files\Verizon Wireless\VZAccess Manager\SMWAN.dll] [Smith Micro Software, Inc., 4.8.5]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[C:\Program Files\Verizon Wireless\VZAccess Manager\RESOURCE.DLL] [Smith Micro Software, Inc., 6.10.2]
[C:\Program Files\Verizon Wireless\VZAccess Manager\WmcNvtl32.dll] [Novatel Wireless Inc, 2, 0, 1, 1]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[PID: 3456 / sabarron][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 7.00.6000.16876 (vista_gdr.090625-2339)]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[C:\WINDOWS\system32\AcSignIcon.dll] [Autodesk, 16.1.63.0]
[C:\Program Files\Common Files\Microsoft Shared\INK\SKCHUI.DLL] [Microsoft Corporation, 1.0.1038.0]
[C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll] [Adobe Systems Incorporated, 7.0.9.2006121800]
[C:\WINDOWS\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx] [Adobe Systems, Inc., 10,0,12,36]
[C:\Program Files\Dell\QuickSet\dadkeyb.dll] [N/A, ]
[PID: 3148 / sabarron][C:\Program Files\Java\jre6\bin\jucheck.exe] [Sun Microsystems, Inc., 6.0.100.33]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]
[PID: 3696 / sabarron][C:\Documents and Settings\sabarron\Desktop\sreng2\SREngLdr.EXE] [Smallfrogs Studio, 2.8.1.1279]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[PID: 4060 / sabarron][C:\Documents and Settings\sabarron\Desktop\sreng2\SREeae110fc.EXE] [Smallfrogs Studio, 2.8.1.1279]
[C:\Program Files\Spyware Doctor\smum32.dll] [PC Tools, 6.1.0.2]
[C:\Program Files\Spyware Doctor\klg.dat] [PC Tools, 6.1.0.1]
[C:\Program Files\Spyware Doctor\pctgmhk.dll] [PC Tools, 6.1.0.9]
[C:\Documents and Settings\sabarron\Desktop\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[\\?\globalroot\Device\__max++>\6C893286.x86.dll] [N/A, ]
[C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll] [McAfee, Inc., VSCORE.13.3.2.123.x86]

And the 4th & part of log:

==================================
File Associations
.TXT Error. [C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR Error. [AutoCADScriptFile]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\SYSTEM32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost

==================================
Process Privileges Scan
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1516, C:\WINDOWS\SYSTEM32\WLTRYSVC.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 1516, C:\WINDOWS\SYSTEM32\WLTRYSVC.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1564, C:\WINDOWS\SYSTEM32\BCMWLTRY.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 1564, C:\WINDOWS\SYSTEM32\BCMWLTRY.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 452, C:\PROGRAM FILES\DELL\QUICKSET\NICCONFIGSVC.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 452, C:\PROGRAM FILES\DELL\QUICKSET\NICCONFIGSVC.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 3636, C:\WINDOWS\SYSTEM32\WLTRAY.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 3636, C:\WINDOWS\SYSTEM32\WLTRAY.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3636, C:\WINDOWS\SYSTEM32\WLTRAY.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 3792, C:\PROGRAM FILES\DELL\QUICKSET\QUICKSET.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 3792, C:\PROGRAM FILES\DELL\QUICKSET\QUICKSET.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3792, C:\PROGRAM FILES\DELL\QUICKSET\QUICKSET.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 1460, C:\PROGRAM FILES\CYBERLINK\POWERDVD\DVDLAUNCHER.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 1460, C:\PROGRAM FILES\CYBERLINK\POWERDVD\DVDLAUNCHER.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1460, C:\PROGRAM FILES\CYBERLINK\POWERDVD\DVDLAUNCHER.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 1808, C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISSCH.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 1808, C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISSCH.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 1808, C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISSCH.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 2080, C:\PROGRAM FILES\ADOBE\ACROBAT 7.0\DISTILLR\ACROTRAY.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 2080, C:\PROGRAM FILES\ADOBE\ACROBAT 7.0\DISTILLR\ACROTRAY.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2080, C:\PROGRAM FILES\ADOBE\ACROBAT 7.0\DISTILLR\ACROTRAY.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 2096, C:\PROGRAM FILES\MOUSE SETTING\MOUSE SETTING SOFTWARE\4.0\ACQTMAPP.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 2096, C:\PROGRAM FILES\MOUSE SETTING\MOUSE SETTING SOFTWARE\4.0\ACQTMAPP.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2096, C:\PROGRAM FILES\MOUSE SETTING\MOUSE SETTING SOFTWARE\4.0\ACQTMAPP.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 2480, C:\WINDOWS\SYSTEM32\BRAVIAX.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 2480, C:\WINDOWS\SYSTEM32\BRAVIAX.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2480, C:\WINDOWS\SYSTEM32\BRAVIAX.EXE]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 2508, C:\PROGRAM FILES\MOUSE SETTING\MOUSE SETTING SOFTWARE\4.0\ACQHIDCL.DAT]
Special Privileges Enabled: SeDebugPrivilege [PID = 2508, C:\PROGRAM FILES\MOUSE SETTING\MOUSE SETTING SOFTWARE\4.0\ACQHIDCL.DAT]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 2508, C:\PROGRAM FILES\MOUSE SETTING\MOUSE SETTING SOFTWARE\4.0\ACQHIDCL.DAT]
Special Privileges Enabled: SeSystemtimePrivilege [PID = 3696, C:\DOCUMENTS AND SETTINGS\SABARRON\DESKTOP\SRENG2\SRENGLDR.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 3696, C:\DOCUMENTS AND SETTINGS\SABARRON\DESKTOP\SRENG2\SRENGLDR.EXE]
Special Privileges Enabled: SeLoadDriverPrivilege [PID = 3696, C:\DOCUMENTS AND SETTINGS\SABARRON\DESKTOP\SRENG2\SRENGLDR.EXE]

==================================
Scheduled Tasks
[Enabled] AppleSoftwareUpdate.job
C:\Program Files\Apple Software Update\SoftwareUpdate.exe

==================================
Windows Security Update Check
N/A

==================================
API HOOK
Entrypoint Error: LoadLibraryExW (Dangerous Level: High, Hooked by Module: 0x0120FF42)
Entrypoint Error: FreeLibrary (Dangerous Level: High, Hooked by Module: 0x7170002D)

==================================
Hidden Process
N/A

==================================


[/CODE]

#11 Budapest

Budapest

    Bleepin' Cynic


  • Moderator
  • 23,579 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:04 AM

Posted 15 September 2009 - 04:24 PM

I think it's time to head on over to the HijackThis forum for a closer look.

Preparation Guide for use before posting a HijackThis Log

Go straight to Step 6. If you cannot get a DDS or RootRepeal log just post your System Repair Engineer log.

Please be patient. It may take a while to get a response because the HJT Team members are EXTREMELY busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the HJT Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another HJT Team member is already assisting you and not open the thread to respond.
The power of accurate observation is commonly called cynicism by those who haven't got it.

—George Bernard Shaw




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users