Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Adware.SpywareStorm [Desktop Computer]


  • This topic is locked This topic is locked
27 replies to this topic

#1 kymberly

kymberly

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 09 December 2009 - 02:10 PM

This is very nasty and wont go away. It shuts the coputer down and delivers a fake window for computer updaes. It also gives a fake window when start up after you log on saying "Configuring Updates Please Wait" but no updates have been downloaded. Please using my disk that came with the computer does not help. I repeat does not help. Please can anybody assist me.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-12-01.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/4/2009 2:36:24 PM
System Uptime: 12/9/2009 10:50:46 AM (0 hours ago)

Motherboard: ECS | | Nettle2
Processor: AMD Athlon™ 64 X2 Dual Core Processor 4000+ | Socket M2 | 2100/201mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 289 GiB total, 269.4 GiB free.
D: is FIXED (NTFS) - 9 GiB total, 1.035 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable
H: is Removable
I: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP2: 12/4/2009 8:47:34 PM - Removed HP Update
RP3: 12/4/2009 9:02:44 PM - Removed Snapfish Media Detector
RP4: 12/7/2009 6:13:59 PM - Windows Update
RP5: 12/9/2009 10:26:46 AM - Windows Update
RP6: 12/9/2009 10:55:11 AM - Windows Update

==== Installed Programs ======================

Activation Assistant for the 2007 Microsoft Office suites
Adobe Flash Player 9 ActiveX
Adobe Reader 8
Enhanced Multimedia Keyboard Solution
Hardware Diagnostic Tools
HP Customer Experience Enhancements
HP Customer Feedback
HP Easy Setup - Frontend
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Photosmart Essential 2.0
HP Photosmart Essential2.5
HP Picasso Media Center Add-In
HP Total Care Advisor
HP Update
LightScribe 1.4.142.1
McAfee SecurityCenter
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
muvee autoProducer 6.0
My HP Games
NVIDIA Drivers
PSSWCORE
Python 2.4.3
RealPlayer
Realtek High Definition Audio Driver
Rhapsody
Rhapsody Player Engine
Roxio Activation Module
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Express Labeler 3
Roxio MyDVD Basic v9
Snapfish Media Detector
Soft Data Fax Modem with SmartCP

==== Event Viewer Messages From Past Week ========

12/7/2009 6:46:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 959130-9_neutral_PACKAGE from package KB959130(Update) into Staging(Staging) state
12/7/2009 6:46:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 959130-8_neutral_GDR from package KB959130(Update) into Staging(Staging) state
12/7/2009 6:46:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 959130-7_neutral_LDR from package KB959130(Update) into Staging(Staging) state
12/7/2009 6:46:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 959130-3_neutral_PACKAGE from package KB959130(Update) into Staging(Staging) state
12/7/2009 6:46:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 959130-2_neutral_GDR from package KB959130(Update) into Staging(Staging) state
12/7/2009 6:46:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 959130-14_neutral_PACKAGE from package KB959130(Update) into Staging(Staging) state
12/7/2009 6:46:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 959130-13_neutral_PACKAGE from package KB959130(Update) into Staging(Staging) state
12/7/2009 6:46:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 959130-12_neutral_PACKAGE from package KB959130(Update) into Staging(Staging) state
12/7/2009 6:46:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 959130-10_neutral_PACKAGE from package KB959130(Update) into Staging(Staging) state
12/7/2009 6:46:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 959130-1_neutral_LDR from package KB959130(Update) into Staging(Staging) state
12/7/2009 6:46:30 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB959130 (Update) into Staging(Staging) state
12/7/2009 6:46:09 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 931213-6_RTM_PACKAGE from package KB931213(Security Update) into Staging(Staging) state
12/7/2009 6:46:09 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 931213-5_RTM_PACKAGE from package KB931213(Security Update) into Staging(Staging) state
12/7/2009 6:46:09 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 931213-4_RTM_LDR from package KB931213_1(Security Update) into Staging(Staging) state
12/7/2009 6:46:09 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 931213-3_RTM_GDR from package KB931213_1(Security Update) into Staging(Staging) state
12/7/2009 6:46:09 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 931213-2_RTM_LDR from package KB931213_2(Security Update) into Staging(Staging) state
12/7/2009 6:46:09 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 931213-1_RTM_GDR from package KB931213_2(Security Update) into Staging(Staging) state
12/7/2009 6:46:09 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB931213_2 (Security Update) into Staging(Staging) state
12/7/2009 6:46:09 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB931213_1 (Security Update) into Staging(Staging) state
12/7/2009 6:46:09 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB931213 (Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-6_neutral_PACKAGE from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-5_neutral_GDR from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-41_neutral_PACKAGE from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-40_neutral_PACKAGE from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-4_neutral_LDR from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-39_neutral_PACKAGE from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-38_neutral_PACKAGE from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-37_neutral_PACKAGE from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-35_neutral_PACKAGE from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-32_neutral_PACKAGE from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-29_neutral_PACKAGE from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-24_neutral_PACKAGE from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-23_neutral_GDR from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-22_neutral_LDR from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-15_neutral_PACKAGE from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-14_neutral_GDR from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 970238-13_neutral_LDR from package KB970238(Security Update) into Staging(Staging) state
12/7/2009 6:45:46 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB970238 (Security Update) into Staging(Staging) state
12/7/2009 6:45:21 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 951698-9_neutral_PACKAGE from package KB951698(Security Update) into Staging(Staging) state
12/7/2009 6:45:21 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 951698-8_neutral_GDR from package KB951698(Security Update) into Staging(Staging) state
12/7/2009 6:45:21 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 951698-7_neutral_LDR from package KB951698(Security Update) into Staging(Staging) state
12/7/2009 6:45:21 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 951698-3_neutral_PACKAGE from package KB951698(Security Update) into Staging(Staging) state
12/7/2009 6:45:21 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 951698-2_neutral_GDR from package KB951698(Security Update) into Staging(Staging) state
12/7/2009 6:45:21 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 951698-14_neutral_PACKAGE from package KB951698(Security Update) into Staging(Staging) state
12/7/2009 6:45:21 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 951698-13_neutral_PACKAGE from package KB951698(Security Update) into Staging(Staging) state
12/7/2009 6:45:21 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 951698-12_neutral_PACKAGE from package KB951698(Security Update) into Staging(Staging) state
12/7/2009 6:45:21 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 951698-10_neutral_PACKAGE from package KB951698(Security Update) into Staging(Staging) state
12/7/2009 6:45:21 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 951698-1_neutral_LDR from package KB951698(Security Update) into Staging(Staging) state
12/7/2009 6:45:21 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB951698 (Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 975517-31_neutral_PACKAGE from package KB975517(Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 975517-30_neutral_PACKAGE from package KB975517(Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 975517-3_neutral_PACKAGE from package KB975517(Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 975517-29_neutral_PACKAGE from package KB975517(Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 975517-28_neutral_PACKAGE from package KB975517(Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 975517-25_neutral_PACKAGE from package KB975517(Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 975517-22_neutral_PACKAGE from package KB975517(Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 975517-21_neutral_PACKAGE from package KB975517(Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 975517-20_neutral_GDR from package KB975517(Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 975517-2_neutral_GDR from package KB975517(Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 975517-19_neutral_LDR from package KB975517(Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 975517-12_neutral_PACKAGE from package KB975517(Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 975517-11_neutral_GDR from package KB975517(Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 975517-10_neutral_LDR from package KB975517(Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 975517-1_neutral_LDR from package KB975517(Security Update) into Staging(Staging) state
12/7/2009 6:44:59 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB975517 (Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-6_neutral_PACKAGE from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-5_neutral_GDR from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-4_neutral_LDR from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-36_neutral_PACKAGE from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-35_neutral_PACKAGE from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-34_neutral_PACKAGE from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-33_neutral_PACKAGE from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-32_neutral_PACKAGE from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-29_neutral_PACKAGE from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-26_neutral_PACKAGE from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-24_neutral_PACKAGE from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-23_neutral_GDR from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-22_neutral_LDR from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-15_neutral_PACKAGE from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-14_neutral_GDR from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973565-13_neutral_LDR from package KB973565(Security Update) into Staging(Staging) state
12/7/2009 6:44:04 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB973565 (Security Update) into Staging(Staging) state
12/7/2009 6:37:52 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 949939-1_RTM_neutral_GDR from package KB949939(Update) into Staging(Staging) state
12/7/2009 6:37:52 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB949939 (Update) into Staging(Staging) state
12/7/2009 6:37:19 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 925902-4_RTM_GDR from package KB925902(Security Update) into Staging(Staging) state
12/7/2009 6:37:19 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 925902-3_RTM_LDR from package KB925902(Security Update) into Staging(Staging) state
12/7/2009 6:37:19 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 925902-2_RTM_LDR from package KB925902(Security Update) into Staging(Staging) state
12/7/2009 6:37:19 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 925902-1_RTM_GDR from package KB925902(Security Update) into Staging(Staging) state
12/7/2009 6:37:19 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB925902 (Security Update) into Staging(Staging) state
12/7/2009 6:37:08 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954459-3_neutral_PACKAGE from package KB954459(Security Update) into Staging(Staging) state
12/7/2009 6:37:08 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954459-24_neutral_PACKAGE from package KB954459(Security Update) into Staging(Staging) state
12/7/2009 6:37:08 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954459-23_neutral_PACKAGE from package KB954459(Security Update) into Staging(Staging) state
12/7/2009 6:37:08 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954459-22_neutral_PACKAGE from package KB954459(Security Update) into Staging(Staging) state
12/7/2009 6:37:08 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954459-21_neutral_PACKAGE from package KB954459(Security Update) into Staging(Staging) state
12/7/2009 6:37:08 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954459-2_neutral_GDR from package KB954459(Security Update) into Staging(Staging) state
12/7/2009 6:37:08 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954459-19_neutral_PACKAGE from package KB954459(Security Update) into Staging(Staging) state
12/7/2009 6:37:08 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954459-16_neutral_PACKAGE from package KB954459(Security Update) into Staging(Staging) state
12/7/2009 6:37:08 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954459-12_neutral_PACKAGE from package KB954459(Security Update) into Staging(Staging) state
12/7/2009 6:37:08 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954459-11_neutral_GDR from package KB954459(Security Update) into Staging(Staging) state
12/7/2009 6:37:08 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954459-10_neutral_LDR from package KB954459(Security Update) into Staging(Staging) state
12/7/2009 6:37:08 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954459-1_neutral_LDR from package KB954459(Security Update) into Staging(Staging) state
12/7/2009 6:37:08 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB954459 (Security Update) into Staging(Staging) state
12/7/2009 6:36:36 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 939159-2_RTM_neutral_LDR from package KB939159(Update) into Staging(Staging) state
12/7/2009 6:36:36 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 939159-1_RTM_neutral_GDR from package KB939159(Update) into Staging(Staging) state
12/7/2009 6:36:36 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB939159 (Update) into Staging(Staging) state
12/7/2009 6:36:26 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954155-9_neutral_PACKAGE from package KB954155(Security Update) into Staging(Staging) state
12/7/2009 6:36:26 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954155-8_neutral_GDR from package KB954155(Security Update) into Staging(Staging) state
12/7/2009 6:36:26 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954155-7_neutral_LDR from package KB954155(Security Update) into Staging(Staging) state
12/7/2009 6:36:26 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954155-3_neutral_PACKAGE from package KB954155(Security Update) into Staging(Staging) state
12/7/2009 6:36:26 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954155-22_neutral_PACKAGE from package KB954155(Security Update) into Staging(Staging) state
12/7/2009 6:36:26 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954155-21_neutral_PACKAGE from package KB954155(Security Update) into Staging(Staging) state
12/7/2009 6:36:26 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954155-20_neutral_PACKAGE from package KB954155(Security Update) into Staging(Staging) state
12/7/2009 6:36:26 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954155-2_neutral_GDR from package KB954155(Security Update) into Staging(Staging) state
12/7/2009 6:36:26 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954155-18_neutral_PACKAGE from package KB954155(Security Update) into Staging(Staging) state
12/7/2009 6:36:26 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954155-16_neutral_PACKAGE from package KB954155(Security Update) into Staging(Staging) state
12/7/2009 6:36:26 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954155-15_neutral_PACKAGE from package KB954155(Security Update) into Staging(Staging) state
12/7/2009 6:36:26 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954155-14_neutral_GDR from package KB954155(Security Update) into Staging(Staging) state
12/7/2009 6:36:26 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954155-13_neutral_LDR from package KB954155(Security Update) into Staging(Staging) state
12/7/2009 6:36:26 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 954155-1_neutral_LDR from package KB954155(Security Update) into Staging(Staging) state
12/7/2009 6:36:26 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB954155 (Security Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-84_neutral_GDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-83_neutral_LDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-82_neutral_GDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-81_neutral_LDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-718_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-717_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-716_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-715_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-714_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-713_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-712_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-711_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-710_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-709_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-708_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-707_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-706_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-705_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-704_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-703_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-702_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-701_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-700_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-699_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-698_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-697_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-696_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-695_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-694_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-693_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-692_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-691_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-690_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-689_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-688_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-687_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-686_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-685_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-684_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-683_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-682_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-681_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-620_neutral_GDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-619_neutral_LDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-618_neutral_GDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-617_neutral_LDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-564_neutral_GDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-563_neutral_LDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-562_neutral_GDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-561_neutral_LDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-28_neutral_GDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-27_neutral_LDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-26_neutral_GDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-25_neutral_LDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-181_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-180_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-179_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-178_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-177_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-176_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-175_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-174_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-173_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-172_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-171_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-170_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-169_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-168_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-167_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-166_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-165_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-164_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-163_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-162_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-161_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-160_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-159_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-158_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-157_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-156_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-155_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-154_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-153_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-152_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-151_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-150_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-149_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-148_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-147_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-146_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-145_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1264_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1263_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1262_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1261_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1258_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1255_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1254_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1253_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1252_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1251_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1250_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1249_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1248_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1247_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1246_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1245_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1244_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1243_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1242_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1241_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1240_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1239_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1238_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1237_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1236_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1235_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1234_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1233_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1232_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1231_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1230_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1229_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1228_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1227_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1226_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1225_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1224_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1223_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1222_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1221_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1220_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1219_neutral_PACKAGE from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1158_neutral_GDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1157_neutral_LDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1156_neutral_GDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1155_neutral_LDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1102_neutral_GDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1101_neutral_LDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1100_neutral_GDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 972145-1099_neutral_LDR from package KB972145(Update) into Staging(Staging) state
12/7/2009 6:35:59 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB972145 (Update) into Staging(Staging) state
12/7/2009 6:29:48 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973768-9_neutral_PACKAGE from package KB973768(Update) into Staging(Staging) state
12/7/2009 6:29:48 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973768-8_neutral_GDR from package KB973768(Update) into Staging(Staging) state
12/7/2009 6:29:48 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973768-7_neutral_LDR from package KB973768(Update) into Staging(Staging) state
12/7/2009 6:29:48 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973768-6_neutral_PACKAGE from package KB973768(Update) into Staging(Staging) state
12/7/2009 6:29:48 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973768-5_neutral_GDR from package KB973768(Update) into Staging(Staging) state
12/7/2009 6:29:48 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973768-4_neutral_LDR from package KB973768(Update) into Staging(Staging) state
12/7/2009 6:29:48 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973768-3_neutral_PACKAGE from package KB973768(Update) into Staging(Staging) state
12/7/2009 6:29:48 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973768-2_neutral_GDR from package KB973768(Update) into Staging(Staging) state
12/7/2009 6:29:48 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973768-13_neutral_PACKAGE from package KB973768(Update) into Staging(Staging) state
12/7/2009 6:29:48 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973768-12_neutral_PACKAGE from package KB973768(Update) into Staging(Staging) state
12/7/2009 6:29:48 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973768-11_neutral_PACKAGE from package KB973768(Update) into Staging(Staging) state
12/7/2009 6:29:48 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973768-10_neutral_PACKAGE from package KB973768(Update) into Staging(Staging) state
12/7/2009 6:29:48 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update 973768-1_neutral_LDR from package KB973768(Update) into Staging(Staging) state
12/7/2009 6:29:48 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KB973768 (Update) into Staging(Staging) state
12/7/2009 6:18:31 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP from package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:31 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update AuxResourcesLP from package WindowsUpdateClient-SelfUpdate-Aux-Package(Language Pack) into Staged(Staged) state
12/7/2009 6:18:31 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US(Language Pack) into Staged(Staged) state
12/7/2009 6:18:31 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP (Feature Pack) into Install Requested(Install Requested) state
12/7/2009 6:18:31 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Language Pack) into Install Requested(Install Requested) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-tw-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-hk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-cn-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-uk-ua-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-tr-tr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-th-th-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sv-se-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sr-latn-cs-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sl-si-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sk-sk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ru-ru-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ro-ro-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-pt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-br-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ps-ps-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pl-pl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nl-nl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-Neutral from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nb-no-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lv-lv-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lt-lt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ko-kr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ja-jp-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-it-it-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hu-hu-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hr-hr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-he-il-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fr-fr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fi-fi-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-et-ee-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-es-es-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-el-gr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-de-de-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-da-dk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-cs-cz-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-bg-bg-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ar-sa-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update AuxComp from package WindowsUpdateClient-SelfUpdate-Aux-Package(Update) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package(Update) into Staged(Staged) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Update) into Install Requested(Install Requested) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US (Language Pack) into Install Requested(Install Requested) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package (Update) into Install Requested(Install Requested) state
12/7/2009 6:18:30 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KBWUClient-SelfUpdate-Aux (Feature Pack) into Install Requested(Install Requested) state
12/7/2009 6:10:30 PM, Error: EventLog [6008] - The previous system shutdown at 11:04:51 PM on 12/4/2009 was unexpected.
12/4/2009 7:33:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
12/4/2009 7:33:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/4/2009 7:33:06 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/4/2009 7:32:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
12/4/2009 7:32:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
12/4/2009 7:32:32 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
12/4/2009 7:32:31 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/4/2009 7:32:25 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/4/2009 7:31:56 PM, Error: EventLog [6008] - The previous system shutdown at 7:30:32 PM on 12/4/2009 was unexpected.
12/4/2009 7:31:34 PM, Error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 9, function 0. Please contact your system vendor for technical assistance.
12/4/2009 7:31:34 PM, Error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 12, function 0. Please contact your system vendor for technical assistance.
12/4/2009 7:31:34 PM, Error: ACPI [6] - IRQARB: ACPI BIOS does not contain an IRQ for the device in PCI slot 11, function 0. Please contact your system vendor for technical assistance.
12/4/2009 10:19:51 PM, Error: EventLog [6008] - The previous system shutdown at 10:18:15 PM on 12/4/2009 was unexpected.

==== End Of File ===========================


DDS (Ver_09-12-01.01) - NTFSx86
Run by Go to Hell at 10:57:23.54 on Wed 12/09/2009
Internet Explorer: 7.0.6000.16386
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1918.1044 [GMT -8:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Go to Hell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E40GISIZ\dds[1].scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.att.net/
mStart Page = hxxp://www.yahoo.com
mDefault_Page_URL = hxxp://www.yahoo.com
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [<NO NAME>]
mRun: [SnapfishMediaDetector] c:\program files\snapfish media detector\SnapfishMediaDetector.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
mRunOnce: [PCDrProfiler] c:\program files\pc-doctor 5 for windows\RunProfiler.exe -r
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\snapfi~1.lnk - c:\program files\snapfish media detector\SnapfishMediaDetector.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

============= SERVICES / DRIVERS ===============

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-11-4 214664]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-12-4 79816]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-12-4 35272]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-12-4 40552]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-12-4 34248]

=============== Created Last 30 ================

2009-12-09 18:45:15 441856 ----a-w- c:\windows\system32\win32spl.dll
2009-12-09 18:45:15 37376 ----a-w- c:\windows\system32\printcom.dll
2009-12-09 18:44:55 2031104 ----a-w- c:\windows\system32\win32k.sys
2009-12-09 18:44:34 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-12-09 18:44:34 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-12-09 18:44:09 43520 ----a-w- c:\windows\system32\msdxm.tlb
2009-12-09 18:44:09 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-12-09 18:44:09 18432 ----a-w- c:\windows\system32\amcompat.tlb
2009-12-09 18:43:32 11776 ----a-w- c:\windows\system32\sbunattend.exe
2009-12-09 18:43:12 558080 ----a-w- c:\windows\system32\oleaut32.dll
2009-12-09 18:42:57 290304 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-09 18:42:42 84480 ----a-w- c:\windows\system32\dnsrslvr.dll
2009-12-09 18:42:42 24576 ----a-w- c:\windows\system32\dnscacheugc.exe
2009-12-09 18:42:14 269824 ----a-w- c:\windows\system32\schannel.dll
2009-12-09 18:41:45 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-12-09 18:41:43 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-12-09 18:41:43 1686528 ----a-w- c:\windows\system32\gameux.dll
2009-12-09 18:41:05 98816 ----a-w- c:\windows\system32\mfps.dll
2009-12-09 18:41:05 52736 ----a-w- c:\windows\system32\rrinstaller.exe
2009-12-09 18:41:05 2855424 ----a-w- c:\windows\system32\mf.dll
2009-12-09 18:41:05 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-12-09 18:41:05 2048 ----a-w- c:\windows\system32\mferror.dll
2009-12-09 18:41:04 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2009-12-09 18:41:04 94720 ----a-w- c:\windows\system32\logagent.exe
2009-12-09 18:40:43 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-12-09 18:40:43 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2009-12-09 18:40:43 101888 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-09 18:39:57 84480 ----a-w- c:\windows\system32\INETRES.dll
2009-12-09 18:39:57 737792 ----a-w- c:\windows\system32\inetcomm.dll
2009-12-09 18:39:30 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-12-09 18:39:05 1645568 ----a-w- c:\windows\system32\connect.dll
2009-12-09 18:38:48 5120 ----a-w- c:\windows\system32\wmi.dll
2009-12-09 18:38:48 152576 ----a-w- c:\windows\system32\imagehlp.dll
2009-12-09 18:38:48 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2009-12-09 18:38:03 788992 ----a-w- c:\windows\system32\rpcrt4.dll
2009-12-09 18:37:46 1327104 ----a-w- c:\windows\system32\quartz.dll
2009-12-09 18:36:35 130048 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-12-09 18:35:55 321536 ----a-w- c:\windows\system32\WSDApi.dll
2009-12-09 18:35:38 99840 ----a-w- c:\windows\system32\poqexec.exe
2009-12-09 18:35:13 0 d-----w- c:\program files\MSXML 4.0
2009-12-09 18:34:27 633856 ----a-w- c:\windows\system32\user32.dll
2009-12-09 18:34:13 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-12-09 18:34:13 1341440 ----a-w- c:\windows\system32\msxml6.dll
2009-12-09 18:33:27 750080 ----a-w- c:\windows\system32\qmgr.dll
2009-12-09 18:33:17 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-12-09 18:32:33 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-12-09 18:32:32 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-12-09 18:32:32 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-12-09 18:32:31 4096 ----a-w- c:\windows\system32\msdxm.ocx
2009-12-09 18:32:29 311296 ----a-w- c:\windows\system32\unregmp2.exe
2009-12-08 02:16:43 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-12-08 02:15:03 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-12-08 02:15:03 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-12-05 05:02:02 6644 ----a-w- c:\windows\system32\Config.MPF
2009-12-05 05:01:42 0 d-----w- c:\programdata\SiteAdvisor
2009-12-05 04:59:53 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2009-12-05 04:59:53 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2009-12-05 04:59:53 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2009-12-05 04:59:46 130424 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2009-12-05 04:59:13 0 d-----w- c:\program files\common files\McAfee
2009-12-05 04:59:10 0 d-----w- c:\program files\McAfee.com
2009-12-05 04:59:06 0 d-----w- c:\program files\McAfee
2009-12-05 04:55:14 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2009-12-05 04:42:19 0 d-----w- c:\programdata\McAfee
2009-12-04 23:36:26 0 d-----w- c:\programdata\Hewlett-Packard
2009-12-04 23:32:54 0 d-----w- c:\windows\SMINST
2009-12-04 23:27:16 0 d-----w- c:\programdata\Symantec
2009-12-04 23:27:03 0 d-----w- c:\program files\common files\Symantec Shared
2009-12-04 23:25:45 0 d-----w- c:\program files\Yahoo!
2009-12-04 23:24:01 0 d-----w- c:\program files\Online Services
2009-12-04 23:24:01 0 d-----w- c:\program files\earthlink totalaccess
2009-12-04 23:21:33 0 d-----w- c:\programdata\PC-Doctor
2009-12-04 23:21:07 0 d-----w- c:\program files\PC-Doctor 5 for Windows
2009-12-04 23:19:21 0 d-----w- c:\programdata\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
2009-12-04 23:19:14 0 d-----w- c:\program files\Activation Assistant for the 2007 Microsoft Office suites
2009-12-04 23:18:42 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-12-04 23:17:58 0 d-----w- c:\windows\PCHEALTH
2009-12-04 23:16:52 0 d-----w- c:\programdata\Microsoft Help
2009-12-04 23:14:57 0 d-----w- c:\program files\Snapfish Media Detector
2009-12-04 23:14:20 0 d-----w- c:\programdata\Adobe
2009-12-04 23:13:10 0 d-----w- c:\program files\muvee Technologies
2009-12-04 23:13:09 0 d-----w- c:\program files\common files\muvee Technologies
2009-12-04 23:13:08 0 d-----w- c:\programdata\muvee Technologies
2009-12-04 23:12:42 0 d-----w- c:\program files\common files\xing shared
2009-12-04 23:12:34 0 d-----w- c:\program files\common files\Real
2009-12-04 23:11:44 0 d-----w- c:\program files\Rhapsody
2009-12-04 23:11:01 0 d---a-w- c:\program files\common files\LS Getting Started
2009-12-04 23:10:53 0 d-----w- c:\program files\common files\SureThing Shared
2009-12-04 23:09:40 0 d-----w- c:\programdata\Sonic
2009-12-04 23:09:21 0 d-----w- c:\program files\common files\PX Storage Engine
2009-12-04 23:08:50 0 d-----w- c:\programdata\Roxio
2009-12-04 23:08:49 0 d-----w- c:\program files\common files\Sonic Shared
2009-12-04 23:08:48 0 d-----w- c:\program files\Roxio
2009-12-04 23:02:47 0 d-----w- c:\program files\common files\HP
2009-12-04 23:02:46 0 d-----w- c:\program files\HP
2009-12-04 23:02:16 103521 ----a-w- c:\windows\hpqins13.dat
2009-12-04 23:02:13 0 d-----w- c:\programdata\HP
2009-12-04 22:57:09 0 d-----w- c:\programdata\WildTangent
2009-12-04 22:57:09 0 d-----w- c:\program files\HP Games
2009-12-04 22:52:53 0 d-----w- c:\program files\Realtek
2009-12-04 22:50:39 2379776 ----a-w- c:\windows\system32\nvwssr.dll
2009-12-04 22:49:47 414208 ----a-w- c:\windows\system32\msscp.dll
2009-12-04 22:49:26 146944 ----a-w- c:\windows\system32\MMDevAPI.dll
2009-12-04 22:48:10 135680 ----a-w- c:\windows\system32\wusa.exe
2009-12-04 22:47:51 974336 ----a-w- c:\windows\system32\crypt32.dll
2009-12-04 22:47:31 104448 ----a-w- c:\windows\system32\DWWIN.EXE
2009-12-04 22:47:13 74752 ----a-w- c:\windows\system32\drivers\rasl2tp.sys
2009-12-04 22:47:13 60928 ----a-w- c:\windows\system32\drivers\raspptp.sys
2009-12-04 22:46:31 229888 ----a-w- c:\windows\system32\msshsq.dll
2009-12-04 22:46:09 80896 ----a-w- c:\windows\system32\MSNP.ax
2009-12-04 22:46:08 68608 ----a-w- c:\windows\system32\Mpeg2Data.ax
2009-12-04 22:46:08 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2009-12-04 22:46:08 292352 ----a-w- c:\windows\system32\psisdecd.dll
2009-12-04 22:46:08 218624 ----a-w- c:\windows\system32\psisrndr.ax
2009-12-04 22:44:39 8704 ----a-w- c:\windows\system32\hccoin.dll
2009-12-04 22:44:39 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-12-04 22:44:39 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2009-12-04 22:44:39 38400 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-12-04 22:44:39 223744 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-12-04 22:44:39 19456 ----a-w- c:\windows\system32\drivers\usbohci.sys
2009-12-04 22:44:39 192000 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-12-04 22:44:04 53760 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2009-12-04 22:43:46 61440 ------w- c:\windows\system32\OsdRemove.exe
2009-12-04 22:43:05 48760 ----a-w- c:\windows\system32\RUNCLOSE.OCX
2009-12-04 22:43:05 19072 ----a-w- c:\windows\system32\drivers\PS2.sys
2009-12-04 22:42:28 253952 ----a-w- c:\windows\system32\cPC_DMIRD.dll
2009-12-04 22:40:37 327680 ----a-w- c:\windows\system32\pythoncom24.dll
2009-12-04 22:40:37 102400 ----a-w- c:\windows\system32\pywintypes24.dll
2009-12-04 22:40:23 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-12-04 22:40:23 1060864 ----a-w- c:\windows\system32\mfc71.dll
2009-12-04 22:40:03 0 d-sh--w- c:\windows\Installer
2009-12-04 22:33:08 0 d-----w- c:\program files\CONEXANT
2009-12-04 22:28:55 0 d--h--w- C:\hp
2009-12-04 22:28:46 94208 ----a-w- c:\windows\system32\mdmxsdk.dll
2009-12-04 22:28:46 172032 ----a-w- c:\windows\system32\UCI32m15.dll
2009-12-04 22:28:46 12672 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2009-12-04 22:28:27 352768 ----a-w- c:\windows\system32\idecoiins.dll
2009-12-04 22:28:27 352768 ----a-w- c:\windows\system32\idecoi.dll
2009-12-04 22:28:27 101672 ----a-w- c:\windows\system32\drivers\nvstor32.sys
2009-12-04 22:28:16 0 d-----w- c:\windows\system32\OEM
2009-12-04 22:28:16 0 d-----w- c:\windows\Panther
2009-12-04 22:28:03 8192 --s-a-r- C:\BOOTSECT.BAK
2009-12-04 22:28:01 438840 --sha-r- C:\bootmgr
2009-12-04 22:28:01 0 d-sh--w- C:\Boot

==================== Find3M ====================

2009-12-09 18:51:52 86016 ----a-w- c:\windows\inf\infstrng.dat
2009-12-09 18:51:52 86016 ----a-w- c:\windows\inf\infstor.dat
2009-12-09 18:51:52 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-09 18:51:52 51200 ----a-w- c:\windows\inf\infpub.dat
2009-12-04 22:52:55 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-12-04 22:52:53 315392 ----a-w- c:\windows\HideWin.exe
2009-12-04 22:48:47 356576 ----a-w- c:\windows\fonts\monbaiti.ttf
2009-12-04 22:46:52 160872 ----a-w- c:\windows\system32\halmacpi.dll
2009-12-04 22:46:52 134760 ----a-w- c:\windows\system32\halacpi.dll
2009-11-05 00:54:12 214664 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2006-11-02 12:50:50 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 10:58:46.82 ===============

SlgClientServicesRedists.exe\data002;C:\Program Files\HP Games\Cake Mania\SlgClientServicesRedists.exe;Adware.SpywareStorm;;
SlgClientServicesRedists.exe;C:\Program Files\HP Games\Cake Mania;Archive contains infected objects;;
Setup.exe\data053;C:\Program Files\Online Services\Netscape_ca\Setup.exe;Trojan.MulDrop.origin;;
Setup.exe;C:\Program Files\Online Services\Netscape_ca;Archive contains infected objects;;
cakemania-setup.exe/data032\data002;D:\hp\apps\APP04310\src\install\games\cakemania-setup.exe/data032;Adware.SpywareStorm;;
data032;D:\hp\apps\APP04310\src\install\games;Archive contains infected objects;;
cakemania-setup.exe;D:\hp\apps\APP04310\src\install\games;Archive contains infected objects;;


SlgClientServicesRedists.exe\data002;C:\Program Files\HP Games\Cake Mania\SlgClientServicesRedists.exe;Adware.SpywareStorm;;
SlgClientServicesRedists.exe;C:\Program Files\HP Games\Cake Mania;Archive contains infected objects;Cannot delete.;
Setup.exe\data053;C:\Program Files\Online Services\Netscape_ca\Setup.exe;Trojan.MulDrop.origin;;
Setup.exe;C:\Program Files\Online Services\Netscape_ca;Archive contains infected objects;Cannot delete.;
cakemania-setup.exe/data032\data002;D:\hp\apps\APP04310\src\install\games\cakemania-setup.exe/data032;Adware.SpywareStorm;;
data032;D:\hp\apps\APP04310\src\install\games;Archive contains infected objects;;
cakemania-setup.exe;D:\hp\apps\APP04310\src\install\games;Archive contains infected objects;Cannot delete.;

Edited by kymberly, 09 December 2009 - 02:32 PM.


BC AdBot (Login to Remove)

 


#2 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:04:29 AM

Posted 21 December 2009 - 05:23 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE





Elle
Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#3 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 23 December 2009 - 07:36 PM

DDS (Ver_09-12-01.01) - NTFSx86
Run by Go to Hell at 16:32:59.34 on Wed 12/23/2009
Internet Explorer: 7.0.6000.16386
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1918.1001 [GMT -8:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SMINST\remind.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Go to Hell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E40GISIZ\dds[2].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.att.net/
mStart Page = hxxp://www.yahoo.com
mDefault_Page_URL = hxxp://www.yahoo.com
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [<NO NAME>]
mRun: [SnapfishMediaDetector] c:\program files\snapfish media detector\SnapfishMediaDetector.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
mRunOnce: [PCDrProfiler] c:\program files\pc-doctor 5 for windows\RunProfiler.exe -r
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\snapfi~1.lnk - c:\program files\snapfish media detector\SnapfishMediaDetector.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

============= SERVICES / DRIVERS ===============

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-11-4 214664]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-12-4 79816]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-12-4 35272]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-12-4 40552]
R3 netr73;Netopia RT73 Wireless Driver for Vista;c:\windows\system32\drivers\netr73.sys [2009-5-24 501248]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-12-4 34248]

=============== Created Last 30 ================

2009-12-09 19:00:53 0 ----a-w- c:\users\go to hell\settings.dat
2009-12-09 18:57:33 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2009-12-09 18:57:32 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2009-12-09 18:57:32 47104 ----a-w- c:\windows\system32\wlanapi.dll
2009-12-09 18:57:32 1657350 ----a-w- c:\windows\system32\wlan.tmf
2009-12-09 18:57:32 12876 ----a-w- c:\windows\system32\wbem\wlan.mof
2009-12-09 18:57:31 502272 ----a-w- c:\windows\system32\wlansvc.dll
2009-12-09 18:57:31 297984 ----a-w- c:\windows\system32\wlansec.dll
2009-12-09 18:57:31 290816 ----a-w- c:\windows\system32\wlanmsm.dll
2009-12-09 18:56:01 2923520 ----a-w- c:\windows\explorer.exe
2009-12-09 18:45:15 441856 ----a-w- c:\windows\system32\win32spl.dll
2009-12-09 18:45:15 37376 ----a-w- c:\windows\system32\printcom.dll
2009-12-09 18:44:55 2031104 ----a-w- c:\windows\system32\win32k.sys
2009-12-09 18:44:34 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-12-09 18:44:34 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-12-09 18:44:09 43520 ----a-w- c:\windows\system32\msdxm.tlb
2009-12-09 18:44:09 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-12-09 18:44:09 18432 ----a-w- c:\windows\system32\amcompat.tlb
2009-12-09 18:43:32 11776 ----a-w- c:\windows\system32\sbunattend.exe
2009-12-09 18:43:12 558080 ----a-w- c:\windows\system32\oleaut32.dll
2009-12-09 18:42:57 290304 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-09 18:42:42 84480 ----a-w- c:\windows\system32\dnsrslvr.dll
2009-12-09 18:42:42 24576 ----a-w- c:\windows\system32\dnscacheugc.exe
2009-12-09 18:42:14 269824 ----a-w- c:\windows\system32\schannel.dll
2009-12-09 18:41:45 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-12-09 18:41:43 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-12-09 18:41:43 1686528 ----a-w- c:\windows\system32\gameux.dll
2009-12-09 18:41:05 98816 ----a-w- c:\windows\system32\mfps.dll
2009-12-09 18:41:05 52736 ----a-w- c:\windows\system32\rrinstaller.exe
2009-12-09 18:41:05 2855424 ----a-w- c:\windows\system32\mf.dll
2009-12-09 18:41:05 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-12-09 18:41:05 2048 ----a-w- c:\windows\system32\mferror.dll
2009-12-09 18:41:04 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2009-12-09 18:41:04 94720 ----a-w- c:\windows\system32\logagent.exe
2009-12-09 18:40:43 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-12-09 18:40:43 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2009-12-09 18:40:43 101888 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-09 18:39:57 84480 ----a-w- c:\windows\system32\INETRES.dll
2009-12-09 18:39:57 737792 ----a-w- c:\windows\system32\inetcomm.dll
2009-12-09 18:39:30 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-12-09 18:39:05 1645568 ----a-w- c:\windows\system32\connect.dll
2009-12-09 18:38:48 5120 ----a-w- c:\windows\system32\wmi.dll
2009-12-09 18:38:48 152576 ----a-w- c:\windows\system32\imagehlp.dll
2009-12-09 18:38:48 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2009-12-09 18:38:03 788992 ----a-w- c:\windows\system32\rpcrt4.dll
2009-12-09 18:37:46 1327104 ----a-w- c:\windows\system32\quartz.dll
2009-12-09 18:36:35 130048 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-12-09 18:35:55 321536 ----a-w- c:\windows\system32\WSDApi.dll
2009-12-09 18:35:38 99840 ----a-w- c:\windows\system32\poqexec.exe
2009-12-09 18:35:13 0 d-----w- c:\program files\MSXML 4.0
2009-12-09 18:34:27 633856 ----a-w- c:\windows\system32\user32.dll
2009-12-09 18:34:13 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-12-09 18:34:13 1341440 ----a-w- c:\windows\system32\msxml6.dll
2009-12-09 18:33:27 750080 ----a-w- c:\windows\system32\qmgr.dll
2009-12-09 18:33:17 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-12-09 18:32:33 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-12-09 18:32:32 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-12-09 18:32:32 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-12-09 18:32:31 4096 ----a-w- c:\windows\system32\msdxm.ocx
2009-12-09 18:32:29 311296 ----a-w- c:\windows\system32\unregmp2.exe
2009-12-08 02:16:43 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-12-08 02:15:03 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-12-08 02:15:03 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-12-05 05:02:02 6978 ----a-w- c:\windows\system32\Config.MPF
2009-12-05 05:01:42 0 d-----w- c:\programdata\SiteAdvisor
2009-12-05 04:59:53 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2009-12-05 04:59:53 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2009-12-05 04:59:53 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2009-12-05 04:59:46 130424 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2009-12-05 04:59:13 0 d-----w- c:\program files\common files\McAfee
2009-12-05 04:59:10 0 d-----w- c:\program files\McAfee.com
2009-12-05 04:59:06 0 d-----w- c:\program files\McAfee
2009-12-05 04:55:14 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2009-12-05 04:42:19 0 d-----w- c:\programdata\McAfee
2009-12-04 23:36:26 0 d-----w- c:\programdata\Hewlett-Packard
2009-12-04 23:32:54 0 d-----w- c:\windows\SMINST
2009-12-04 23:27:16 0 d-----w- c:\programdata\Symantec
2009-12-04 23:27:03 0 d-----w- c:\program files\common files\Symantec Shared
2009-12-04 23:25:45 0 d-----w- c:\program files\Yahoo!
2009-12-04 23:24:01 0 d-----w- c:\program files\Online Services
2009-12-04 23:24:01 0 d-----w- c:\program files\earthlink totalaccess
2009-12-04 23:21:33 0 d-----w- c:\programdata\PC-Doctor
2009-12-04 23:21:07 0 d-----w- c:\program files\PC-Doctor 5 for Windows
2009-12-04 23:19:21 0 d-----w- c:\programdata\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
2009-12-04 23:19:14 0 d-----w- c:\program files\Activation Assistant for the 2007 Microsoft Office suites
2009-12-04 23:18:42 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-12-04 23:17:58 0 d-----w- c:\windows\PCHEALTH
2009-12-04 23:16:52 0 d-----w- c:\programdata\Microsoft Help
2009-12-04 23:14:57 0 d-----w- c:\program files\Snapfish Media Detector
2009-12-04 23:14:20 0 d-----w- c:\programdata\Adobe
2009-12-04 23:13:10 0 d-----w- c:\program files\muvee Technologies
2009-12-04 23:13:09 0 d-----w- c:\program files\common files\muvee Technologies
2009-12-04 23:13:08 0 d-----w- c:\programdata\muvee Technologies
2009-12-04 23:12:42 0 d-----w- c:\program files\common files\xing shared
2009-12-04 23:12:34 0 d-----w- c:\program files\common files\Real
2009-12-04 23:11:44 0 d-----w- c:\program files\Rhapsody
2009-12-04 23:11:01 0 d---a-w- c:\program files\common files\LS Getting Started
2009-12-04 23:10:53 0 d-----w- c:\program files\common files\SureThing Shared
2009-12-04 23:09:40 0 d-----w- c:\programdata\Sonic
2009-12-04 23:09:21 0 d-----w- c:\program files\common files\PX Storage Engine
2009-12-04 23:08:50 0 d-----w- c:\programdata\Roxio
2009-12-04 23:08:49 0 d-----w- c:\program files\common files\Sonic Shared
2009-12-04 23:08:48 0 d-----w- c:\program files\Roxio
2009-12-04 23:02:47 0 d-----w- c:\program files\common files\HP
2009-12-04 23:02:46 0 d-----w- c:\program files\HP
2009-12-04 23:02:16 103521 ----a-w- c:\windows\hpqins13.dat
2009-12-04 23:02:13 0 d-----w- c:\programdata\HP
2009-12-04 22:57:09 0 d-----w- c:\programdata\WildTangent
2009-12-04 22:57:09 0 d-----w- c:\program files\HP Games
2009-12-04 22:52:53 0 d-----w- c:\program files\Realtek
2009-12-04 22:50:39 2379776 ----a-w- c:\windows\system32\nvwssr.dll
2009-12-04 22:49:47 414208 ----a-w- c:\windows\system32\msscp.dll
2009-12-04 22:49:26 146944 ----a-w- c:\windows\system32\MMDevAPI.dll
2009-12-04 22:48:10 135680 ----a-w- c:\windows\system32\wusa.exe
2009-12-04 22:47:51 974336 ----a-w- c:\windows\system32\crypt32.dll
2009-12-04 22:47:31 104448 ----a-w- c:\windows\system32\DWWIN.EXE
2009-12-04 22:47:13 74752 ----a-w- c:\windows\system32\drivers\rasl2tp.sys
2009-12-04 22:47:13 60928 ----a-w- c:\windows\system32\drivers\raspptp.sys
2009-12-04 22:46:31 229888 ----a-w- c:\windows\system32\msshsq.dll
2009-12-04 22:46:09 80896 ----a-w- c:\windows\system32\MSNP.ax
2009-12-04 22:46:08 68608 ----a-w- c:\windows\system32\Mpeg2Data.ax
2009-12-04 22:46:08 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2009-12-04 22:46:08 292352 ----a-w- c:\windows\system32\psisdecd.dll
2009-12-04 22:46:08 218624 ----a-w- c:\windows\system32\psisrndr.ax
2009-12-04 22:44:39 8704 ----a-w- c:\windows\system32\hccoin.dll
2009-12-04 22:44:39 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-12-04 22:44:39 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2009-12-04 22:44:39 38400 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-12-04 22:44:39 223744 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-12-04 22:44:39 19456 ----a-w- c:\windows\system32\drivers\usbohci.sys
2009-12-04 22:44:39 192000 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-12-04 22:44:04 53760 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2009-12-04 22:43:46 61440 ------w- c:\windows\system32\OsdRemove.exe
2009-12-04 22:43:05 48760 ----a-w- c:\windows\system32\RUNCLOSE.OCX
2009-12-04 22:43:05 19072 ----a-w- c:\windows\system32\drivers\PS2.sys
2009-12-04 22:42:28 253952 ----a-w- c:\windows\system32\cPC_DMIRD.dll
2009-12-04 22:40:37 327680 ----a-w- c:\windows\system32\pythoncom24.dll
2009-12-04 22:40:37 102400 ----a-w- c:\windows\system32\pywintypes24.dll
2009-12-04 22:40:23 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-12-04 22:40:23 1060864 ----a-w- c:\windows\system32\mfc71.dll
2009-12-04 22:40:03 0 d-sh--w- c:\windows\Installer
2009-12-04 22:33:08 0 d-----w- c:\program files\CONEXANT
2009-12-04 22:28:55 0 d--h--w- C:\hp
2009-12-04 22:28:46 94208 ----a-w- c:\windows\system32\mdmxsdk.dll
2009-12-04 22:28:46 172032 ----a-w- c:\windows\system32\UCI32m15.dll
2009-12-04 22:28:46 12672 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2009-12-04 22:28:27 352768 ----a-w- c:\windows\system32\idecoiins.dll
2009-12-04 22:28:27 352768 ----a-w- c:\windows\system32\idecoi.dll
2009-12-04 22:28:27 101672 ----a-w- c:\windows\system32\drivers\nvstor32.sys
2009-12-04 22:28:16 0 d-----w- c:\windows\system32\OEM
2009-12-04 22:28:16 0 d-----w- c:\windows\Panther
2009-12-04 22:28:03 8192 --s-a-r- C:\BOOTSECT.BAK
2009-12-04 22:28:01 438840 --sha-r- C:\bootmgr
2009-12-04 22:28:01 0 d-sh--w- C:\Boot

==================== Find3M ====================

2009-12-09 18:51:52 86016 ----a-w- c:\windows\inf\infstrng.dat
2009-12-09 18:51:52 86016 ----a-w- c:\windows\inf\infstor.dat
2009-12-09 18:51:52 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-09 18:51:52 51200 ----a-w- c:\windows\inf\infpub.dat
2009-12-04 22:52:55 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-12-04 22:52:53 315392 ----a-w- c:\windows\HideWin.exe
2009-12-04 22:48:47 356576 ----a-w- c:\windows\fonts\monbaiti.ttf
2009-12-04 22:46:52 160872 ----a-w- c:\windows\system32\halmacpi.dll
2009-12-04 22:46:52 134760 ----a-w- c:\windows\system32\halacpi.dll
2009-11-05 00:54:12 214664 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2006-11-02 12:50:50 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 16:33:42.11 ===============

DDS (Ver_09-12-01.01) - NTFSx86
Run by Go to Hell at 16:32:59.34 on Wed 12/23/2009
Internet Explorer: 7.0.6000.16386
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1918.1001 [GMT -8:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\Windows\system32\rundll32.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SMINST\remind.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Go to Hell\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E40GISIZ\dds[2].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.att.net/
mStart Page = hxxp://www.yahoo.com
mDefault_Page_URL = hxxp://www.yahoo.com
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [<NO NAME>]
mRun: [SnapfishMediaDetector] c:\program files\snapfish media detector\SnapfishMediaDetector.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [McENUI] c:\progra~1\mcafee\mhn\McENUI.exe /hide
mRunOnce: [PCDrProfiler] c:\program files\pc-doctor 5 for windows\RunProfiler.exe -r
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\snapfi~1.lnk - c:\program files\snapfish media detector\SnapfishMediaDetector.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

============= SERVICES / DRIVERS ===============

R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2009-11-4 214664]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2009-12-4 79816]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2009-12-4 35272]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2009-12-4 40552]
R3 netr73;Netopia RT73 Wireless Driver for Vista;c:\windows\system32\drivers\netr73.sys [2009-5-24 501248]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2009-12-4 34248]

=============== Created Last 30 ================

2009-12-09 19:00:53 0 ----a-w- c:\users\go to hell\settings.dat
2009-12-09 18:57:33 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2009-12-09 18:57:32 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2009-12-09 18:57:32 47104 ----a-w- c:\windows\system32\wlanapi.dll
2009-12-09 18:57:32 1657350 ----a-w- c:\windows\system32\wlan.tmf
2009-12-09 18:57:32 12876 ----a-w- c:\windows\system32\wbem\wlan.mof
2009-12-09 18:57:31 502272 ----a-w- c:\windows\system32\wlansvc.dll
2009-12-09 18:57:31 297984 ----a-w- c:\windows\system32\wlansec.dll
2009-12-09 18:57:31 290816 ----a-w- c:\windows\system32\wlanmsm.dll
2009-12-09 18:56:01 2923520 ----a-w- c:\windows\explorer.exe
2009-12-09 18:45:15 441856 ----a-w- c:\windows\system32\win32spl.dll
2009-12-09 18:45:15 37376 ----a-w- c:\windows\system32\printcom.dll
2009-12-09 18:44:55 2031104 ----a-w- c:\windows\system32\win32k.sys
2009-12-09 18:44:34 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-12-09 18:44:34 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-12-09 18:44:09 43520 ----a-w- c:\windows\system32\msdxm.tlb
2009-12-09 18:44:09 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-12-09 18:44:09 18432 ----a-w- c:\windows\system32\amcompat.tlb
2009-12-09 18:43:32 11776 ----a-w- c:\windows\system32\sbunattend.exe
2009-12-09 18:43:12 558080 ----a-w- c:\windows\system32\oleaut32.dll
2009-12-09 18:42:57 290304 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-09 18:42:42 84480 ----a-w- c:\windows\system32\dnsrslvr.dll
2009-12-09 18:42:42 24576 ----a-w- c:\windows\system32\dnscacheugc.exe
2009-12-09 18:42:14 269824 ----a-w- c:\windows\system32\schannel.dll
2009-12-09 18:41:45 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-12-09 18:41:43 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-12-09 18:41:43 1686528 ----a-w- c:\windows\system32\gameux.dll
2009-12-09 18:41:05 98816 ----a-w- c:\windows\system32\mfps.dll
2009-12-09 18:41:05 52736 ----a-w- c:\windows\system32\rrinstaller.exe
2009-12-09 18:41:05 2855424 ----a-w- c:\windows\system32\mf.dll
2009-12-09 18:41:05 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-12-09 18:41:05 2048 ----a-w- c:\windows\system32\mferror.dll
2009-12-09 18:41:04 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2009-12-09 18:41:04 94720 ----a-w- c:\windows\system32\logagent.exe
2009-12-09 18:40:43 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-12-09 18:40:43 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2009-12-09 18:40:43 101888 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-09 18:39:57 84480 ----a-w- c:\windows\system32\INETRES.dll
2009-12-09 18:39:57 737792 ----a-w- c:\windows\system32\inetcomm.dll
2009-12-09 18:39:30 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-12-09 18:39:05 1645568 ----a-w- c:\windows\system32\connect.dll
2009-12-09 18:38:48 5120 ----a-w- c:\windows\system32\wmi.dll
2009-12-09 18:38:48 152576 ----a-w- c:\windows\system32\imagehlp.dll
2009-12-09 18:38:48 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2009-12-09 18:38:03 788992 ----a-w- c:\windows\system32\rpcrt4.dll
2009-12-09 18:37:46 1327104 ----a-w- c:\windows\system32\quartz.dll
2009-12-09 18:36:35 130048 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-12-09 18:35:55 321536 ----a-w- c:\windows\system32\WSDApi.dll
2009-12-09 18:35:38 99840 ----a-w- c:\windows\system32\poqexec.exe
2009-12-09 18:35:13 0 d-----w- c:\program files\MSXML 4.0
2009-12-09 18:34:27 633856 ----a-w- c:\windows\system32\user32.dll
2009-12-09 18:34:13 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-12-09 18:34:13 1341440 ----a-w- c:\windows\system32\msxml6.dll
2009-12-09 18:33:27 750080 ----a-w- c:\windows\system32\qmgr.dll
2009-12-09 18:33:17 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-12-09 18:32:33 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-12-09 18:32:32 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-12-09 18:32:32 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-12-09 18:32:31 4096 ----a-w- c:\windows\system32\msdxm.ocx
2009-12-09 18:32:29 311296 ----a-w- c:\windows\system32\unregmp2.exe
2009-12-08 02:16:43 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-12-08 02:15:03 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-12-08 02:15:03 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-12-05 05:02:02 6978 ----a-w- c:\windows\system32\Config.MPF
2009-12-05 05:01:42 0 d-----w- c:\programdata\SiteAdvisor
2009-12-05 04:59:53 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2009-12-05 04:59:53 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2009-12-05 04:59:53 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2009-12-05 04:59:46 130424 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2009-12-05 04:59:13 0 d-----w- c:\program files\common files\McAfee
2009-12-05 04:59:10 0 d-----w- c:\program files\McAfee.com
2009-12-05 04:59:06 0 d-----w- c:\program files\McAfee
2009-12-05 04:55:14 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2009-12-05 04:42:19 0 d-----w- c:\programdata\McAfee
2009-12-04 23:36:26 0 d-----w- c:\programdata\Hewlett-Packard
2009-12-04 23:32:54 0 d-----w- c:\windows\SMINST
2009-12-04 23:27:16 0 d-----w- c:\programdata\Symantec
2009-12-04 23:27:03 0 d-----w- c:\program files\common files\Symantec Shared
2009-12-04 23:25:45 0 d-----w- c:\program files\Yahoo!
2009-12-04 23:24:01 0 d-----w- c:\program files\Online Services
2009-12-04 23:24:01 0 d-----w- c:\program files\earthlink totalaccess
2009-12-04 23:21:33 0 d-----w- c:\programdata\PC-Doctor
2009-12-04 23:21:07 0 d-----w- c:\program files\PC-Doctor 5 for Windows
2009-12-04 23:19:21 0 d-----w- c:\programdata\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
2009-12-04 23:19:14 0 d-----w- c:\program files\Activation Assistant for the 2007 Microsoft Office suites
2009-12-04 23:18:42 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-12-04 23:17:58 0 d-----w- c:\windows\PCHEALTH
2009-12-04 23:16:52 0 d-----w- c:\programdata\Microsoft Help
2009-12-04 23:14:57 0 d-----w- c:\program files\Snapfish Media Detector
2009-12-04 23:14:20 0 d-----w- c:\programdata\Adobe
2009-12-04 23:13:10 0 d-----w- c:\program files\muvee Technologies
2009-12-04 23:13:09 0 d-----w- c:\program files\common files\muvee Technologies
2009-12-04 23:13:08 0 d-----w- c:\programdata\muvee Technologies
2009-12-04 23:12:42 0 d-----w- c:\program files\common files\xing shared
2009-12-04 23:12:34 0 d-----w- c:\program files\common files\Real
2009-12-04 23:11:44 0 d-----w- c:\program files\Rhapsody
2009-12-04 23:11:01 0 d---a-w- c:\program files\common files\LS Getting Started
2009-12-04 23:10:53 0 d-----w- c:\program files\common files\SureThing Shared
2009-12-04 23:09:40 0 d-----w- c:\programdata\Sonic
2009-12-04 23:09:21 0 d-----w- c:\program files\common files\PX Storage Engine
2009-12-04 23:08:50 0 d-----w- c:\programdata\Roxio
2009-12-04 23:08:49 0 d-----w- c:\program files\common files\Sonic Shared
2009-12-04 23:08:48 0 d-----w- c:\program files\Roxio
2009-12-04 23:02:47 0 d-----w- c:\program files\common files\HP
2009-12-04 23:02:46 0 d-----w- c:\program files\HP
2009-12-04 23:02:16 103521 ----a-w- c:\windows\hpqins13.dat
2009-12-04 23:02:13 0 d-----w- c:\programdata\HP
2009-12-04 22:57:09 0 d-----w- c:\programdata\WildTangent
2009-12-04 22:57:09 0 d-----w- c:\program files\HP Games
2009-12-04 22:52:53 0 d-----w- c:\program files\Realtek
2009-12-04 22:50:39 2379776 ----a-w- c:\windows\system32\nvwssr.dll
2009-12-04 22:49:47 414208 ----a-w- c:\windows\system32\msscp.dll
2009-12-04 22:49:26 146944 ----a-w- c:\windows\system32\MMDevAPI.dll
2009-12-04 22:48:10 135680 ----a-w- c:\windows\system32\wusa.exe
2009-12-04 22:47:51 974336 ----a-w- c:\windows\system32\crypt32.dll
2009-12-04 22:47:31 104448 ----a-w- c:\windows\system32\DWWIN.EXE
2009-12-04 22:47:13 74752 ----a-w- c:\windows\system32\drivers\rasl2tp.sys
2009-12-04 22:47:13 60928 ----a-w- c:\windows\system32\drivers\raspptp.sys
2009-12-04 22:46:31 229888 ----a-w- c:\windows\system32\msshsq.dll
2009-12-04 22:46:09 80896 ----a-w- c:\windows\system32\MSNP.ax
2009-12-04 22:46:08 68608 ----a-w- c:\windows\system32\Mpeg2Data.ax
2009-12-04 22:46:08 57856 ----a-w- c:\windows\system32\MSDvbNP.ax
2009-12-04 22:46:08 292352 ----a-w- c:\windows\system32\psisdecd.dll
2009-12-04 22:46:08 218624 ----a-w- c:\windows\system32\psisrndr.ax
2009-12-04 22:44:39 8704 ----a-w- c:\windows\system32\hccoin.dll
2009-12-04 22:44:39 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2009-12-04 22:44:39 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2009-12-04 22:44:39 38400 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-12-04 22:44:39 223744 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-12-04 22:44:39 19456 ----a-w- c:\windows\system32\drivers\usbohci.sys
2009-12-04 22:44:39 192000 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-12-04 22:44:04 53760 ----a-w- c:\windows\system32\drivers\hdaudbus.sys
2009-12-04 22:43:46 61440 ------w- c:\windows\system32\OsdRemove.exe
2009-12-04 22:43:05 48760 ----a-w- c:\windows\system32\RUNCLOSE.OCX
2009-12-04 22:43:05 19072 ----a-w- c:\windows\system32\drivers\PS2.sys
2009-12-04 22:42:28 253952 ----a-w- c:\windows\system32\cPC_DMIRD.dll
2009-12-04 22:40:37 327680 ----a-w- c:\windows\system32\pythoncom24.dll
2009-12-04 22:40:37 102400 ----a-w- c:\windows\system32\pywintypes24.dll
2009-12-04 22:40:23 348160 ----a-w- c:\windows\system32\msvcr71.dll
2009-12-04 22:40:23 1060864 ----a-w- c:\windows\system32\mfc71.dll
2009-12-04 22:40:03 0 d-sh--w- c:\windows\Installer
2009-12-04 22:33:08 0 d-----w- c:\program files\CONEXANT
2009-12-04 22:28:55 0 d--h--w- C:\hp
2009-12-04 22:28:46 94208 ----a-w- c:\windows\system32\mdmxsdk.dll
2009-12-04 22:28:46 172032 ----a-w- c:\windows\system32\UCI32m15.dll
2009-12-04 22:28:46 12672 ----a-w- c:\windows\system32\drivers\mdmxsdk.sys
2009-12-04 22:28:27 352768 ----a-w- c:\windows\system32\idecoiins.dll
2009-12-04 22:28:27 352768 ----a-w- c:\windows\system32\idecoi.dll
2009-12-04 22:28:27 101672 ----a-w- c:\windows\system32\drivers\nvstor32.sys
2009-12-04 22:28:16 0 d-----w- c:\windows\system32\OEM
2009-12-04 22:28:16 0 d-----w- c:\windows\Panther
2009-12-04 22:28:03 8192 --s-a-r- C:\BOOTSECT.BAK
2009-12-04 22:28:01 438840 --sha-r- C:\bootmgr
2009-12-04 22:28:01 0 d-sh--w- C:\Boot

==================== Find3M ====================

2009-12-09 18:51:52 86016 ----a-w- c:\windows\inf\infstrng.dat
2009-12-09 18:51:52 86016 ----a-w- c:\windows\inf\infstor.dat
2009-12-09 18:51:52 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-09 18:51:52 51200 ----a-w- c:\windows\inf\infpub.dat
2009-12-04 22:52:55 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-12-04 22:52:53 315392 ----a-w- c:\windows\HideWin.exe
2009-12-04 22:48:47 356576 ----a-w- c:\windows\fonts\monbaiti.ttf
2009-12-04 22:46:52 160872 ----a-w- c:\windows\system32\halmacpi.dll
2009-12-04 22:46:52 134760 ----a-w- c:\windows\system32\halacpi.dll
2009-11-05 00:54:12 214664 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2006-11-02 12:50:50 174 --sha-w- c:\program files\desktop.ini
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 12:42:02 30674 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 12:42:02 287440 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

============= FINISH: 16:33:42.11 ===============
Also very slow start up pitch black screen. I am not sure why I get update notices but cant update. Also have iexplore I cant get rid of and svc.host is high. Something really weird just happen while I was on the internet. A screen came up like I ran a scan or something stating I had 46 trojans and need to be scan. It look like the control panel because it had my computer on the screen as well. I haven't ran any scan but Mcafee but its not finding anything. So this is another malware trick on my computer. It would not let you click off the screen unless you click the button that was presented.

Edited by kymberly, 23 December 2009 - 08:08 PM.


#4 sundavis

sundavis

  • Malware Response Team
  • 2,708 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:29 PM

Posted 24 December 2009 - 08:22 AM

Hi kymberly,


Welcome to BleepingComputer HijackThis Logs and Malware Removal, :(
My name is sundavis, I will be helping you to deal with your Malware problems today.


Step1

Please download GMER Rootkit Scanner from Here or Here.
  • Extract the contents of the zipped file to desktop.
  • Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Drives/Partition other than Systemdrive (typically C:\)
    • Show All (don't miss this one)
  • Then click the Scan button & wait for it to finish. For more info, go to Here for your reference.
  • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" , and copy and paste the contents in your next reply.
**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries


Step2

Please download Malwarebytes' Anti-Malware from Here or Here
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.or you can find from here:
  • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
  • You can refer to this tutorial
Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.


Step3
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

In your next reply, please post back:


1.GMER log
2.MBAM log
3.RSIT log.txt and info.txt. Thanks.

#5 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 25 December 2009 - 09:48 PM

info.txt logfile of random's system information tool 1.06 2009-12-25 18:45:58

======Uninstall list======

-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Bookworm Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Bounce Symphony\Uninstall.exe"
-->"C:\Program Files\HP Games\Cake Mania\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
-->"C:\Program Files\HP Games\Cue Master\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash\Uninstall.exe"
-->"C:\Program Files\HP Games\Family Feud\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Final Drive Nitro\Uninstall.exe"
-->"C:\Program Files\HP Games\Flip Words\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\JEOPARDY\Uninstall.exe"
-->"C:\Program Files\HP Games\Jewel Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files\HP Games\Otto\Uninstall.exe"
-->"C:\Program Files\HP Games\Overball\Uninstall.exe"
-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\HP Games\Phoenix Assault\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Tubing\Uninstall.exe"
-->"C:\Program Files\HP Games\Ricochet Lost Worlds\Uninstall.exe"
-->"C:\Program Files\HP Games\SCRABBLE\Uninstall.exe"
-->"C:\Program Files\HP Games\Super Granny\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Wheel of Fortune\Uninstall.exe"
-->"C:\Program Files\HP Games\Zuma Deluxe\Uninstall.exe"
-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A80000000002}
Enhanced Multimedia Keyboard Solution-->C:\HP\KBD\Install.exe /u
Hardware Diagnostic Tools-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
HP On-Screen Cap/Num/Scroll Lock Indicator-->C:\Windows\system32\OsdRemove.exe
HP Photosmart Essential 2.0-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Picasso Media Center Add-In-->MsiExec.exe /I{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
HP Total Care Advisor-->MsiExec.exe /X{2990BC81-3B19-4E53-A53E-30DE3F1BFFA8}
HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
McAfee SecurityCenter-->C:\Program Files\McAfee\MSC\mcuninst.exe
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Home and Student 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall HOMESTUDENTR /dll OSETUP.DLL
Microsoft Office Home and Student 2007-->MsiExec.exe /X{91120000-002F-0000-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
muvee autoProducer 6.0-->C:\Program Files\InstallShield Installation Information\{6AF49698-949A-4C89-9B31-041D2CCB5FBD}\setup.exe -runfromtemp -l0x0009 -removeonly
My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
Python 2.4.3-->MsiExec.exe /I{75E71ADD-042C-4F30-BFAC-A9EC42351313}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Rhapsody Player Engine-->MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Rhapsody-->C:\PROGRA~1\Rhapsody\Unwise32.exe /A C:\PROGRA~1\Rhapsody\install.log
Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Roxio Creator Audio-->MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9-->MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy-->MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator EasyArchive-->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
Roxio Creator Tools-->MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler 3-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD Basic v9-->MsiExec.exe /X{938B1CD7-7C60-491E-AA90-1F1888168240}
Snapfish Media Detector-->MsiExec.exe /X{4EF6FDB0-3B11-4820-9860-8E08E9965195}
Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1\UIU32m.exe -U -ITrx200Cz.INF

======Security center information======

AV: McAfee VirusScan
FW: McAfee Personal Firewall
AS: McAfee VirusScan
AS: Windows Defender (disabled)

======System event log======

Computer Name: GotoHell-PC
Event Code: 4374
Message: Windows Servicing identified that package KB938123_33(Security Update) is not applicable for this system
Record Number: 19148
Source Name: Microsoft-Windows-Servicing
Time Written: 20091226024516.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: GotoHell-PC
Event Code: 4374
Message: Windows Servicing identified that package KB938123_34(Security Update) is not applicable for this system
Record Number: 19149
Source Name: Microsoft-Windows-Servicing
Time Written: 20091226024516.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: GotoHell-PC
Event Code: 4374
Message: Windows Servicing identified that package KB938123_35(Security Update) is not applicable for this system
Record Number: 19150
Source Name: Microsoft-Windows-Servicing
Time Written: 20091226024517.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: GotoHell-PC
Event Code: 4374
Message: Windows Servicing identified that package KB968816(Security Update) is not applicable for this system
Record Number: 19170
Source Name: Microsoft-Windows-Servicing
Time Written: 20091226024542.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: GotoHell-PC
Event Code: 4374
Message: Windows Servicing identified that package KB975467(Security Update) is not applicable for this system
Record Number: 19189
Source Name: Microsoft-Windows-Servicing
Time Written: 20091226024557.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: GotoHell-PC
Event Code: 2004
Message: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Record Number: 1036
Source Name: Microsoft-Windows-PerfNet
Time Written: 20091226011231.000000-000
Event Type: Error
User:

Computer Name: GotoHell-PC
Event Code: 2002
Message: Unable to open the Redirector service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Record Number: 1037
Source Name: Microsoft-Windows-PerfNet
Time Written: 20091226011231.000000-000
Event Type: Error
User:

Computer Name: GotoHell-PC
Event Code: 1000
Message: Faulting application gmer.exe, version 1.0.15.15281, time stamp 0x4b2763f0, faulting module gmer.exe, version 1.0.15.15281, time stamp 0x4b2763f0, exception code 0xc0000005, fault offset 0x0000cb02, process id 0x638, application start time 0x01ca85c8423098a7.
Record Number: 1042
Source Name: Application Error
Time Written: 20091226021926.000000-000
Event Type: Error
User:

Computer Name: GotoHell-PC
Event Code: 6000
Message: The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
Record Number: 1043
Source Name: Microsoft-Windows-Winlogon
Time Written: 20091226022001.000000-000
Event Type: Warning
User:

Computer Name: GotoHell-PC
Event Code: 6000
Message: The winlogon notification subscriber <GPClient> was unavailable to handle a notification event.
Record Number: 1046
Source Name: Microsoft-Windows-Winlogon
Time Written: 20091226022001.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: GotoHell-PC
Event Code: 4904
Message: An attempt was made to register a security event source.

Subject :
Security ID: S-1-5-18
Account Name: GOTOHELL-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Process:
Process ID: 0xb64
Process Name: C:\Windows\System32\VSSVC.exe

Event Source:
Source Name: VSSAudit
Event Source ID: 0xd48c8
Record Number: 1023
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091226022609.663409-000
Event Type: Audit Success
User:

Computer Name: GotoHell-PC
Event Code: 4905
Message: An attempt was made to unregister a security event source.

Subject
Security ID: S-1-5-18
Account Name: GOTOHELL-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Process:
Process ID: 0xb64
Process Name: C:\Windows\System32\VSSVC.exe

Event Source:
Source Name: VSSAudit
Event Source ID: 0xd48c8
Record Number: 1024
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091226022609.664409-000
Event Type: Audit Success
User:

Computer Name: GotoHell-PC
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-18
Account Name: GOTOHELL-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: localhost
Additional Information: localhost

Process Information:
Process ID: 0x280
Process Name: C:\Windows\System32\services.exe

Network Information:
Network Address: -
Port: -

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 1025
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091226024622.561409-000
Event Type: Audit Success
User:

Computer Name: GotoHell-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: GOTOHELL-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x280
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 1026
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091226024622.561409-000
Event Type: Audit Success
User:

Computer Name: GotoHell-PC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 1027
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20091226024622.561409-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 107 Stepping 1, AuthenticAMD
"PROCESSOR_REVISION"=6b01
"NUMBER_OF_PROCESSORS"=2
"RoxioCentral"=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"PLATFORM"=HPD
"PCBRAND"=Presario
"OnlineServices"=Online Services

-----------------EOF-----------------Logfile of random's system information tool 1.06 (written by random/random)
Run by Go to Hell at 2009-12-25 18:45:23
Microsoft® Windows Vista™ Home Premium
System drive C: has 270 GB (91%) free of 296 GB
Total RAM: 1918 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:45:55 PM, on 12/25/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Go to Hell\Desktop\RSIT.exe
C:\Users\Go to Hell\Desktop\RSIT.exe
C:\Program Files\trend micro\Go to Hell.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SnapfishMediaDetector] C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\RunOnce: [PCDrProfiler] C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe -r
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Snapfish Media Detector.lnk = C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6088 bytes

======Scheduled tasks folder======

C:\Windows\tasks\McDefragTask.job
C:\Windows\tasks\McQcTask.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-11-04 62784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2009-01-29 145424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-02 1004136]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2006-09-28 65536]
"KBD"=C:\HP\KBD\KbdStub.EXE [2006-12-08 65536]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-02-10 90192]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-02-10 8429568]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-02-10 81920]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-01 4390912]
""= []
"SnapfishMediaDetector"=C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe [2007-03-02 1441792]
"HP Software Update"=c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-16 49152]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2009-10-29 1218008]
"McENUI"=C:\PROGRA~1\McAfee\MHN\McENUI.exe [2009-07-07 1176808]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"PCDrProfiler"=C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [2007-02-08 73728]
"Launcher"=C:\Windows\SMINST\launcher.exe [2007-03-07 44168]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Snapfish Media Detector.lnk - C:\Program Files\Snapfish Media Detector\SnapfishMediaDetector.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2009-12-25 18:45:26 ----D---- C:\Program Files\trend micro
2009-12-25 18:45:23 ----D---- C:\rsit
2009-12-25 16:56:17 ----A---- C:\Windows\system32\rastls.dll
2009-12-25 16:56:17 ----A---- C:\Windows\system32\raschap.dll
2009-12-23 16:55:39 ----D---- C:\Users\Go to Hell\AppData\Roaming\Adobe
2009-12-09 10:57:33 ----A---- C:\Windows\system32\L2SecHC.dll
2009-12-09 10:57:32 ----A---- C:\Windows\system32\wlanhlp.dll
2009-12-09 10:57:32 ----A---- C:\Windows\system32\wlanapi.dll
2009-12-09 10:57:31 ----A---- C:\Windows\system32\wlansvc.dll
2009-12-09 10:57:31 ----A---- C:\Windows\system32\wlansec.dll
2009-12-09 10:57:31 ----A---- C:\Windows\system32\wlanmsm.dll
2009-12-09 10:56:01 ----A---- C:\Windows\explorer.exe
2009-12-09 10:45:15 ----A---- C:\Windows\system32\win32spl.dll
2009-12-09 10:45:15 ----A---- C:\Windows\system32\printcom.dll
2009-12-09 10:44:34 ----A---- C:\Windows\system32\wshrm.dll
2009-12-09 10:44:09 ----A---- C:\Windows\system32\wmpdxm.dll
2009-12-09 10:43:32 ----A---- C:\Windows\system32\sbunattend.exe
2009-12-09 10:43:12 ----A---- C:\Windows\system32\oleaut32.dll
2009-12-09 10:42:42 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-12-09 10:42:42 ----A---- C:\Windows\system32\dnscacheugc.exe
2009-12-09 10:42:42 ----A---- C:\Windows\system32\dnsapi.dll
2009-12-09 10:42:14 ----A---- C:\Windows\system32\schannel.dll
2009-12-09 10:41:45 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-12-09 10:41:43 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-12-09 10:41:43 ----A---- C:\Windows\system32\gameux.dll
2009-12-09 10:41:05 ----A---- C:\Windows\system32\rrinstaller.exe
2009-12-09 10:41:05 ----A---- C:\Windows\system32\mfps.dll
2009-12-09 10:41:05 ----A---- C:\Windows\system32\mfpmp.exe
2009-12-09 10:41:05 ----A---- C:\Windows\system32\mferror.dll
2009-12-09 10:41:05 ----A---- C:\Windows\system32\mf.dll
2009-12-09 10:41:04 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-12-09 10:41:04 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-12-09 10:41:04 ----A---- C:\Windows\system32\logagent.exe
2009-12-09 10:39:57 ----A---- C:\Windows\system32\INETRES.dll
2009-12-09 10:39:57 ----A---- C:\Windows\system32\inetcomm.dll
2009-12-09 10:39:30 ----A---- C:\Windows\system32\msasn1.dll
2009-12-09 10:39:05 ----A---- C:\Windows\system32\connect.dll
2009-12-09 10:38:48 ----A---- C:\Windows\system32\wmi.dll
2009-12-09 10:38:48 ----A---- C:\Windows\system32\imagehlp.dll
2009-12-09 10:38:03 ----A---- C:\Windows\system32\rpcrt4.dll
2009-12-09 10:37:46 ----A---- C:\Windows\system32\quartz.dll
2009-12-09 10:35:55 ----A---- C:\Windows\system32\WSDApi.dll
2009-12-09 10:35:13 ----D---- C:\Program Files\MSXML 4.0
2009-12-09 10:34:27 ----A---- C:\Windows\system32\user32.dll
2009-12-09 10:34:13 ----A---- C:\Windows\system32\msxml6r.dll
2009-12-09 10:34:13 ----A---- C:\Windows\system32\msxml6.dll
2009-12-09 10:33:27 ----A---- C:\Windows\system32\qmgr.dll
2009-12-09 10:33:17 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-12-09 10:32:33 ----A---- C:\Windows\system32\wmploc.DLL
2009-12-09 10:32:33 ----A---- C:\Windows\system32\wmp.dll
2009-12-09 10:32:32 ----A---- C:\Windows\system32\spwmp.dll
2009-12-09 10:32:32 ----A---- C:\Windows\system32\dxmasf.dll
2009-12-09 10:32:29 ----A---- C:\Windows\system32\unregmp2.exe
2009-12-07 18:44:14 ----D---- C:\Users\Go to Hell\AppData\Roaming\Macromedia
2009-12-07 18:16:43 ----A---- C:\Windows\system32\wups2.dll
2009-12-07 18:16:43 ----A---- C:\Windows\system32\wucltux.dll
2009-12-07 18:16:43 ----A---- C:\Windows\system32\wuaueng.dll
2009-12-07 18:16:43 ----A---- C:\Windows\system32\wuauclt.exe
2009-12-07 18:15:03 ----A---- C:\Windows\system32\wuwebv.dll
2009-12-07 18:15:03 ----A---- C:\Windows\system32\wuapp.exe
2009-12-04 21:01:42 ----D---- C:\ProgramData\SiteAdvisor
2009-12-04 20:59:13 ----D---- C:\Program Files\Common Files\McAfee
2009-12-04 20:59:10 ----D---- C:\Program Files\McAfee.com
2009-12-04 20:59:06 ----D---- C:\Program Files\McAfee
2009-12-04 20:49:25 ----SHD---- C:\Config.Msi
2009-12-04 20:42:19 ----D---- C:\ProgramData\McAfee
2009-12-04 19:31:44 ----A---- C:\Windows\ntbtlog.txt
2009-12-04 19:17:10 ----D---- C:\Users\Go to Hell\AppData\Roaming\Snapfish
2009-12-04 19:16:42 ----D---- C:\Users\Go to Hell\AppData\Roaming\Identities
2009-12-04 19:16:17 ----SD---- C:\Users\Go to Hell\AppData\Roaming\Microsoft
2009-12-04 19:16:17 ----D---- C:\Users\Go to Hell\AppData\Roaming\Media Center Programs
2009-12-04 15:36:26 ----D---- C:\ProgramData\Hewlett-Packard
2009-12-04 15:32:54 ----D---- C:\Windows\SMINST
2009-12-04 15:27:21 ----A---- C:\Windows\system32\capicom.dll
2009-12-04 15:27:16 ----D---- C:\ProgramData\Symantec
2009-12-04 15:27:03 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-12-04 15:25:45 ----D---- C:\Program Files\Yahoo!
2009-12-04 15:24:01 ----D---- C:\Program Files\Online Services
2009-12-04 15:24:01 ----D---- C:\Program Files\earthlink totalaccess
2009-12-04 15:21:33 ----D---- C:\ProgramData\PC-Doctor
2009-12-04 15:21:07 ----D---- C:\Program Files\PC-Doctor 5 for Windows
2009-12-04 15:19:21 ----D---- C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
2009-12-04 15:19:14 ----D---- C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
2009-12-04 15:18:42 ----A---- C:\Windows\system32\msonpmon.dll
2009-12-04 15:18:07 ----D---- C:\Program Files\Common Files\DESIGNER
2009-12-04 15:17:58 ----D---- C:\Windows\PCHEALTH
2009-12-04 15:17:58 ----D---- C:\Program Files\Microsoft.NET
2009-12-04 15:16:52 ----D---- C:\ProgramData\Microsoft Help
2009-12-04 15:16:39 ----RHD---- C:\MSOCache
2009-12-04 15:16:20 ----D---- C:\Program Files\Microsoft Office
2009-12-04 15:16:12 ----D---- C:\Program Files\Microsoft Works
2009-12-04 15:14:57 ----D---- C:\Program Files\Snapfish Media Detector
2009-12-04 15:14:20 ----D---- C:\ProgramData\Adobe
2009-12-04 15:14:15 ----D---- C:\Program Files\Common Files\Adobe
2009-12-04 15:14:15 ----D---- C:\Program Files\Adobe
2009-12-04 15:13:26 ----N---- C:\Windows\system32\pxhpinst.exe
2009-12-04 15:13:10 ----D---- C:\Program Files\muvee Technologies
2009-12-04 15:13:09 ----D---- C:\Program Files\Common Files\muvee Technologies
2009-12-04 15:13:08 ----D---- C:\ProgramData\muvee Technologies
2009-12-04 15:12:42 ----D---- C:\Program Files\Common Files\xing shared
2009-12-04 15:12:38 ----A---- C:\Windows\system32\rmoc3260.dll
2009-12-04 15:12:35 ----A---- C:\Windows\system32\pndx5032.dll
2009-12-04 15:12:35 ----A---- C:\Windows\system32\pndx5016.dll
2009-12-04 15:12:35 ----A---- C:\Windows\system32\pncrt.dll
2009-12-04 15:12:34 ----D---- C:\Program Files\Common Files\Real
2009-12-04 15:12:02 ----D---- C:\Program Files\Real
2009-12-04 15:11:44 ----D---- C:\Program Files\Rhapsody
2009-12-04 15:11:01 ----AD---- C:\Program Files\Common Files\LS Getting Started
2009-12-04 15:11:01 ----AD---- C:\Program Files\Common Files\LightScribe
2009-12-04 15:10:53 ----D---- C:\Program Files\Common Files\SureThing Shared
2009-12-04 15:09:40 ----D---- C:\ProgramData\Sonic
2009-12-04 15:09:21 ----D---- C:\Program Files\Common Files\PX Storage Engine
2009-12-04 15:08:50 ----D---- C:\ProgramData\Roxio
2009-12-04 15:08:49 ----D---- C:\Program Files\Common Files\Sonic Shared
2009-12-04 15:08:48 ----D---- C:\Program Files\Roxio
2009-12-04 15:08:48 ----D---- C:\Program Files\Common Files\Roxio Shared
2009-12-04 15:02:47 ----D---- C:\Program Files\Common Files\HP
2009-12-04 15:02:46 ----D---- C:\Program Files\HP
2009-12-04 15:02:13 ----D---- C:\ProgramData\HP
2009-12-04 14:57:09 ----D---- C:\ProgramData\WildTangent
2009-12-04 14:57:09 ----D---- C:\Program Files\HP Games
2009-12-04 14:56:35 ----D---- C:\Windows\system32\Macromed
2009-12-04 14:52:55 ----A---- C:\Windows\DIFxAPI.dll
2009-12-04 14:52:53 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-04 14:52:53 ----D---- C:\Program Files\Realtek
2009-12-04 14:52:53 ----A---- C:\Windows\RtlExUpd.dll
2009-12-04 14:52:53 ----A---- C:\Windows\HideWin.exe
2009-12-04 14:52:50 ----D---- C:\Program Files\Common Files\InstallShield
2009-12-04 14:52:41 ----D---- C:\Windows\system32\RTCOM
2009-12-04 14:52:28 ----A---- C:\Windows\system32\SRSWOW.dll
2009-12-04 14:52:28 ----A---- C:\Windows\system32\SRSTSXT.dll
2009-12-04 14:52:28 ----A---- C:\Windows\system32\RtkPgExt.dll
2009-12-04 14:52:28 ----A---- C:\Windows\system32\RtkAPO.dll
2009-12-04 14:52:28 ----A---- C:\Windows\RtlUpd.exe
2009-12-04 14:52:28 ----A---- C:\Windows\RtHDVCpl.exe
2009-12-04 14:50:39 ----A---- C:\Windows\system32\nvwssr.dll
2009-12-04 14:50:38 ----A---- C:\Windows\system32\nvwss.dll
2009-12-04 14:50:38 ----A---- C:\Windows\system32\nvvitvsr.dll
2009-12-04 14:50:38 ----A---- C:\Windows\system32\nvvitvs.dll
2009-12-04 14:50:38 ----A---- C:\Windows\system32\nvuninst.exe
2009-12-04 14:50:38 ----A---- C:\Windows\system32\nvudisp.exe
2009-12-04 14:50:38 ----A---- C:\Windows\system32\nvsvc.dll
2009-12-04 14:50:38 ----A---- C:\Windows\system32\nvoglv32.dll
2009-12-04 14:50:38 ----A---- C:\Windows\system32\nvmoblsr.dll
2009-12-04 14:50:38 ----A---- C:\Windows\system32\nvmobls.dll
2009-12-04 14:50:38 ----A---- C:\Windows\system32\nvmctray.dll
2009-12-04 14:50:38 ----A---- C:\Windows\system32\nvmccssr.dll
2009-12-04 14:50:38 ----A---- C:\Windows\system32\nvmccss.dll
2009-12-04 14:50:38 ----A---- C:\Windows\system32\nvmccsrs.dll
2009-12-04 14:50:38 ----A---- C:\Windows\system32\nvmccs.dll
2009-12-04 14:50:37 ----A---- C:\Windows\system32\nvgamesr.dll
2009-12-04 14:50:37 ----A---- C:\Windows\system32\nvgames.dll
2009-12-04 14:50:37 ----A---- C:\Windows\system32\nvexpbar.dll
2009-12-04 14:50:37 ----A---- C:\Windows\system32\nvdispsr.dll
2009-12-04 14:50:36 ----A---- C:\Windows\system32\nvdisps.dll
2009-12-04 14:50:36 ----A---- C:\Windows\system32\nvcpluir.dll
2009-12-04 14:50:36 ----A---- C:\Windows\system32\nvcplui.exe
2009-12-04 14:50:36 ----A---- C:\Windows\system32\nvcpl.dll
2009-12-04 14:50:36 ----A---- C:\Windows\system32\nvcolor.exe
2009-12-04 14:50:36 ----A---- C:\Windows\system32\nvapi.dll
2009-12-04 14:50:35 ----A---- C:\Windows\system32\dpinst.exe
2009-12-04 14:49:47 ----A---- C:\Windows\system32\msscp.dll
2009-12-04 14:49:26 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-12-04 14:48:10 ----A---- C:\Windows\system32\wusa.exe
2009-12-04 14:47:51 ----A---- C:\Windows\system32\crypt32.dll
2009-12-04 14:47:31 ----A---- C:\Windows\system32\DWWIN.EXE
2009-12-04 14:46:31 ----A---- C:\Windows\system32\msshsq.dll
2009-12-04 14:46:08 ----A---- C:\Windows\system32\psisdecd.dll
2009-12-04 14:45:05 ----A---- C:\Windows\system32\mshtml.dll
2009-12-04 14:45:03 ----A---- C:\Windows\system32\ieapfltr.dll
2009-12-04 14:44:39 ----A---- C:\Windows\system32\hccoin.dll
2009-12-04 14:43:46 ----N---- C:\Windows\system32\OsdRemove.exe
2009-12-04 14:43:45 ----D---- C:\Program Files\Hewlett-Packard
2009-12-04 14:42:28 ----A---- C:\Windows\system32\cPC_DMIRD.dll
2009-12-04 14:40:37 ----A---- C:\Windows\system32\pywintypes24.dll
2009-12-04 14:40:37 ----A---- C:\Windows\system32\pythoncom24.dll
2009-12-04 14:40:23 ----A---- C:\Windows\system32\msvcr71.dll
2009-12-04 14:40:23 ----A---- C:\Windows\system32\mfc71.dll
2009-12-04 14:40:21 ----A---- C:\Windows\csup.txt
2009-12-04 14:40:03 ----SHD---- C:\Windows\Installer
2009-12-04 14:33:44 ----D---- C:\Windows\SoftwareDistribution
2009-12-04 14:33:08 ----D---- C:\Program Files\CONEXANT
2009-12-04 14:31:36 ----D---- C:\Windows\Debug
2009-12-04 14:30:02 ----D---- C:\Windows\Prefetch
2009-12-04 14:29:52 ----SHD---- C:\System Volume Information
2009-12-04 14:28:55 ----HD---- C:\hp
2009-12-04 14:28:46 ----A---- C:\Windows\system32\UCI32m15.dll
2009-12-04 14:28:46 ----A---- C:\Windows\system32\mdmxsdk.dll
2009-12-04 14:28:27 ----A---- C:\Windows\system32\idecoiins.dll
2009-12-04 14:28:27 ----A---- C:\Windows\system32\idecoi.dll
2009-12-04 14:28:16 ----D---- C:\Windows\system32\OEM
2009-12-04 14:28:16 ----D---- C:\Windows\Panther
2009-12-04 14:28:03 ----RAS---- C:\BOOTSECT.BAK
2009-12-04 14:28:01 ----SHD---- C:\Boot

======List of files/folders modified in the last 3 months======

2009-12-25 18:45:33 ----D---- C:\Windows\Temp
2009-12-25 18:45:26 ----RD---- C:\Program Files
2009-12-25 18:27:20 ----D---- C:\Windows\System32
2009-12-25 18:27:19 ----D---- C:\Windows\inf
2009-12-25 18:27:19 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-25 18:26:07 ----D---- C:\Windows\winsxs
2009-12-25 18:25:36 ----D---- C:\Windows\servicing
2009-12-25 17:14:20 ----D---- C:\Windows\system32\drivers
2009-12-25 17:09:57 ----D---- C:\Windows\system32\catroot
2009-12-25 17:08:57 ----D---- C:\Program Files\Windows Mail
2009-12-25 16:58:45 ----D---- C:\Windows\system32\catroot2
2009-12-23 13:36:13 ----D---- C:\Windows\system32\WDI
2009-12-09 11:24:30 ----D---- C:\Windows\system32\wbem
2009-12-09 11:24:28 ----D---- C:\Windows
2009-12-09 10:49:28 ----D---- C:\Windows\rescache
2009-12-09 10:46:46 ----D---- C:\Program Files\Windows Sidebar
2009-12-09 10:46:37 ----D---- C:\Windows\AppPatch
2009-12-09 10:32:43 ----D---- C:\Windows\system32\en-US
2009-12-09 10:32:42 ----D---- C:\Program Files\Windows Media Player
2009-12-09 10:29:42 ----D---- C:\Windows\ehome
2009-12-04 21:01:42 ----HD---- C:\ProgramData
2009-12-04 20:59:28 ----D---- C:\Windows\Tasks
2009-12-04 20:59:28 ----D---- C:\Windows\system32\Tasks
2009-12-04 20:59:13 ----D---- C:\Program Files\Common Files
2009-12-04 20:52:03 ----RSD---- C:\Windows\assembly
2009-12-04 20:47:34 ----D---- C:\Windows\system32\restore
2009-12-04 19:39:01 ----SD---- C:\ProgramData\Microsoft
2009-12-04 19:37:07 ----SHD---- C:\$Recycle.Bin
2009-12-04 19:36:33 ----RD---- C:\Users
2009-12-04 15:37:43 ----D---- C:\Windows\system32\sysprep
2009-12-04 15:36:15 ----D---- C:\Windows\system32\oobe
2009-12-04 15:22:48 ----RSD---- C:\Windows\Fonts
2009-12-04 15:20:51 ----D---- C:\Windows\Help
2009-12-04 15:18:13 ----D---- C:\Program Files\Common Files\microsoft shared
2009-12-04 15:17:16 ----D---- C:\Windows\ShellNew
2009-12-04 15:13:27 ----A---- C:\autoexec.bat
2009-12-04 15:11:45 ----D---- C:\Program Files\Internet Explorer
2009-12-04 14:46:52 ----A---- C:\Windows\system32\halmacpi.dll
2009-12-04 14:46:52 ----A---- C:\Windows\system32\halacpi.dll
2009-12-04 14:46:52 ----A---- C:\Windows\system32\hal.dll
2009-12-04 14:43:53 ----D---- C:\Windows\Logs
2009-12-04 14:40:21 ----D---- C:\Windows\Setup

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2009-11-04 214664]
R1 MPFP;MPFP; C:\Windows\System32\Drivers\Mpfp.sys [2009-07-16 130424]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 HSF_DP;HSF_DP; C:\Windows\system32\DRIVERS\HSX_DP.sys [2008-05-08 980992]
R3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2008-05-08 266752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-01 1744928]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2009-11-04 79816]
R3 mfebopk;McAfee Inc. mfebopk; C:\Windows\system32\drivers\mfebopk.sys [2009-11-04 35272]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\Windows\system32\drivers\mfesmfk.sys [2009-11-04 40552]
R3 netr73;Netopia RT73 Wireless Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2009-05-24 501248]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-01 429056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-02-10 7409024]
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-05-08 661504]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-01 235520]
S3 mferkdk;McAfee Inc. mferkdk; C:\Windows\system32\drivers\mferkdk.sys [2009-11-04 34248]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-01-17 61440]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2009-01-23 203280]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2009-10-29 865832]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2009-07-07 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2009-07-08 359952]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2009-11-04 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2009-10-27 895696]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2009-11-04 606736]
S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2009-10-28 365072]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-03-26 887544]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-03-08 74656]

-----------------EOF-----------------


Ok I am not able to post the gmer report. Every time I hit post it tells me its too long. Can sum you please advise me on what to do. I tried uploading and still wont work. Will run other things you ask for instead.




Malwarebytes' Anti-Malware 1.42
Database version: 3431
Windows 6.0.6000
Internet Explorer 7.0.6000.16386

12/25/2009 7:06:24 PM
mbam-log-2009-12-25 (19-06-24).txt

Scan type: Quick Scan
Objects scanned: 104603
Time elapsed: 6 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by kymberly, 25 December 2009 - 10:08 PM.


#6 sundavis

sundavis

  • Malware Response Team
  • 2,708 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:29 PM

Posted 26 December 2009 - 04:23 AM

Hi kymberly,


Can sum you please advise me on what to do.

Yes, you can use multiple post while one frame cant fit all posts or you may upload the files as instructed in this thread .

Dr. Web cannot be deleted

Can you post the Dr.Web log if still available? Or, you may rerun it and save the logs (in the Dr.Web CureIt menu on top, click file and choose save report list)

Configuring Updates Please Wait...

In your event log, the problem seemed you cant update your Vista and can't configure it properly as well. Had you ever tried to download the hotfix and install it manually?

Please post the contents of Gmer and Dr.Web log in your next reply and detail the problem you're experiencing now.

Edited by sundavis, 26 December 2009 - 05:13 AM.


#7 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 30 December 2009 - 08:13 PM

SlgClientServicesRedists.exe\data002;C:\Program Files\HP Games\Cake Mania\SlgClientServicesRedists.exe;Adware.SpywareStorm;;
SlgClientServicesRedists.exe;C:\Program Files\HP Games\Cake Mania;Archive contains infected objects;;
Setup.exe\data053;C:\Program Files\Online Services\Netscape_ca\Setup.exe;Trojan.MulDrop.origin;;
Setup.exe;C:\Program Files\Online Services\Netscape_ca;Archive contains infected objects;;
cakemania-setup.exe/data032\data002;D:\hp\apps\APP04310\src\install\games\cakemania-setup.exe/data032;Adware.SpywareStorm;;
data032;D:\hp\apps\APP04310\src\install\games;Archive contains infected objects;;
cakemania-setup.exe;D:\hp\apps\APP04310\src\install\games;Archive contains infected objects;;

SlgClientServicesRedists.exe\data002;C:\Program Files\HP Games\Cake Mania\SlgClientServicesRedists.exe;Adware.SpywareStorm;;
SlgClientServicesRedists.exe;C:\Program Files\HP Games\Cake Mania;Archive contains infected objects;Cannot delete.;
Setup.exe\data053;C:\Program Files\Online Services\Netscape_ca\Setup.exe;Trojan.MulDrop.origin;;
Setup.exe;C:\Program Files\Online Services\Netscape_ca;Archive contains infected objects;Cannot delete.;
cakemania-setup.exe/data032\data002;D:\hp\apps\APP04310\src\install\games\cakemania-setup.exe/data032;Adware.SpywareStorm;;
data032;D:\hp\apps\APP04310\src\install\games;Archive contains infected objects;;
cakemania-setup.exe;D:\hp\apps\APP04310\src\install\games;Archive contains infected objects;Cannot delete.;

#8 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 30 December 2009 - 09:44 PM

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2009-12-30 18:03:55
Windows 6.0.6000
Running: gmer.exe; Driver: C:\Users\GOTOHE~1\AppData\Local\Temp\uxrirkog.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAcceptConnectPort [0x81DBE057]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheck [0x81C657CE]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckAndAuditAlarm [0x81E4A707]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByType [0x81C65805]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeAndAuditAlarm [0x81E4A746]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeResultList [0x81C65840]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeResultListAndAuditAlarm [0x81E4A78F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeResultListAndAuditAlarmByHandle [0x81E4A7D8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAddAtom [0x81E88F47]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAddBootEntry [0x81E8AFF4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAddDriverEntry [0x81E8C282]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAdjustGroupsToken [0x81E3EEE5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAdjustPrivilegesToken [0x81E3EACD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlertResumeThread [0x81E1D327]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlertThread [0x81E1D2CF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateLocallyUniqueId [0x81E89390]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateUserPhysicalPages [0x81DE743F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateUuids [0x81E88A70]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateVirtualMemory [0x81DD531F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcAcceptConnectPort [0x81DC0B37]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCancelMessage [0x81DC62C7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcConnectPort [0x81DBFE3B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCreatePort [0x81DBF54B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCreatePortSection [0x81DC839B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCreateResourceReserve [0x81DC9CC3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCreateSectionView [0x81DC8637]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcCreateSecurityContext [0x81DCA27F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcDeletePortSection [0x81DC853A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcDeleteResourceReserve [0x81DC9DFA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcDeleteSectionView [0x81DC886D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcDeleteSecurityContext [0x81DCA577]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcDisconnectPort [0x81DCC39B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcImpersonateClientOfPort [0x81DCA803]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcOpenSenderProcess [0x81DCE107]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcOpenSenderThread [0x81DCE6B7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcQueryInformation [0x81DCD953]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcQueryInformationMessage [0x81DC70D5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcRevokeSecurityContext [0x81DCA430]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcSendWaitReceivePort [0x81DC615B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlpcSetInformation [0x81DCD48B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwApphelpCacheControl [0x81E9F2F9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAreMappedFilesTheSame [0x81DD21CB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAssignProcessToJobObject [0x81E1F5BB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCallbackReturn [0x81C8037C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelDeviceWakeupRequest [0x81D8046C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelIoFile [0x81D8BD6C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelTimer [0x81C79318]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwClearEvent [0x81E87095]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwClose [0x81DF189C]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCloseObjectAuditAlarm [0x81E4ACC9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompactKeys [0x81D3CD2B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompareTokens [0x81E4E0C9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompleteConnectPort [0x81DBE0DB]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompressKey [0x81D3CFB7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwConnectPort [0x81DBE023]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwContinue [0x81C903B8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateDebugObject [0x81D752D2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateDirectoryObject [0x81DED9DF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateEvent [0x81E870E8]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateEventPair [0x81E8FA91]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateFile [0x81D8EC5E]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateIoCompletion [0x81D8B298]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateJobObject [0x81E1F339]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateJobSet [0x81E2210F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKey [0x81D37576]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKeyTransacted [0x81D375D9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateMailslotFile [0x81D8ED8F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateMutant [0x81E8FF0A]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateNamedPipeFile [0x81D8ECA1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreatePrivateNamespace [0x81DFA0B6]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreatePagingFile [0x81DE37EC]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreatePort [0x81DBDB25]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProcess [0x81E123B2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProcessEx [0x81E123FD]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProfile [0x81E90403]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateSection [0x81DD7703]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateSemaphore [0x81E880FF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateSymbolicLinkObject [0x81DEFC6B]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateThread [0x81E11F31]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateTimer [0x81E8F6F1]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateToken [0x81E4CCED]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateTransaction [0x81E53AC4]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenTransaction [0x81E53DD7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationTransaction [0x81E53FCF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationTransactionManager [0x81E56472]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrePrepareEnlistment [0x81E54E64]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrepareEnlistment [0x81E54DA3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCommitEnlistment [0x81E54F25]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadOnlyEnlistment [0x81E553A9]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRollbackComplete [0x81E55468]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRollbackEnlistment [0x81E54FE6]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCommitTransaction [0x81E544CF]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRollbackTransaction [0x81E54538]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrePrepareComplete [0x81E55168]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrepareComplete [0x81E550A7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCommitComplete [0x81E55229]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSinglePhaseReject [0x81E552EA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationTransaction [0x81E545B5]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationTransactionManager [0x81E56879]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationResourceManager [0x81E55D36]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateTransactionManager [0x81E55ED0]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenTransactionManager [0x81E560E7]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRollforwardTransactionManager [0x81E56356]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRecoverEnlistment [0x81E549C3]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRecoverResourceManager [0x81E55999]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRecoverTransactionManager [0x81E56417]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateResourceManager [0x81E55527]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenResourceManager [0x81E557ED]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetNotificationResourceManager [0x81E559F2]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationResourceManager [0x81E55B07]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateEnlistment [0x81E5470D]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenEnlistment [0x81E547FA]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationEnlistment [0x81E54C06]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationEnlistment [0x81E54A1F]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwStartTm [0x81E89383]
SSDT \SystemRoot\system32\ntkrnlpa.exe (NT Kernel &

Edited by kymberly, 30 December 2009 - 09:47 PM.


#9 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 30 December 2009 - 09:46 PM

INT 0x00 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8D640
INT 0x01 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8D7C0
INT 0x03 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8DC14
INT 0x04 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8DD9C
INT 0x05 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8DEFC
INT 0x06 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8E070
INT 0x07 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8E6E0
INT 0x09 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8EB08
INT 0x0A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8EC2C
INT 0x0B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8ED6C
INT 0x0C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8EFCC
INT 0x0D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8F2B4
INT 0x0E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8F998
INT 0x0F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FD28
INT 0x10 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FE4C
INT 0x11 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FF8C
INT 0x12 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FD28
INT 0x13 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C900F8
INT 0x14 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FD28
INT 0x15 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FD28
INT 0x16 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FD28
INT 0x17 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FD28
INT 0x18 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FD28
INT 0x19 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FD28
INT 0x1A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FD28
INT 0x1B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FD28
INT 0x1C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FD28
INT 0x1D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FD28
INT 0x1E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FD28
INT 0x1F \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81FB5AC4
INT 0x2A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8CDAA
INT 0x2B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8CF30
INT 0x2C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8D06C
INT 0x2D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8DAEC
INT 0x2E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C76E
INT 0x2F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8FD28
INT 0x30 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BE30
INT 0x31 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BE3A
INT 0x32 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BE44
INT 0x33 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BE4E
INT 0x34 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BE58
INT 0x35 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BE62
INT 0x36 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BE6C
INT 0x37 \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81FB50E8
INT 0x38 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BE80
INT 0x39 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BE8A
INT 0x3A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BE94
INT 0x3B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BE9E
INT 0x3C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BEA8
INT 0x3D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BEB2
INT 0x3E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BEBC
INT 0x3F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BEC6
INT 0x40 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BED0
INT 0x41 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BEDA
INT 0x42 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BEE4
INT 0x43 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BEEE
INT 0x44 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BEF8
INT 0x45 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BF02
INT 0x46 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BF0C
INT 0x47 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BF16
INT 0x48 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BF20
INT 0x49 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BF2A
INT 0x4A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BF34
INT 0x4B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BF3E
INT 0x4C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BF48
INT 0x4D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BF52
INT 0x4E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BF5C
INT 0x4F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BF66
INT 0x50 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BF70
INT 0x51 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BF7A
INT 0x52 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) 88014E1B
INT 0x53 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BF8E
INT 0x54 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BF98
INT 0x55 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BFA2
INT 0x56 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BFAC
INT 0x57 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BFB6
INT 0x58 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BFC0
INT 0x59 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BFCA
INT 0x5A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BFD4
INT 0x5B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BFDE
INT 0x5C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BFE8
INT 0x5D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BFF2
INT 0x5E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8BFFC
INT 0x5F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C006
INT 0x60 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C010
INT 0x61 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C01A
INT 0x62 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) 88014E1B
INT 0x63 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C02E
INT 0x64 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C038
INT 0x65 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C042
INT 0x66 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C04C
INT 0x67 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C056
INT 0x68 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C060
INT 0x69 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C06A
INT 0x6A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C074
INT 0x6B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C07E
INT 0x6C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C088
INT 0x6D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C092
INT 0x6E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C09C
INT 0x6F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C0A6
INT 0x70 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C0B0
INT 0x71 \SystemRoot\system32\DRIVERS\i8042prt.sys (i8042 Port Driver/Microsoft Corporation) 8806A15C
INT 0x72 \SystemRoot\system32\drivers\storport.sys (Microsoft Storage Port Driver/Microsoft Corporation) 8078EED0
INT 0x73 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C0CE
INT 0x74 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C0D8
INT 0x75 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C0E2
INT 0x76 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C0EC
INT 0x77 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C0F6
INT 0x78 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C100
INT 0x79 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C10A
INT 0x7A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C114
INT 0x7B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C11E
INT 0x7C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C128
INT 0x7D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C132
INT 0x7E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C13C
INT 0x7F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C146
INT 0x80 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C150
INT 0x81 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C15A
INT 0x82 \SystemRoot\system32\drivers\storport.sys (Microsoft Storage Port Driver/Microsoft Corporation) 8078EED0
INT 0x83 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C16E
INT 0x84 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C178
INT 0x85 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C182
INT 0x86 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C18C
INT 0x87 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C196
INT 0x88 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C1A0
INT 0x89 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C1AA
INT 0x8A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C1B4
INT 0x8B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C1BE
INT 0x8C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C1C8
INT 0x8D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C1D2
INT 0x8E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C1DC
INT 0x8F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C1E6
INT 0x90 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C1F0
INT 0x91 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C1FA
INT 0x92 \SystemRoot\system32\drivers\ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) 807E9E30
INT 0x93 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C20E
INT 0x94 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C218
INT 0x95 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C222
INT 0x96 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C22C
INT 0x97 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C236
INT 0x98 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C240
INT 0x99 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C24A
INT 0x9A \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C254
INT 0x9B \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C25E
INT 0x9C \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C268
INT 0x9D \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C272
INT 0x9E \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C27C
INT 0x9F \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C286
INT 0xA0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C290
INT 0xA1 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C29A
INT 0xA2 \SystemRoot\system32\drivers\ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) 807E9E30
INT 0xA3 \SystemRoot\system32\DRIVERS\ohci1394.sys (1394 OpenHCI Port Driver/Microsoft Corporation) 881B6354
INT 0xA4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C2B8
INT 0xA5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C2C2
INT 0xA6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C2CC
INT 0xA7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C2D6
INT 0xA8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C2E0
INT 0xA9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C2EA
INT 0xAA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C2F4
INT 0xAB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C2FE
INT 0xAC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C308
INT 0xAD \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C312
INT 0xAE \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C31C
INT 0xAF \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C326
INT 0xB0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C330
INT 0xB1 \SystemRoot\system32\drivers\acpi.sys (ACPI Driver for NT/Microsoft Corporation) 8023768C
INT 0xB2 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C344
INT 0xB3 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C34E
INT 0xB4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C358
INT 0xB5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C362
INT 0xB6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C36C
INT 0xB7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C376
INT 0xB8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C380
INT 0xB9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C38A
INT 0xBA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C394
INT 0xBB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C39E
INT 0xBC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C3A8
INT 0xBD \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C3B2
INT 0xBE \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C3BC
INT 0xBF \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C3C6
INT 0xC0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C3D0
INT 0xC1 \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81FB53D8
INT 0xC2 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C3E4
INT 0xC3 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C3EE
INT 0xC4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C3F8
INT 0xC5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C402
INT 0xC6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C40C
INT 0xC7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C416
INT 0xC8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C420
INT 0xC9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C42A
INT 0xCA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C434
INT 0xCB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C43E
INT 0xCC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C448
INT 0xCD \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C452
INT 0xCE \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C45C
INT 0xCF \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C466
INT 0xD0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C470
INT 0xD1 \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81FA497C
INT 0xD2 \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81FA3F08
INT 0xD3 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C48E
INT 0xD4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C498
INT 0xD5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C4A2
INT 0xD6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C4AC
INT 0xD7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C4B6
INT 0xD8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C4C0
INT 0xD9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C4CA
INT 0xDA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C4D4
INT 0xDB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C4DE
INT 0xDC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C4E8
INT 0xDD \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C4F2
INT 0xDE \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C4FC
INT 0xDF \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81FB51C0
INT 0xE0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C510
INT 0xE1 \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81FB5934
INT 0xE2 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C524
INT 0xE3 \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81FB56D4
INT 0xE4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C538
INT 0xE5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C542
INT 0xE6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C54C
INT 0xE7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C556
INT 0xE8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C560
INT 0xE9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C56A
INT 0xEA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C574
INT 0xEB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C57E
INT 0xEC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C588
INT 0xED \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C592
INT 0xEE \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C599
INT 0xEF \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C5A0
INT 0xF0 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C5A7
INT 0xF1 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C5AE
INT 0xF2 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C5B5
INT 0xF3 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C5BC
INT 0xF4 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C5C3
INT 0xF5 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C5CA
INT 0xF6 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C5D1
INT 0xF7 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C5D8
INT 0xF8 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C5DF
INT 0xF9 \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C5E6
INT 0xFA \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C5ED
INT 0xFB \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C5F4
INT 0xFC \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C5FB
INT 0xFD \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81FB5EDC
INT 0xFE \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81FB6148
INT 0xFF \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C8C610

SYSENTER \SystemRoot\system32\ntkrnlpa.exe

#10 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 30 December 2009 - 09:48 PM

-- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device \FileSystem\Ntfs \Ntfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Ntfs \Ntfs Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device \FileSystem\Ntfs \Ntfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \
Device \Driver\NDIS \Device\Ndis ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation)
Device \Driver\KSecDD \Device\KsecDD ksecdd.sys (Kernel Security Support Provider Interface/Microsoft Corporation)
Device \Driver\KSecDD \Device\KsecDD ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Beep \Device\Beep Beep.SYS (BEEP Driver/Microsoft Corporation)
Device \Driver\Beep \Device\Beep ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000032
Device \Device\00000025
Device \Device\00000019
Device \Device\00000033
Device \Device\00000026
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy1 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation)
Device \Device\00000040
Device \Device\00000034
Device \Device\00000027
Device \Driver\kbdclass \Device\KeyboardClass0 kbdclass.sys (Keyboard Class Driver/Microsoft Corporation)
Device \Driver\kbdclass \Device\KeyboardClass0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\Video0
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy2 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation)
Device \Device\00000041
Device \Driver\Wdf01000 \Device\KMDF0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
Device \Driver\Wdf01000 \Device\KMDF0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\WMIxWDM \Device\WMIAdminDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\WMIxWDM \Device\WMIAdminDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000035
Device \Device\00000028
Device \Driver\kbdclass \Device\KeyboardClass1 kbdclass.sys (Keyboard Class Driver/Microsoft Corporation)
Device \Driver\kbdclass \Device\KeyboardClass1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000036 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000036 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy3 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\VolMgrControl volmgr.sys (Volume Manager Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\VolMgrControl ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000042 acpi.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Device\00000029
Device \Driver\PnpManager \Device\00000037 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000037 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\mouclass \Device\PointerClass0 mouclass.sys (Mouse Class Driver/Microsoft Corporation)
Device \Driver\mouclass \Device\PointerClass0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\nvstor32 \Device\00000050 storport.sys (Microsoft Storage Port Driver/Microsoft Corporation)
Device \Driver\nvstor32 \Device\00000050 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy4 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation)
Device \Driver\ACPI \Device\00000043 acpi.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Device\0000000a
Device \Driver\nvstor32 \Device\00000051 storport.sys (Microsoft Storage Port Driver/Microsoft Corporation)
Device \Driver\nvstor32 \Device\00000051 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\PointerClass1
Device \Driver\usbohci \Device\USBPDO-0 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbohci \Device\USBPDO-0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000038 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000038 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy5 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation)
Device \Driver\ACPI \Device\00000044 acpi.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Device\0000000b
Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbehci \Device\USBPDO-1 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbehci \Device\USBPDO-1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy6 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation)
Device \Device\00000045
Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000039
Device \Device\0000000c
Device \Driver\usbhub \Device\USBPDO-2 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\USBPDO-2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbhub \Device\00000053 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\00000053 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy7 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation)
Device \Device\00000046
Device \Device\NTPNP_PCI0000
Device \Device\0000001a
Device \Device\0000000d
Device \Driver\USBSTOR \Device\00000060 USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation)
Device \Driver\USBSTOR \Device\00000060 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbhub \Device\USBPDO-3 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\USBPDO-3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbhub \Device\00000054 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\00000054 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy8 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation)
Device \Device\00000047
Device \Driver\pci \Device\NTPNP_PCI0001 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0001 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Device\0000001b
Device \Device\0000000e
Device \Driver\USBSTOR \Device\00000061 USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation)
Device \Driver\USBSTOR \Device\00000061 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000055
Device \Driver\volsnap \Device\HarddiskVolumeShadowCopy9 volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation)
Device \Device\00000048
Device \Device\NTPNP_PCI0002
Device \Device\0000001c
Device \Device\0000000f
Device \Driver\pci \Device\NTPNP_PCI0010 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0010 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Device\00000049
Device \Device\NTPNP_PCI0003
Device \Device\0000001d
Device \Driver\usbccgp \Device\00000057 usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation)
Device \Driver\usbccgp \Device\00000057 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0004 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0004 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0011 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0011 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Device\0000002a
Device \Device\0000001e
Device \Driver\volmgr \Device\HarddiskVolume1 volmgr.sys (Volume Manager Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000058
Device \Driver\pci \Device\NTPNP_PCI0005 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0005 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Device\NTPNP_PCI0012
Device \Device\0000002b
Device \Device\0000001f
Device \Driver\volmgr \Device\HarddiskVolume2 volmgr.sys (Volume Manager Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\cdrom \Device\CdRom0 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\cdrom \Device\CdRom0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000059
Device \Driver\TermDD \Device\Termdd termdd.sys (Terminal Server Driver/Microsoft Corporation)
Device \Driver\Ecache \Device\ECacheControl ecache.sys (Special Memory Device Cache/Microsoft Corporation)
Device \Device\NTPNP_PCI0013
Device \Device\NTPNP_PCI0006
Device \Device\0000002c
Device \Driver\volmgr \Device\HarddiskVolume3 volmgr.sys (Volume Manager Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\_HID00000000
Device \Driver\PnpManager \Device\0000003a ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003a ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort0 ataport.SYS (ATAPI Driver Extension/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort1 ataport.SYS (ATAPI Driver Extension/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pciide \Device\Ide\PciIde0Channel0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pciide \Device\Ide\PciIde0Channel0 PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation)
Device \Driver\pciide \Device\Ide\PciIde0Channel1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pciide \Device\Ide\PciIde0Channel1 PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation)
Device \Device\Ide\PciIde0
Device \Device\i
Device \Driver\pci \Device\NTPNP_PCI0007 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0007 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume4 volmgr.sys (Volume Manager Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume4 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0021 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\pci \Device\NTPNP_PCI0021 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003b ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000003b ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume5 volmgr.sys (Volume Manager Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume5 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\0000003c ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\0000003c hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume6 volmgr.sys (Volume Manager Driver/Microsoft Corporation)
Device \Driver\volmgr \Device\HarddiskVolume6 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000003f acpi.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\ACPI \Device\0000004c acpi.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\MountMgr \Device\MountPointManager mountmgr.sys (Mount Point Manager/Microsoft Corporation)
Device \Driver\MountMgr \Device\MountPointManager ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\HidUsb \Device\0000005b HIDCLASS.SYS (Hid Class Library/Microsoft Corporation)
Device \Driver\HidUsb \Device\0000005b ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\HidUsb \Device\0000005c HIDCLASS.SYS (Hid Class Library/Microsoft Corporation)
Device \Driver\HidUsb \Device\0000005c ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000004f acpi.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\nvstor32 \Device\RaidPort0 storport.sys (Microsoft Storage Port Driver/Microsoft Corporation)
Device \Driver\nvstor32 \Device\RaidPort0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Mup \Device\Mup mup.sys (Multiple UNC Provider driver/Microsoft Corporation)
Device \Driver\USBSTOR \Device\0000005d USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation)
Device \Driver\USBSTOR \Device\0000005d ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Ps2 \Device\Ps2 PS2.sys (PS2 SYS/Hewlett-Packard Company)
Device \Driver\nvstor32 \Device\RaidPort1 storport.sys (Microsoft Storage Port Driver/Microsoft Corporation)
Device \Driver\nvstor32 \Device\RaidPort1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\disk \Device\Harddisk0\DR0 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\disk \Device\Harddisk0\DR0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\USBSTOR \Device\0000005e USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation)
Device \Driver\USBSTOR \Device\0000005e ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\iScsiPrt \Device\RaidPort2 storport.sys (Microsoft Storage Port Driver/Microsoft Corporation)
Device \Driver\iScsiPrt \Device\RaidPort2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\USBSTOR \Device\0000005f USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation)
Device \Driver\USBSTOR \Device\0000005f ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\disk \Device\Harddisk1\DR1 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\disk \Device\Harddisk1\DR1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbohci \Device\USBFDO-0 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbohci \Device\USBFDO-0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\disk \Device\Harddisk2\DR2 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\disk \Device\Harddisk2\DR2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Null \Device\Null Null.SYS (NULL Driver/Microsoft Corporation)
Device \Driver\Null \Device\Null ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ohci1394 \Device\1394BUS0 1394BUS.SYS (1394 Bus Device Driver/Microsoft Corporation)
Device \Driver\ohci1394 \Device\1394BUS0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ohci1394 \Device\1394BUS0 ohci1394.sys (1394 OpenHCI Port Driver/Microsoft Corporation)
Device \Driver\disk \Device\Harddisk3\DR3 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\disk \Device\Harddisk3\DR3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbehci \Device\USBFDO-1 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbehci \Device\USBFDO-1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\disk \Device\Harddisk4\DR4 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\disk \Device\Harddisk4\DR4 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000005 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000005 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Npfs \Device\NamedPipe Npfs.SYS (NPFS Driver/Microsoft Corporation)
Device \FileSystem\Npfs \Device\NamedPipe ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Msfs \Device\Mailslot Msfs.SYS (Mailslot driver/Microsoft Corporation)
Device \FileSystem\Msfs \Device\Mailslot ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\uxrirkog \Device\uxrirkog uxrirkog.sys
Device \Driver\uxrirkog \Device\uxrirkog ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\FileInfo \Device\FileInfo fileinfo.sys (FileInfo Filter Driver/Microsoft Corporation)
Device \FileSystem\FileInfo \Device\FileInfo ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\ExFatRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\ExFatRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Filters\FltMgrMsg
Device \FileSystem\FltMgr \FileSystem\Filters\FltMgr fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\cdfs \Cdfs cdfs.sys (CD-ROM File System Driver/Microsoft Corporation)
Device \FileSystem\cdfs \Cdfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\cdfs \Cdfs

Modules - GMER 1.0.15 ----

Module \SystemRoot\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 81C00000-81FA1000 (3805184 bytes)
Module \SystemRoot\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 81FA1000-81FD5000 (212992 bytes)
Module \SystemRoot\system32\kdcom.dll (Kernel Debugger HW Extension DLL/Microsoft Corporation) 802C6000-802CE000 (32768 bytes)
Module \SystemRoot\system32\PSHED.dll (Platform Specific Hardware Error Driver/Microsoft Corporation) 802BD000-802C6000 (36864 bytes)
Module \SystemRoot\system32\BOOTVID.dll (VGA Boot Driver/Microsoft Corporation) 802B5000-802BD000 (32768 bytes)
Module \SystemRoot\system32\CLFS.SYS (Common Log File System Driver/Microsoft Corporation) 8027A000-802B5000 (241664 bytes)
Module \SystemRoot\system32\CI.dll (Code Integrity Module/Microsoft Corporation) 8051F000-80600000 (921600 bytes)
Module \SystemRoot\system32\drivers\Wdf01000.sys (WDF Dynamic/Microsoft Corporation) 804A4000-8051F000 (503808 bytes)
Module \SystemRoot\system32\drivers\WDFLDR.SYS (WDFLDR/Microsoft Corporation) 8026D000-8027A000 (53248 bytes)
Module \SystemRoot\system32\drivers\acpi.sys (ACPI Driver for NT/Microsoft Corporation) 8022A000-8026D000 (274432 bytes)
Module \SystemRoot\system32\drivers\WMILIB.SYS (WMILIB WMI support library Dll/Microsoft Corporation) 80221000-8022A000 (36864 bytes)
Module \SystemRoot\system32\drivers\msisadrv.sys (ISA Driver/Microsoft Corporation) 80219000-80221000 (32768 bytes)
Module \SystemRoot\system32\drivers\pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) 8047F000-804A4000 (151552 bytes)
Module \SystemRoot\system32\drivers\volmgr.sys (Volume Manager Driver/Microsoft Corporation) 8020A000-80219000 (61440 bytes)
Module \SystemRoot\System32\drivers\mountmgr.sys (Mount Point Manager/Microsoft Corporation) 8046F000-8047F000 (65536 bytes)
Module \SystemRoot\system32\drivers\pciide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) 80203000-8020A000 (28672 bytes)
Module \SystemRoot\system32\drivers\PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation) 80461000-8046F000 (57344 bytes)
Module \SystemRoot\System32\drivers\volmgrx.sys (Volume Manager Extension Driver/Microsoft Corporation) 80417000-80461000 (303104 bytes)
Module \SystemRoot\system32\drivers\atapi.sys (ATAPI IDE Miniport Driver/Microsoft Corporation) 8040F000-80417000 (32768 bytes)
Module \SystemRoot\system32\drivers\ataport.SYS (ATAPI Driver Extension/Microsoft Corporation) 807E2000-80800000 (122880 bytes)
Module \SystemRoot\system32\drivers\nvstor32.sys (NVIDIA® nForce™ Sata Performance Driver/NVIDIA Corporation) 807C8000-807E2000 (106496 bytes)
Module \SystemRoot\system32\drivers\storport.sys (Microsoft Storage Port Driver/Microsoft Corporation) 80788000-807C8000 (262144 bytes)
Module \SystemRoot\system32\drivers\fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) 80757000-80788000 (200704 bytes)
Module \SystemRoot\system32\drivers\fileinfo.sys (FileInfo Filter Driver/Microsoft Corporation) 80747000-80757000 (65536 bytes)
Module \SystemRoot\System32\Drivers\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) 80406000-8040F000 (36864 bytes)
Module \SystemRoot\system32\drivers\ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) 80643000-80747000 (1064960 bytes)
Module \SystemRoot\system32\drivers\msrpc.sys (Kernel Remote Procedure Call Provider/Microsoft Corporation) 80618000-80643000 (176128 bytes)
Module \SystemRoot\system32\drivers\NETIO.SYS (Network I/O Subsystem/Microsoft Corporation) 81BC7000-81C00000 (233472 bytes)
Module \SystemRoot\System32\Drivers\Ntfs.sys (NT File System Driver/Microsoft Corporation) 81ABF000-81BC7000 (1081344 bytes)
Module \SystemRoot\System32\Drivers\ksecdd.sys (Kernel Security Support Provider Interface/Microsoft Corporation) 81A55000-81ABF000 (434176 bytes)
Module \SystemRoot\system32\drivers\volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) 81A1F000-81A55000 (221184 bytes)
Module \SystemRoot\System32\drivers\partmgr.sys (Partition Management Driver/Microsoft Corporation) 80601000-80610000 (61440 bytes)
Module \SystemRoot\System32\Drivers\mup.sys (Multiple UNC Provider driver/Microsoft Corporation) 81A10000-81A1F000 (61440 bytes)
Module \SystemRoot\System32\drivers\ecache.sys (Special Memory Device Cache/Microsoft Corporation) 873DB000-87400000 (151552 bytes)
Module \SystemRoot\system32\drivers\disk.sys (PnP Disk Driver/Microsoft Corporation) 873CA000-873DB000 (69632 bytes)
Module \SystemRoot\system32\drivers\CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation) 873A9000-873CA000 (135168 bytes)
Module \SystemRoot\system32\drivers\crcdisk.sys (Disk Block Verification Filter Driver/Microsoft Corporation) 81A07000-81A10000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\i8042prt.sys (i8042 Port Driver/Microsoft Corporation) 88069000-8807C000 (77824 bytes)
Module \SystemRoot\system32\DRIVERS\PS2.sys (PS2 SYS/Hewlett-Packard Company) 88064000-88069000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\kbdclass.sys (Keyboard Class Driver/Microsoft Corporation) 88059000-88064000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\usbohci.sys (OHCI USB Miniport Driver/Microsoft Corporation) 8804F000-88059000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) 88012000-8804F000 (249856 bytes)
Module \SystemRoot\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) 880C1000-880CF000 (57344 bytes)
Module \SystemRoot\system32\DRIVERS\ohci1394.sys (1394 OpenHCI Port Driver/Microsoft Corporation) 881B0000-881C0000 (65536 bytes)
Module \SystemRoot\system32\DRIVERS\1394BUS.SYS (1394 Bus Device Driver/Microsoft Corporation) 8A120000-8A12E000 (57344 bytes)
Module \SystemRoot\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver/Microsoft Corporation) 88000000-88012000 (73728 bytes)
Module \SystemRoot\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) 8A108000-8A120000 (98304 bytes)
Module \SystemRoot\system32\DRIVERS\msiscsi.sys (Microsoft iSCSI Initiator Driver/Microsoft Corporation) 8A0DD000-8A108000 (176128 bytes)
Module \SystemRoot\system32\DRIVERS\TDI.SYS (TDI Wrapper/Microsoft Corporation) 880F5000-88100000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) 87205000-87214000 (61440 bytes)
Module \SystemRoot\system32\DRIVERS\mouclass.sys (Mouse Class Driver/Microsoft Corporation) 8A0D2000-8A0DD000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) 880D1000-880D3000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\ks.sys (Kernel CSA Library/Microsoft Corporation) 8A0A8000-8A0D2000 (172032 bytes)
Module \SystemRoot\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) 8A09E000-8A0A8000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\umbus.sys (User-Mode Bus Enumerator/Microsoft Corporation) 8A091000-8A09E000 (53248 bytes)
Module \SystemRoot\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) 8A05D000-8A091000 (212992 bytes)
Module \SystemRoot\System32\Drivers\Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation) 87214000-8721D000 (36864 bytes)
Module \SystemRoot\System32\Drivers\Null.SYS (NULL Driver/Microsoft Corporation) 87CB5000-87CBC000 (28672 bytes)
Module \SystemRoot\System32\Drivers\Beep.SYS (BEEP Driver/Microsoft Corporation) 8A8A0000-8A8A7000 (28672 bytes)
Module \SystemRoot\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) 8A041000-8A04D000 (49152 bytes)
Module \SystemRoot\System32\drivers\VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation) 8A020000-8A041000 (135168 bytes)
Module \SystemRoot\System32\drivers\watchdog.sys (Watchdog Driver/Microsoft Corporation) 8A013000-8A020000 (53248 bytes)
Module \SystemRoot\System32\Drivers\Msfs.SYS (Mailslot driver/Microsoft Corporation) 8A008000-8A013000 (45056 bytes)
Module \SystemRoot\System32\Drivers\Npfs.SYS (NPFS Driver/Microsoft Corporation) 8A12E000-8A13C000 (57344 bytes)
Module \SystemRoot\system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation) 8A859000-8A870000 (94208 bytes)
Module \SystemRoot\system32\DRIVERS\USBD.SYS (Universal Serial Bus Driver/Microsoft Corporation) 880D5000-880D7000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) 8A82C000-8A835000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\HIDCLASS.SYS (Hid Class Library/Microsoft Corporation) 88120000-88130000 (65536 bytes)
Module \SystemRoot\system32\DRIVERS\HIDPARSE.SYS (Hid Parsing Library/Microsoft Corporation) 8A8A7000-8A8AE000 (28672 bytes)
Module \SystemRoot\system32\DRIVERS\mouhid.sys (HID Mouse Filter Driver/Microsoft Corporation) 87D20000-87D28000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) 8A81A000-8A82C000 (73728 bytes)
Module \SystemRoot\System32\Drivers\crashdmp.sys (Crash Dump Driver/Microsoft Corporation) 880A0000-880AD000 (53248 bytes)
Module \SystemRoot\System32\Drivers\dump_diskdump.sys 88096000-880A0000 (40960 bytes)
Module \SystemRoot\System32\Drivers\dump_nvstor32.sys 8A800000-8A81A000 (106496 bytes)
Module \SystemRoot\System32\win32k.sys (Multi-User Win32 Driver/Microsoft Corporation) 90200000-90400000 (2097152 bytes)
Module \SystemRoot\System32\drivers\Dxapi.sys (DirectX API Driver/Microsoft Corporation) 8ACD6000-8ACE0000 (40960 bytes)
Module \SystemRoot\System32\drivers\dxg.sys (DirectX Graphics Driver/Microsoft Corporation) 905E0000-905F7000 (94208 bytes)
Module \SystemRoot\System32\TSDDD.dll (Framebuffer Display Driver/Microsoft Corporation) 90400000-90409000 (36864 bytes)
Module \SystemRoot\System32\framebuf.dll (Framebuffer Display Driver/Microsoft Corporation) 90410000-90418000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\cdfs.sys (CD-ROM File System Driver/Microsoft Corporation) 90F01000-90F17000 (90112 bytes)
Module \??\C:\Users\GOTOHE~1\AppData\Local\Temp\uxrirkog.sys (GMER) 90E5A000-90E71000 (94208 bytes)
Module \Windows\System32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 77810000-7792E000 (1171456 bytes)

#11 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 30 December 2009 - 09:50 PM

---- Services - GMER 1.0.15 ----

Service .NET CLR Data
Service .NET CLR Networking
Service .NET Data Provider for Oracle
Service .NET Data Provider for SqlServer
Service .NETFramework
Service C:\Windows\system32\drivers\acpi.sys (ACPI Driver for NT/Microsoft Corporation) [BOOT] ACPI
Service C:\Windows\system32\drivers\adp94xx.sys (Adaptec Windows SAS/SATA Storport Driver/Adaptec, Inc.) [DISABLED] adp94xx
Service C:\Windows\system32\drivers\adpahci.sys (Adaptec Windows SATA Storport Driver/Adaptec, Inc.) [DISABLED] adpahci
Service C:\Windows\system32\drivers\adpu160m.sys (Adaptec LH Ultra160 Driver (x86)/Adaptec, Inc.) [DISABLED] adpu160m
Service C:\Windows\system32\drivers\adpu320.sys (Adaptec StorPort Ultra320 SCSI Driver/Adaptec, Inc.) [DISABLED] adpu320
Service adsi
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] AeLookupSvc
Service C:\Windows\system32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD
Service C:\Windows\system32\drivers\agp440.sys (440 NT AGP Filter/Microsoft Corporation) [MANUAL] agp440
Service C:\Windows\system32\drivers\djsvs.sys (Adaptec Ultra SCSI miniport/Adaptec, Inc.) [DISABLED] aic78xx
Service C:\Windows\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [MANUAL] ALG
Service C:\Windows\system32\drivers\aliide.sys (ALi mini IDE Driver/Acer Laboratories Inc.) [DISABLED] aliide
Service C:\Windows\system32\drivers\amdagp.sys (AMD NT AGP Filter/Microsoft Corporation) [MANUAL] amdagp
Service C:\Windows\system32\drivers\amdide.sys (AMD IDE Driver/Microsoft Corporation) [DISABLED] amdide
Service C:\Windows\system32\drivers\amdk7.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] AmdK7
Service C:\Windows\system32\DRIVERS\amdk8.sys (Processor Device Driver/Microsoft Corporation) [MANUAL] AmdK8
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Appinfo
Service C:\Windows\system32\drivers\arc.sys (Adaptec RAID Storport Driver/Adaptec, Inc.) [DISABLED] arc
Service C:\Windows\system32\drivers\arcsas.sys (Adaptec SAS RAID WS03 Driver/Adaptec, Inc.) [DISABLED] arcsas
Service C:\Windows\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac
Service C:\Windows\system32\drivers\atapi.sys (ATAPI IDE Miniport Driver/Microsoft Corporation) [BOOT] atapi
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] AudioEndpointBuilder
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Audiosrv
Service (Battery Class Driver/Microsoft Corporation) BattC
Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] BFE
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] BITS
Service system32\drivers\blbdrive.sys [DISABLED] blbdrive
Service C:\Windows\system32\DRIVERS\bowser.sys (NT Lan Manager Datagram Receiver Driver/Microsoft Corporation) [MANUAL] bowser
Service C:\Windows\system32\drivers\brfiltlo.sys (Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltLo
Service C:\Windows\system32\drivers\brfiltup.sys (Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver/Brother Industries, Ltd.) [MANUAL] BrFiltUp
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Browser
Service C:\Windows\system32\drivers\brserid.sys (Brotehr Serial I/F Driver (WDM)/Brother Industries Ltd.) [DISABLED] Brserid
Service C:\Windows\system32\drivers\brserwdm.sys (Brother Serial driver (WDM version)/Brother Industries Ltd.) [DISABLED] BrSerWdm
Service C:\Windows\system32\drivers\brusbmdm.sys (Brother USB MDM Driver /Brother Industries Ltd.) [DISABLED] BrUsbMdm
Service C:\Windows\system32\drivers\brusbser.sys (Brother USB Serial Driver/Brother Industries Ltd.) [MANUAL] BrUsbSer
Service C:\Windows\system32\drivers\bthmodem.sys (Bluetooth Communications Driver/Microsoft Corporation) [DISABLED] BTHMODEM
Service C:\Windows\system32\DRIVERS\cdfs.sys (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] cdfs
Service C:\Windows\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] cdrom
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] CertPropSvc
Service C:\Windows\system32\drivers\circlass.sys (Consumer IR Class Driver for eHome/Microsoft Corporation) [DISABLED] circlass
Service C:\Windows\System32\CLFS.sys (Common Log File System Driver/Microsoft Corporation) [BOOT] CLFS
Service C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (.NET Runtime Optimization Service/Microsoft Corporation) [MANUAL] clr_optimization_v2.0.50727_32
Service C:\Windows\system32\drivers\cmdide.sys (CMD PCI IDE Bus Driver/CMD Technology, Inc.) [DISABLED] cmdide
Service C:\Windows\system32\drivers\compbatt.sys (Composite Battery Driver/Microsoft Corporation) [DISABLED] Compbatt
Service C:\Windows\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp
Service C:\Windows\system32\drivers\crcdisk.sys (Disk Block Verification Filter Driver/Microsoft Corporation) [BOOT] crcdisk
Service C:\Windows\system32\drivers\crusoe.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] Crusoe
Service crypt32
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] CryptSvc
Service DCLocator
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] DcomLaunch
Service C:\Windows\System32\Drivers\dfsc.sys (DFS Client MUP Surrogate Driver/Microsoft Corporation) [SYSTEM] DfsC
Service C:\Windows\system32\DFSR.exe (Distributed File System Replication/Microsoft Corporation) [MANUAL] DFSR
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Dhcp
Service C:\Windows\system32\drivers\disk.sys (PnP Disk Driver/Microsoft Corporation) [BOOT] disk
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Dnscache
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] dot3svc
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] DPS
Service C:\Windows\system32\drivers\drmkaud.sys (Microsoft Kernel DRM Audio Descrambler Filter/Microsoft Corporation) [MANUAL] drmkaud
Service C:\Windows\System32\drivers\dxgkrnl.sys (DirectX Graphics Kernel/Microsoft Corporation) [MANUAL] DXGKrnl
Service C:\Windows\system32\DRIVERS\E1G60I32.sys (Intel® PRO/1000 Adapter NDIS 6 deserialized driver/Intel Corporation) [MANUAL] E1G60
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] EapHost
Service C:\Windows\System32\drivers\ecache.sys (Special Memory Device Cache/Microsoft Corporation) [BOOT] Ecache
Service C:\Windows\ehome\ehRecvr.exe (Windows Media Center Receiver Service/Microsoft Corporation) [MANUAL] ehRecvr
Service C:\Windows\ehome\ehsched.exe (Windows Media Center Scheduler Service/Microsoft Corporation) [MANUAL] ehSched
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] ehstart
Service C:\Windows\system32\drivers\elxstor.sys (Storport Miniport Driver for LightPulse HBAs/Emulex) [DISABLED] elxstor
Service EmdCache
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] EMDMgmt
Service ESENT
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Eventlog
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] EventSystem
Service (Fast FAT File System Driver/Microsoft Corporation) [MANUAL] fastfat
Service C:\Windows\system32\DRIVERS\fdc.sys (Floppy Disk Controller Driver/Microsoft Corporation) [DISABLED] fdc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] fdPHost
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] FDResPub
Service C:\Windows\system32\drivers\fileinfo.sys (FileInfo Filter Driver/Microsoft Corporation) [BOOT] FileInfo
Service C:\Windows\system32\drivers\filetrace.sys (File Trace Filter Driver/Microsoft Corporation) [MANUAL] Filetrace
Service C:\Windows\system32\DRIVERS\flpydisk.sys (Floppy Driver/Microsoft Corporation) [DISABLED] flpydisk
Service C:\Windows\system32\drivers\fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) [BOOT] FltMgr
Service C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Windows Presentation Foundation Font Cache Service/Microsoft Corporation) [MANUAL] FontCache3.0.0.0
Service (File System Recognizer Driver/Microsoft Corporation) [SYSTEM] Fs_Rec
Service C:\Windows\system32\drivers\gagp30kx.sys (MS Generic AGPv3.0 Filter for K8/9 Processor Platforms/Microsoft Corporation) [MANUAL] gagp30kx
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] gpsvc
Service C:\Windows\system32\drivers\HdAudio.sys (High Definition Audio Function Driver/Microsoft Corporation) [MANUAL] HdAudAddService
Service C:\Windows\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver/Microsoft Corporation) [MANUAL] HDAudBus
Service C:\Windows\system32\drivers\hidbth.sys (Bluetooth Miniport Driver for HID Devices/Microsoft Corporation) [DISABLED] HidBth
Service C:\Windows\system32\drivers\hidir.sys (Infrared Miniport Driver for Input Devices/Microsoft Corporation) [DISABLED] HidIr
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] hidserv
Service C:\Windows\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] HidUsb
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] hkmsvc
Service C:\Windows\system32\drivers\hpcisss.sys (Smart Array Storport Driver/Hewlett-Packard Company) [DISABLED] HpCISSs
Service C:\Windows\system32\DRIVERS\HSX_DP.sys (HSF_DP driver/Conexant Systems, Inc.) [MANUAL] HSF_DP
Service C:\Windows\system32\DRIVERS\HSXHWBS2.sys (HSF_HWB2 WDM driver/Conexant Systems, Inc.) [MANUAL] HSXHWBS2
Service C:\Windows\system32\drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) [MANUAL] HTTP
Service C:\Windows\system32\drivers\i2omp.sys (I2O Miniport Driver/Microsoft Corporation) [DISABLED] i2omp
Service C:\Windows\system32\DRIVERS\i8042prt.sys (i8042 Port Driver/Microsoft Corporation) [SYSTEM] i8042prt
Service C:\Windows\system32\drivers\iastorv.sys (Intel Matrix Storage Manager driver (base)/Intel Corporation) [DISABLED] iaStorV
Service c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (IDriverT Module/Macrovision Corporation) [MANUAL] IDriverT
Service C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Windows CardSpace/Microsoft Corporation) [MANUAL] idsvc
Service C:\Windows\system32\drivers\iirsp.sys (Intel/ICP Raid Storport Driver/Intel Corp./ICP vortex GmbH) [DISABLED] iirsp
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] IKEEXT
Service inetaccs
Service C:\Windows\system32\drivers\RTKVHDA.sys (Realtek® High Definition Audio Function Driver/Realtek Semiconductor Corp.) [MANUAL] IntcAzAudAddService
Service C:\Windows\system32\drivers\intelide.sys (Intel PCI IDE Driver/Microsoft Corporation) [DISABLED] intelide
Service C:\Windows\system32\DRIVERS\intelppm.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] intelppm
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] IPBusEnum
Service C:\Windows\system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] iphlpsvc
Service system32\DRIVERS\ipinip.sys [MANUAL] IpInIp
Service C:\Windows\system32\drivers\ipmidrv.sys (WMI IPMI DRIVER/Microsoft Corporation) [DISABLED] IPMIDRV
Service C:\Windows\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IPNAT
Service C:\Windows\system32\drivers\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM
Service C:\Windows\system32\drivers\isapnp.sys (PNP ISA Bus Driver/Microsoft Corporation) [DISABLED] isapnp
Service C:\Windows\system32\DRIVERS\msiscsi.sys (Microsoft iSCSI Initiator Driver/Microsoft Corporation) [MANUAL] iScsiPrt
Service C:\Windows\system32\drivers\iteatapi.sys (ITE IT8211 ATA/ATAPI SCSI miniport/Integrated Technology Express, Inc.) [DISABLED] iteatapi
Service C:\Windows\system32\drivers\iteraid.sys (ITE IT8212 ATA RAID SCSI miniport/Integrated Technology Express, Inc.) [DISABLED] iteraid
Service C:\Windows\system32\DRIVERS\kbdclass.sys (Keyboard Class Driver/Microsoft Corporation) [SYSTEM] kbdclass
Service C:\Windows\system32\drivers\kbdhid.sys (HID Keyboard Filter Driver/Microsoft Corporation) [DISABLED] kbdhid
Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] KeyIso
Service C:\Windows\System32\Drivers\ksecdd.sys (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] KtmRm
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] LanmanServer
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] LanmanWorkstation
Service ldap
Service c:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company) [AUTO] LightScribeService
Service C:\Windows\system32\DRIVERS\lltdio.sys (Link-Layer Topology Mapper I/O Driver/Microsoft Corporation) [AUTO] lltdio
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] lltdsvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] lmhosts
Service Lsa
Service C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic Fusion-MPT FC Driver (StorPort)/LSI Logic) [DISABLED] LSI_FC
Service C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic Fusion-MPT SAS Driver (StorPort)/LSI Logic) [DISABLED] LSI_SAS
Service C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic Fusion-MPT SCSI Driver (StorPort)/LSI Logic) [DISABLED] LSI_SCSI
Service C:\Windows\system32\drivers\luafv.sys (LUA File Virtualization Filter Driver/Microsoft Corporation) [AUTO] luafv
Service C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [AUTO] McAfee SiteAdvisor Service
Service C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe (McAfee Services/McAfee, Inc.) [AUTO] mcmscsvc
Service c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe (McAfee Network Agent/McAfee, Inc.) [AUTO] McNASvc
Service C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe (McAfee VirusScan - On Demand Scan/McAfee, Inc.) [MANUAL] McODS
Service c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.) [AUTO] McProxy
Service C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe (On-Access Scanner service/McAfee, Inc.) [AUTO] McShield
Service C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe (McAfee SystemGuards Service/McAfee, Inc.) [MANUAL] McSysmon
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] Mcx2Svc
Service C:\Windows\system32\DRIVERS\mdmxsdk.sys (Diagnostic Interface x86 Driver/Conexant) [AUTO] mdmxsdk
Service C:\Windows\system32\drivers\megasas.sys (MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x86/LSI Logic Corporation) [DISABLED] megasas
Service C:\Windows\system32\drivers\mfeavfk.sys (Anti-Virus File System Filter Driver/McAfee, Inc.) [MANUAL] mfeavfk
Service C:\Windows\system32\drivers\mfebopk.sys (Buffer Overflow Protection Driver/McAfee, Inc.) [MANUAL] mfebopk
Service C:\Windows\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) [SYSTEM] mfehidk
Service C:\Windows\system32\drivers\mferkdk.sys (VSCore Code Analysis Driver/McAfee, Inc.) [MANUAL] mferkdk
Service C:\Windows\system32\drivers\mfesmfk.sys (System Monitor Filter Driver/McAfee, Inc.) [MANUAL] mfesmfk
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] MMCSS
Service C:\Windows\system32\drivers\modem.sys (Modem Device Driver/Microsoft Corporation) [MANUAL] Modem
Service C:\Windows\system32\DRIVERS\monitor.sys (Monitor Driver/Microsoft Corporation) [MANUAL] monitor
Service C:\Windows\system32\DRIVERS\mouclass.sys (Mouse Class Driver/Microsoft Corporation) [SYSTEM] mouclass
Service C:\Windows\system32\DRIVERS\mouhid.sys (HID Mouse Filter Driver/Microsoft Corporation) [MANUAL] mouhid
Service C:\Windows\System32\drivers\mountmgr.sys (Mount Point Manager/Microsoft Corporation) [BOOT] MountMgr
Service C:\Windows\System32\Drivers\Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.) [SYSTEM] MPFP
Service C:\Program Files\McAfee\MPF\MPFSrv.exe (McAfee Personal Firewall Service/McAfee, Inc.) [AUTO] MpfService
Service C:\Windows\system32\drivers\mpio.sys (MultiPath Support Bus-Driver/Microsoft Corporation) [DISABLED] mpio
Service C:\Windows\System32\drivers\mpsdrv.sys (Microsoft Protection Service Driver/Microsoft Corporation) [MANUAL] mpsdrv
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] MpsSvc
Service C:\Windows\system32\drivers\mraid35x.sys (MegaRAID RAID Controller Driver for Windows Vista/Longhorn for x86/LSI Logic Corporation) [DISABLED] Mraid35x
Service C:\Windows\system32\drivers\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV
Service C:\Windows\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [MANUAL] mrxsmb
Service C:\Windows\system32\DRIVERS\mrxsmb10.sys (Longhorn SMB Downlevel SubRdr/Microsoft Corporation) [MANUAL] mrxsmb10
Service C:\Windows\system32\DRIVERS\mrxsmb20.sys (Longhorn SMB 2.0 Redirector/Microsoft Corporation) [MANUAL] mrxsmb20
Service C:\Windows\system32\drivers\msahci.sys (MS AHCI 1.0 Standard Driver/Microsoft Corporation) [DISABLED] msahci
Service C:\Windows\system32\drivers\msdsm.sys (Microsoft Device Specific Module/Microsoft Corporation) [DISABLED] msdsm
Service C:\Windows\System32\msdtc.exe (MS DTCconsole program/Microsoft Corporation) [MANUAL] MSDTC
Service MSDTC Bridge 3.0.0.0
Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs
Service C:\Windows\system32\drivers\msisadrv.sys (ISA Driver/Microsoft Corporation) [BOOT] msisadrv
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] MSiSCSI
Service C:\Windows\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] msiserver
Service C:\Windows\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV
Service C:\Windows\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK
Service C:\Windows\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM
Service (Kernel Remote Procedure Call Provider/Microsoft Corporation) [MANUAL] MsRPC
Service MSSCNTRS
Service C:\Windows\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios
Service C:\Windows\system32\drivers\MSTEE.sys (WDM Tee/Communication Transform Filter /Microsoft Corporation) [MANUAL] MSTEE
Service C:\Windows\System32\Drivers\mup.sys (Multiple UNC Provider driver/Microsoft Corporation) [BOOT] Mup
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] napagent
Service C:\Windows\system32\DRIVERS\nwifi.sys (NativeWiFi Miniport Driver/Microsoft Corporation) [MANUAL] NativeWifiP
Service C:\Windows\system32\drivers\ndis.sys (NDIS 6.0 wrapper driver/Microsoft Corporation) [BOOT] NDIS
Service C:\Windows\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi
Service C:\Windows\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O driver/Microsoft Corporation) [MANUAL] Ndisuio
Service C:\Windows\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan
Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy
Service C:\Windows\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS
Service C:\Windows\System32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] netbt
Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] Netlogon
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Netman
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] netprofm
Service C:\Windows\system32\DRIVERS\netr73.sys (Ralink 802.11 USB Wireless Adapter Driver/Ralink Technology, Corp.) [MANUAL] netr73
Service C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (SMSvcHost.exe/Microsoft Corporation) [DISABLED] NetTcpPortSharing
Service C:\Windows\system32\drivers\nfrd960.sys (IBM ServeRAID Controller Driver/IBM Corporation) [DISABLED] nfrd960
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] NlaSvc
Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] nsi
Service C:\Windows\system32\drivers\nsiproxy.sys (NSI Proxy/Microsoft Corporation) [SYSTEM] nsiproxy
Service NTDS
Service (NT File System Driver/Microsoft Corporation) [MANUAL] Ntfs
Service C:\Windows\system32\drivers\ntrigdigi.sys (N-trig tablet digitizer in-box driver/N-trig Innovative Technologies) [DISABLED] ntrigdigi
Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null
Service C:\Windows\system32\DRIVERS\nvm60x32.sys (NVIDIA MCP Networking Function Driver./NVIDIA Corporation) [MANUAL] NVENETFD
Service C:\Windows\system32\DRIVERS\nvlddmkm.sys (NVIDIA Compatible Windows 2000 Miniport Driver, Version 100.65 /NVIDIA Corporation) [MANUAL] nvlddmkm
Service C:\Windows\system32\drivers\nvraid.sys (NVIDIA® nForce™ RAID Driver/NVIDIA Corporation) [DISABLED] nvraid
Service C:\Windows\system32\drivers\nvstor.sys (NVIDIA® nForce™ Sata Performance Driver/NVIDIA Corporation) [DISABLED] nvstor
Service C:\Windows\system32\drivers\nvstor32.sys (NVIDIA® nForce™ Sata Performance Driver/NVIDIA Corporation) [BOOT] nvstor32
Service C:\Windows\system32\drivers\nv_agp.sys (NForce NT AGP Filter/Microsoft Corporation) [MANUAL] nv_agp
Service system32\DRIVERS\nwlnkflt.sys [MANUAL] NwlnkFlt
Service system32\DRIVERS\nwlnkfwd.sys [MANUAL] NwlnkFwd
Service C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Office Diagnostics/Microsoft Corporation) [MANUAL] odserv
Service C:\Windows\system32\DRIVERS\ohci1394.sys (1394 OpenHCI Port Driver/Microsoft Corporation) [MANUAL] ohci1394
Service C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Office Source Engine/Microsoft Corporation) [MANUAL] ose
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] p2pimsvc
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] p2psvc
Service C:\Windows\system32\drivers\parport.sys (Parallel Port Driver/Microsoft Corporation) [DISABLED] Parport
Service C:\Windows\System32\drivers\partmgr.sys (Partition Management Driver/Microsoft Corporation) [BOOT] partmgr
Service C:\Windows\system32\drivers\parvdm.sys (VDM Parallel Driver/Microsoft Corporation) [AUTO] Parvdm
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] PcaSvc
Service C:\Windows\system32\drivers\pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) [BOOT] pci
Service C:\Windows\system32\drivers\pciide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) [BOOT] pciide
Service C:\Windows\system32\drivers\pcmcia.sys (PCMCIA Bus Driver/Microsoft Corporation) [DISABLED] pcmcia
Service C:\Windows\system32\drivers\peauth.sys (Protected Environment Authentication and Authorization Export Driver/Microsoft Corporation) [AUTO] PEAUTH
Service PerfDisk
Service PerfNet
Service PerfOS
Service PerfProc
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] pla
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] PlugPlay
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] PNRPAutoReg
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] PNRPsvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] PolicyAgent
Service PortProxy
Service C:\Windows\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport
Service C:\Windows\system32\drivers\processr.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] Processor
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] ProfSvc
Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [MANUAL] ProtectedStorage
Service C:\Windows\system32\DRIVERS\PS2.sys (PS2 SYS/Hewlett-Packard Company) [MANUAL] Ps2
Service C:\Windows\system32\DRIVERS\pacer.sys (QoS Packet Scheduler/Microsoft Corporation) [SYSTEM] PSched
Service C:\Windows\System32\Drivers\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) [BOOT] PxHelp20
Service C:\Windows\system32\drivers\ql2300.sys (QLogic Fibre Channel Stor Miniport Driver/QLogic Corporation) [DISABLED] ql2300
Service C:\Windows\system32\drivers\ql40xx.sys (QLogic iSCSI Storport Miniport Driver/QLogic Corporation) [DISABLED] ql40xx
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] QWAVE
Service C:\Windows\system32\drivers\qwavedrv.sys (Microsoft Quality Windows Audio Video Experience (qWave) Support Driver/Microsoft Corporation) [MANUAL] QWAVEdrv
Service C:\Windows\System32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [SYSTEM] RasAcd
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] RasAuto
Service C:\Windows\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] RasMan
Service C:\Windows\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe
Service C:\Windows\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) [SYSTEM] rdbss
Service C:\Windows\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPCDD
Service RDPDD
Service C:\Windows\system32\drivers\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) [DISABLED] rdpdr
Service C:\Windows\system32\drivers\rdpencdd.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPENCDD
Service RDPNP
Service (RDP Terminal Stack Driver/Microsoft Corporation) [MANUAL] RDPWD
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] RemoteAccess
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] RemoteRegistry
Service c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe (RoxMediaDB9 Module/Sonic Solutions) [MANUAL] RoxMediaDB9
Service C:\Windows\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] RpcSs
Service C:\Windows\system32\DRIVERS\rspndr.sys (Link-Layer Topology Responder Driver for NDIS 6/Microsoft Corporation) [AUTO] rspndr
Service C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) [AUTO] SamSs
Service C:\Windows\system32\drivers\sbp2port.sys (SBP-2 Protocol Driver/Microsoft Corporation) [DISABLED] sbp2port
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SCardSvr
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Schedule
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SCPolicySvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SDRSVC
Service (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [AUTO] secdrv
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] seclogon
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] SENS
Service C:\Windows\system32\drivers\serenum.sys (Serial Port Enumerator/Microsoft Corporation) [MANUAL] Serenum
Service C:\Windows\system32\drivers\serial.sys (Serial Device Driver/Microsoft Corporation) [MANUAL] Serial
Service C:\Windows\system32\drivers\sermouse.sys (Serial Mouse Filter Driver/Microsoft Corporation) [DISABLED] sermouse
Service ServiceModelEndpoint 3.0.0.0
Service ServiceModelOperation 3.0.0.0
Service ServiceModelService 3.0.0.0
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SessionEnv
Service C:\Windows\system32\drivers\sffdisk.sys (Small Form Factor Disk Driver/Microsoft Corporation) [DISABLED] sffdisk
Service C:\Windows\system32\drivers\sffp_mmc.sys (Small Form Factor MMC Protocol Driver/Microsoft Corporation) [MANUAL] sffp_mmc
Service C:\Windows\system32\drivers\sffp_sd.sys (Small Form Factor SD Protocol Driver/Microsoft Corporation) [MANUAL] sffp_sd
Service C:\Windows\system32\drivers\sfloppy.sys (SCSI Floppy Driver/Microsoft Corporation) [DISABLED] sfloppy
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [DISABLED] SharedAccess
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] ShellHWDetection
Service C:\Windows\system32\drivers\sisagp.sys (SIS NT AGP Filter/Microsoft Corporation) [MANUAL] sisagp
Service C:\Windows\system32\drivers\sisraid2.sys (SiS RAID Stor Miniport Driver/Silicon Integrated Systems Corp.) [DISABLED] SiSRaid2
Service C:\Windows\system32\drivers\sisraid4.sys (SiS AHCI Stor-Miniport Driver/Silicon Integrated Systems) [DISABLED] SiSRaid4
Service C:\Windows\system32\SLsvc.exe (Microsoft Software Licensing Service/Microsoft Corporation) [AUTO] slsvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SLUINotify
Service C:\Windows\system32\DRIVERS\smb.sys (SMB Transport driver/Microsoft Corporation) [SYSTEM] Smb
Service SMSvcHost 3.0.0.0
Service C:\Windows\System32\snmptrap.exe (SNMP Trap/Microsoft Corporation) [MANUAL] SNMPTRAP
Service (loader for security processor/Microsoft Corporation) [BOOT] spldr
Service C:\Windows\System32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler
Service C:\Windows\System32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] srv
Service C:\Windows\System32\DRIVERS\srv2.sys (Smb 2.0 Server driver/Microsoft Corporation) [MANUAL] srv2
Service C:\Windows\System32\DRIVERS\srvnet.sys (Server Network driver/Microsoft Corporation) [MANUAL] srvnet
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] SSDPSRV
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] stisvc
Service c:\Program Files\Common Files\SureThing Shared\stllssvr.exe (SureThing Labelflash Disc Printer Service Module/MicroVision Development, Inc.) [MANUAL] stllssvr
Service C:\Windows\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] swprv
Service C:\Windows\system32\drivers\symc8xx.sys (LSI Logic 8XX SCSI Miniport Driver/LSI Logic) [DISABLED] Symc8xx
Service SYMTDI
Service C:\Windows\system32\drivers\sym_hi.sys (LSI Logic Hi-Perf SCSI Miniport Driver/LSI Logic) [DISABLED] Sym_hi
Service C:\Windows\system32\drivers\sym_u3.sys (LSI Logic Ultra160 SCSI Miniport Driver/LSI Logic) [DISABLED] Sym_u3
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] SysMain
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TabletInputService
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] TapiSrv
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] TBS
Service C:\Windows\System32\drivers\tcpip.sys (TCP/IP Driver/Microsoft Corporation) [SYSTEM] Tcpip
Service C:\Windows\system32\DRIVERS\tcpip.sys (TCP/IP Driver/Microsoft Corporation) [MANUAL] Tcpip6
Service C:\Windows\System32\drivers\tcpipreg.sys (TCP/IP Registry Compatibility Driver/Microsoft Corporation) [AUTO] tcpipreg
Service C:\Windows\system32\drivers\tdpipe.sys (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE
Service C:\Windows\system32\drivers\tdtcp.sys (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP
Service C:\Windows\system32\DRIVERS\tdx.sys (TDI Translation Driver/Microsoft Corporation) [SYSTEM] tdx
Service C:\Windows\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [SYSTEM] TermDD
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TermService
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Themes
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] THREADORDER
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] TrkWks
Service C:\Windows\servicing\TrustedInstaller.exe (Windows Modules Installer/Microsoft Corporation) [MANUAL] TrustedInstaller
Service TSDDD
Service C:\Windows\System32\DRIVERS\tssecsrv.sys (TS Security Filter Driver/Microsoft Corporation) [MANUAL] tssecsrv
Service C:\Windows\system32\DRIVERS\tunmp.sys (Microsoft Tunnel Interface Driver/Microsoft Corporation) [MANUAL] tunmp
Service C:\Windows\system32\DRIVERS\tunnel.sys (Microsoft Tunnel Interface Driver/Microsoft Corporation) [MANUAL] tunnel
Service C:\Windows\system32\drivers\uagp35.sys (MS AGPv3.5 Filter/Microsoft Corporation) [MANUAL] uagp35
Service C:\Windows\system32\DRIVERS\udfs.sys (UDF File System Driver/Microsoft Corporation) [DISABLED] udfs
Service UGatherer
Service UGTHRSVC
Service C:\Windows\system32\UI0Detect.exe (Interactive services detection/Microsoft Corporation) [MANUAL] UI0Detect
Service C:\Windows\system32\drivers\uliagpkx.sys (ULi AGPv3.0 Filter for K8/9 Processor Platforms/Microsoft Corporation) [MANUAL] uliagpkx
Service C:\Windows\system32\drivers\uliahci.sys (ULi SATA Controller Driver/ULi Electronics Inc.) [DISABLED] uliahci
Service C:\Windows\system32\drivers\ulsata.sys (Promise Ultra/Sata Series Driver for Win2003/Promise Technology, Inc.) [DISABLED] UlSata
Service C:\Windows\system32\drivers\ulsata2.sys (Promise SATAII150 Series Windows Drivers/Promise Technology, Inc.) [DISABLED] ulsata2
Service C:\Windows\system32\DRIVERS\umbus.sys (User-Mode Bus Enumerator/Microsoft Corporation) [MANUAL] umbus
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] upnphost
Service usb
Service C:\Windows\system32\DRIVERS\usbccgp.sys (USB Common Class Generic Parent Driver/Microsoft Corporation) [MANUAL] usbccgp
Service C:\Windows\system32\drivers\usbcir.sys (USB Consumer IR Driver for eHome/Microsoft Corporation) [DISABLED] usbcir
Service C:\Windows\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) [MANUAL] usbehci
Service C:\Windows\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) [MANUAL] usbhub
Service C:\Windows\system32\DRIVERS\usbohci.sys (OHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbohci
Service C:\Windows\system32\drivers\usbprint.sys (USB Printer driver/Microsoft Corporation) [DISABLED] usbprint
Service C:\Windows\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) [MANUAL] USBSTOR
Service C:\Windows\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) [DISABLED] usbuhci
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] UxSms
Service C:\Windows\System32\vds.exe (Virtual Disk Service/Microsoft Corporation) [MANUAL] vds
Service C:\Windows\system32\DRIVERS\vgapnp.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [MANUAL] vga
Service C:\Windows\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [SYSTEM] VgaSave
Service C:\Windows\system32\drivers\viaagp.sys (VIA NT AGP Filter/Microsoft Corporation) [MANUAL] viaagp
Service C:\Windows\system32\drivers\viac7.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] ViaC7
Service C:\Windows\system32\drivers\viaide.sys (VIA Generic PCI IDE Bus Driver/VIA Technologies, Inc.) [DISABLED] viaide
Service C:\Windows\system32\drivers\volmgr.sys (Volume Manager Driver/Microsoft Corporation) [BOOT] volmgr
Service C:\Windows\System32\drivers\volmgrx.sys (Volume Manager Extension Driver/Microsoft Corporation) [BOOT] volmgrx
Service C:\Windows\system32\drivers\volsnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) [BOOT] volsnap
Service C:\Windows\system32\drivers\vsmraid.sys (VIA RAID DRIVER FOR X86-32/VIA Technologies Inc.,Ltd) [DISABLED] vsmraid
Service C:\Windows\system32\vssvc.exe (Microsoft® Volume Shadow Copy Service/Microsoft Corporation) [MANUAL] VSS
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] W32Time
Service W3SVC
Service C:\Windows\system32\drivers\wacompen.sys (Wacom Serial Pen Tablet HID Driver/Microsoft Corporation) [DISABLED] WacomPen
Service C:\Windows\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [MANUAL] Wanarp
Service C:\Windows\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [SYSTEM] Wanarpv6
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] wcncsvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WcsPlugInService
Service C:\Windows\system32\drivers\wd.sys (Microsoft Watchdog Timer Driver/Microsoft Corporation) [DISABLED] Wd
Service C:\Windows\system32\drivers\Wdf01000.sys (WDF Dynamic/Microsoft Corporation) [BOOT] Wdf01000
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WdiServiceHost
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WdiSystemHost
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] WebClient
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] Wecsvc
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] wercplsupport
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] WerSvc
Service C:\Windows\system32\DRIVERS\HSX_CNXT.sys (HSF_CNXT driver/Conexant Systems, Inc.) [MANUAL] winachsf
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] WinDefend
Service Windows Workflow Foundation 3.0.0.0
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WinHttpAutoProxySvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Winmgmt
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WinRM
Service [MANUAL] Winsock
Service WinSock2
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] Wlansvc
Service C:\Windows\system32\drivers\wmiacpi.sys (Windows Management Interface for ACPI/Microsoft Corporation) [DISABLED] WmiAcpi
Service WmiApRpl
Service C:\Windows\system32\wbem\WmiApSrv.exe (WMI Performance Reverse Adapter/Microsoft Corporation) [MANUAL] wmiApSrv
Service C:\Program Files\Windows Media Player\wmpnetwk.exe (Windows Media Player Network Sharing Service/Microsoft Corporation) [MANUAL] WMPNetworkSvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [MANUAL] WPCSvc
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] WPDBusEnum
Service C:\Windows\system32\drivers\ws2ifsl.sys (Winsock2 IFS Layer/Microsoft Corporation) [DISABLED] ws2ifsl
Service C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] wscsvc
Service C:\Windows\system32\SearchIndexer.exe (Microsoft Windows Search Indexer/Microsoft Corporation) [AUTO] WSearch
Service WSearchIdxPi
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] wuauserv
Service C:\Windows\system32\DRIVERS\WUDFRd.sys (Windows Driver Foundation - User-mode Driver Framework Reflector/Microsoft Corporation) [MANUAL] WUDFRd
Service C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) [AUTO] wudfsvc
Service C:\Windows\system32\DRIVERS\xaudio.sys (Modem Audio Device Driver/Conexant Systems, Inc.) [AUTO] XAudio
Service C:\Windows\system32\DRIVERS\xaudio.exe (Modem Audio Service/Conexant Systems, Inc.) [AUTO] XAudioService
Service xmlprov
Service {601A5320-DCF5-446A-927C-B8D82549B2D5}
Service {F3769668-9053-4646-A348-318E45BF9064}

---- EOF - GMER 1.0.15 ----

#12 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 30 December 2009 - 09:53 PM

---- Processes - GMER 1.0.15 ----

Process System Idle 0
Process System 4
Process C:\Windows\System32\smss.exe (Windows Session Manager/Microsoft Corporation) 228
Library C:\Windows\System32\smss.exe (Windows Session Manager/Microsoft Corporation) 0x477A0000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77810000

Process C:\Windows\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 352
Library C:\Windows\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 0x4A0B0000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77810000
Library C:\Windows\system32\CSRSRV.dll (Client Server Runtime Process/Microsoft Corporation) 0x76020000
Library C:\Windows\system32\basesrv.dll (Windows NT BASE API Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\winsrv.dll (Multi-User Windows Server DLL/Microsoft Corporation) 0x75FA0000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\KERNEL32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x776E0000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x76720000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x76660000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x76590000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x77A40000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76150000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77940000
Library C:\Windows\system32\sxs.dll (Fusion 2.5/Microsoft Corporation) 0x75E70000

Process C:\Windows\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 388
Library C:\Windows\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 0x4A0B0000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77810000
Library C:\Windows\system32\CSRSRV.dll (Client Server Runtime Process/Microsoft Corporation) 0x76020000
Library C:\Windows\system32\basesrv.dll (Windows NT BASE API Server DLL/Microsoft Corporation) 0x76000000
Library C:\Windows\system32\winsrv.dll (Multi-User Windows Server DLL/Microsoft Corporation) 0x75FA0000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\KERNEL32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x776E0000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x76720000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x76660000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x76590000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x77A40000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76150000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77940000
Library C:\Windows\system32\sxs.dll (Fusion 2.5/Microsoft Corporation) 0x75E70000

Process C:\Windows\system32\wininit.exe (Windows Start-Up Application/Microsoft Corporation) 396
Library C:\Windows\system32\wininit.exe (Windows Start-Up Application/Microsoft Corporation) 0x00260000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77810000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x776E0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x76660000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x76590000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x76720000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77940000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75F80000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x75F60000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x76200000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x764B0000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x77A40000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76150000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x761D0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x76580000
Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75150000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75520000

Process C:\Windows\system32\winlogon.exe (Windows Logon Application/Microsoft Corporation) 440
Library C:\Windows\system32\winlogon.exe (Windows Logon Application/Microsoft Corporation) 0x00C10000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77810000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x776E0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x76660000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x76590000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x76720000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77940000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x75F60000
Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76030000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75F80000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x76200000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x764B0000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x77A40000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76150000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74E90000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x779F0000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x761D0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x76580000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x758F0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76770000
Library C:\Windows\system32\SHSVCS.dll (Windows Shell Services Dll/Microsoft Corporation) 0x75260000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75DE0000
Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x757E0000
Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x75870000

Process C:\Windows\system32\services.exe (Services and Controller app/Microsoft Corporation) 472
Library C:\Windows\system32\services.exe (Services and Controller app/Microsoft Corporation) 0x000E0000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77810000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x776E0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x76660000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x76590000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x76720000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77940000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75F80000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x75F60000
Library C:\Windows\system32\SCESRV.dll (Windows Security Configuration Editor Engine/Microsoft Corporation) 0x75EE0000
Library C:\Windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x75E50000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75DE0000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76030000
Library C:\Windows\system32\NCObjAPI.DLL (Microsoft Corporation) 0x75ED0000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x76200000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x764B0000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x77A40000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76150000
Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75540000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75AE0000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75A70000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75100000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74E90000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x779F0000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x761D0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x76580000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x758F0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76770000
Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75150000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75520000

Process C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) 492
Library C:\Windows\system32\lsass.exe (Local Security Authority Process/Microsoft Corporation) 0x00E60000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77810000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x776E0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x76660000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x76590000
Library C:\Windows\system32\LSASRV.dll (LSA Server DLL/Microsoft Corporation) 0x75CB0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77940000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x75F60000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x76720000
Library C:\Windows\system32\SAMSRV.dll (SAM Server DLL/Microsoft Corporation) 0x75BE0000
Library C:\Windows\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x75A90000
Library C:\Windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x759F0000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x761D0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x76580000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75DE0000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76030000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x758F0000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75A70000
Library C:\Windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x758D0000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x779F0000
Library C:\Windows\system32\FeClient.dll (Windows NT File Encryption Client Interfaces/Microsoft Corporation) 0x75AB0000
Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x75870000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75F80000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75AE0000
Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x757E0000
Library C:\Windows\system32\SYSNTFY.dll (Windows Notifications Dynamic Link Library/Microsoft Corporation) 0x75C60000
Library C:\Windows\system32\wevtapi.dll (Eventing Consumption and Configuration API/Microsoft Corporation) 0x75760000
Library C:\Windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x75840000
Library C:\Windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75720000
Library C:\Windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75820000
Library C:\Windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75700000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x76200000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x764B0000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x77A40000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76150000
Library C:\Windows\system32\cngaudit.dll (Windows Cryptographic Next Generation audit library/Microsoft Corporation) 0x75830000
Library C:\Windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x75E50000
Library C:\Windows\system32\ncrypt.dll (Windows cryptographic library/Microsoft Corporation) 0x75C70000
Library C:\Windows\system32\BCRYPT.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x75A20000
Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75540000
Library C:\Windows\system32\msprivs.dll (Microsoft Privilege Translations/Microsoft Corporation) 0x757D0000
Library C:\Windows\system32\kerberos.dll (Kerberos Security Package/Microsoft Corporation) 0x75190000
Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75150000
Library C:\Windows\System32\wship6.dll (Winsock2 Helper DLL (TL/IPv6)/Microsoft Corporation) 0x75530000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75520000
Library C:\Windows\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x750A0000
Library C:\Windows\system32\netlogon.dll (Net Logon Services DLL/Microsoft Corporation) 0x75010000
Library C:\Windows\system32\WINBRAND.dll (Windows Branding Resources/Microsoft Corporation) 0x74F30000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75100000
Library C:\Windows\system32\wdigest.dll (Microsoft Digest Access/Microsoft Corporation) 0x754F0000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74EF0000
Library C:\Windows\system32\tspkg.dll (Web Service Security Package/Microsoft Corporation) 0x750E0000
Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x74E60000
Library C:\Windows\system32\setupapi.dll (Windows Setup API/Microsoft Corporation) 0x768C0000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x76380000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76770000
Library C:\Windows\system32\scecli.dll (Windows Security Configuration Editor Client Engine/Microsoft Corporation) 0x74EC0000
Library C:\Windows\system32\keyiso.dll (CNG Key Isolation Service/Microsoft Corporation) 0x759B0000

Process C:\Windows\system32\lsm.exe (Local Session Manager Service/Microsoft Corporation) 504
Library C:\Windows\system32\lsm.exe (Local Session Manager Service/Microsoft Corporation) 0x00A80000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77810000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x776E0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x76660000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x76590000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77940000
Library C:\Windows\system32\SYSNTFY.dll (Windows Notifications Dynamic Link Library/Microsoft Corporation) 0x75C60000
Library C:\Windows\system32\WMsgAPI.dll (WinLogon IPC Client/Microsoft Corporation) 0x75AC0000
Library C:\Windows\system32\secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x75F60000
Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75540000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75AE0000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x76720000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75A70000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75F80000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x76200000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x764B0000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x77A40000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76150000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75100000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75DE0000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76030000

Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 644
Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00900000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77810000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x776E0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77940000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x76660000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x76590000
Library c:\windows\system32\umpnpmgr.dll (User-mode Plug-and-Play Service/Microsoft Corporation) 0x74E20000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x76720000
Library c:\windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75F80000
Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x75F60000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x76200000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x764B0000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x77A40000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76150000
Library C:\Windows\system32\POWRPROF.dll (Power Profile Helper DLL/Microsoft Corporation) 0x74E00000
Library C:\Windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x74E60000
Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x757E0000
Library c:\windows\system32\rpcss.dll (Distributed COM Services/Microsoft Corporation) 0x74CE0000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x761D0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x76580000
Library c:\windows\system32\FirewallAPI.dll (Windows Firewall API/Microsoft Corporation) 0x74D90000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x76380000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76770000
Library c:\windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75860000
Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75540000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75AE0000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75A70000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75100000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75DE0000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76030000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768C0000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x762F0000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74E90000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x779F0000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x758F0000
Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x75AD0000

Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 696
Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00900000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77810000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x776E0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77940000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x76660000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x76590000
Library c:\windows\system32\rpcss.dll (Distributed COM Services/Microsoft Corporation) 0x74CE0000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x761D0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x76580000
Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x75F60000
Library c:\windows\system32\FirewallAPI.dll (Windows Firewall API/Microsoft Corporation) 0x74D90000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x76720000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x76380000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76770000
Library c:\windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75860000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x76200000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x764B0000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x77A40000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76150000
Library C:\Windows\system32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75540000
Library C:\Windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75AE0000
Library C:\Windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75A70000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75F80000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75100000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75DE0000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76030000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74EF0000
Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75150000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75520000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x762F0000

Process C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 824
Library C:\Windows\System32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00900000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77810000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x776E0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77940000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x76660000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x76590000
Library c:\windows\system32\wevtsvc.dll (Event Logging Service/Microsoft Corporation) 0x74560000
Library c:\windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75F80000
Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x75F60000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x76720000
Library c:\windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75860000
Library c:\windows\system32\GPAPI.dll (Group Policy Client API/Microsoft Corporation) 0x74E60000
Library c:\windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x757E0000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x76200000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x764B0000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x77A40000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76150000
Library C:\Windows\System32\credssp.dll (TS Single Sign On Security Package/Microsoft Corporation) 0x75540000
Library C:\Windows\System32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75AE0000
Library C:\Windows\System32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75A70000
Library C:\Windows\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x75100000
Library C:\Windows\System32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75DE0000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76030000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x761D0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x76580000
Library C:\Windows\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x75150000
Library C:\Windows\System32\wshtcpip.dll (Winsock2 Helper DLL (TL/IPv4)/Microsoft Corporation) 0x75520000

Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 848
Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00900000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77810000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x776E0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77940000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x76660000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x76590000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74E90000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x76720000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x779F0000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x761D0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x76580000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76030000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x758F0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76770000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x76200000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x764B0000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x77A40000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76150000
Library c:\windows\system32\profsvc.dll (ProfSvc/Microsoft Corporation) 0x74C50000
Library c:\windows\system32\SYSNTFY.dll (Windows Notifications Dynamic Link Library/Microsoft Corporation) 0x75C60000
Library c:\windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75F80000
Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x75F60000
Library c:\windows\system32\nlaapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74E80000
Library c:\windows\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x75840000
Library c:\windows\system32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75720000
Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x759F0000
Library c:\windows\system32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75820000
Library c:\windows\system32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75700000
Library c:\windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x759D0000
Library c:\windows\system32\wbem\wmisvc.dll (WMI/Microsoft Corporation) 0x754C0000
Library c:\windows\system32\wbem\wbemcomn.dll (WMI/Microsoft Corporation) 0x75360000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x76380000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x762F0000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74EF0000
Library c:\windows\system32\appinfo.dll (Application Information Service/Microsoft Corporation) 0x748C0000
Library C:\Windows\system32\VSSAPI.DLL (Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL/Microsoft Corporation) 0x753C0000
Library C:\Windows\system32\vsstrace.dll (Microsoft® Volume Shadow Copy Requestor/Writer tracing DLL/Microsoft Corporation) 0x75990000
Library C:\Windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x75E50000
Library C:\Windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x758A0000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75DE0000
Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x75870000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768C0000
Library C:\Windows\system32\wbem\wbemcore.dll (Windows Management Instrumentation/Microsoft Corporation) 0x72550000
Library C:\Windows\system32\wbem\esscli.dll (WMI/Microsoft Corporation) 0x73B60000
Library C:\Windows\system32\wbem\FastProx.dll (WMI Custom Marshaller/Microsoft Corporation) 0x72630000
Library C:\Windows\system32\NTDSAPI.dll (Active Directory Domain Services API/Microsoft Corporation) 0x758D0000
Library C:\Windows\system32\wbem\wmiutils.dll (WMI/Microsoft Corporation) 0x72C10000
Library C:\Windows\system32\wbem\repdrvfs.dll (WMI Repository Driver/Microsoft Corporation) 0x724B0000
Library C:\Windows\system32\wbem\wmiprvsd.dll (WMI/Microsoft Corporation) 0x723B0000
Library C:\Windows\system32\NCObjAPI.DLL (Microsoft Corporation) 0x75ED0000
Library C:\Windows\system32\wbem\wbemess.dll (WMI/Microsoft Corporation) 0x72350000
Library C:\Windows\system32\wbem\ncprov.dll (Non-COM WMI Event Provision APIs/Microsoft Corporation) 0x72610000

Process C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 900
Library C:\Windows\system32\svchost.exe (Host Process for Windows Services/Microsoft Corporation) 0x00900000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77810000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x776E0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77940000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x76660000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x76590000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74E90000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x76720000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x779F0000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x761D0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x76580000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76030000
Library C:\Windows\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x758F0000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76770000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x76200000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x764B0000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x77A40000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76150000
Library c:\windows\system32\cryptsvc.dll (Cryptographic Services/Microsoft Corporation) 0x757A0000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x76380000
Library c:\windows\system32\VSSAPI.DLL (Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL/Microsoft Corporation) 0x753C0000
Library c:\windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x759D0000
Library c:\windows\system32\vsstrace.dll (Microsoft® Volume Shadow Copy Requestor/Writer tracing DLL/Microsoft Corporation) 0x75990000
Library c:\windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x75E50000
Library c:\windows\system32\XmlLite.dll (Microsoft XmlLite Library/Microsoft Corporation) 0x758A0000
Library c:\windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75DE0000
Library c:\windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x75870000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768C0000
Library c:\windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75AE0000
Library c:\windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75A70000
Library c:\windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75F80000
Library c:\windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x75F60000
Library C:\Windows\system32\ESENT.dll (Extensible Storage Engine for Microsoft® Windows®/Microsoft Corporation) 0x71C50000

Process C:\Windows\Explorer.EXE (Windows Explorer/Microsoft Corporation) 1076
Library C:\Windows\Explorer.EXE (Windows Explorer/Microsoft Corporation) 0x00130000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77810000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x776E0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x76660000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x76590000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x76720000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77940000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x76A50000
Library C:\Windows\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x76C10000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76770000
Library C:\Windows\system32\OLEAUT32.dll (Microsoft Corporation) 0x76380000
Library C:\Windows\system32\SHDOCVW.dll (Shell Doc Object and Control Library/Microsoft Corporation) 0x74450000
Library C:\Windows\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x749C0000
Library C:\Windows\system32\POWRPROF.dll (Power Profile Helper DLL/Microsoft Corporation) 0x74E00000
Library C:\Windows\system32\dwmapi.dll (Microsoft Desktop Window Manager API/Microsoft Corporation) 0x759C0000
Library C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_9ea0ac9ec96e7127\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) 0x74660000
Library C:\Windows\system32\slc.dll (Software Licensing Client Dll/Microsoft Corporation) 0x757E0000
Library C:\Windows\system32\PROPSYS.dll (Microsoft Property System/Microsoft Corporation) 0x752A0000
Library C:\Windows\system32\BROWSEUI.dll (Shell Browser UI Library/Microsoft Corporation) 0x74300000
Library C:\Windows\system32\IMM32.dll (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x76200000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x764B0000
Library C:\Windows\system32\DUser.dll (Windows DirectUser Engine/Microsoft Corporation) 0x74CB0000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x77A40000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76150000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x75550000
Library C:\Windows\system32\WindowsCodecs.dll (Microsoft Windows Codecs Library/Microsoft Corporation) 0x74240000
Library C:\Windows\system32\IconCodecService.dll (Converts a PNG part of the icon to a legacy bmp icon/Microsoft Corporation) 0x75970000
Library C:\Windows\system32\CLBCatQ.DLL (COM+ Configuration Catalog/Microsoft Corporation) 0x762F0000
Library C:\Windows\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x74EF0000
Library C:\Windows\system32\timedate.cpl (Time Date Control Panel Applet/Microsoft Corporation) 0x74180000
Library C:\Windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x759D0000
Library C:\Windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x75DE0000
Library C:\Windows\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76030000
Library C:\Windows\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x74C10000
Library C:\Windows\system32\WINBRAND.dll (Windows Branding Resources/Microsoft Corporation) 0x74F30000
Library C:\Windows\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x75F80000
Library C:\Windows\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x75F60000
Library C:\Windows\System32\shacct.dll (Shell Accounts Classes/Microsoft Corporation) 0x75930000
Library C:\Windows\System32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x758F0000
Library C:\Windows\system32\apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x74C80000
Library C:\Windows\System32\msshsq.dll (Structured Query/Microsoft Corporation) 0x74820000
Library C:\Windows\System32\NaturalLanguage6.dll (Natural Language Development Platform 6/Microsoft Corporation) 0x73FE0000
Library C:\Windows\System32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x75AE0000
Library C:\Windows\System32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x75A70000
Library C:\Windows\System32\NLSData0009.dll (Microsoft English Natural Language Server Data and Code/Microsoft Corporation) 0x73680000
Library C:\Windows\System32\NLSLexicons0009.dll (Microsoft English Natural Language Server Data and Code/Microsoft Corporation) 0x733F0000
Library C:\Windows\system32\authui.dll (Windows Authentication UI/Microsoft Corporation) 0x74A00000
Library C:\Windows\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x756F0000
Library C:\Windows\system32\ieframe.dll (Internet Explorer/Microsoft Corporation) 0x72E20000
Library C:\Windows\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x777C0000
Library C:\Windows\system32\LINKINFO.dll (Windows Volume Tracking/Microsoft Corporation) 0x75980000
Library C:\Windows\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x76220000
Library C:\Windows\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x77930000
Library C:\Windows\system32\ExplorerFrame.dll (ExplorerFrame/Microsoft Corporation) 0x75920000
Library C:\Windows\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x76AE0000
Library C:\Windows\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x74E90000
Library C:\Windows\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x779F0000
Library C:\Windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x761D0000
Library C:\Windows\system32\NSI.dll (NSI User-mode interface DLL/Microsoft Corporation) 0x76580000
Library C:\Windows\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x75220000
Library C:\Windows\system32\wdmaud.drv (Winmm audio system driver/Microsoft Corporation) 0x74870000
Library C:\Windows\system32\ksuser.dll (User CSA Library/Microsoft Corporation) 0x75910000
Library C:\Windows\system32\AVRT.dll (Multimedia Realtime Runtime/Microsoft Corporation) 0x75890000
Library C:\Windows\system32\MMDevAPI.DLL (MMDevice API/Microsoft Corporation) 0x74150000
Library C:\Windows\system32\ntshrui.dll (Shell extensions for sharing/Microsoft Corporation) 0x748E0000
Library C:\Windows\system32\cscapi.dll (Offline Files Win32 API/Microsoft Corporation) 0x75960000
Library C:\Windows\system32\stobject.dll (Systray shell service object/Microsoft Corporation) 0x73F40000
Library C:\Windows\system32\BatMeter.dll (Battery Meter Helper DLL/Microsoft Corporation) 0x73E80000
Library C:\Windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x768C0000
Library C:\Windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x75AD0000
Library C:\Windows\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x75F30000
Library C:\Windows\system32\es.dll (COM+/Microsoft Corporation) 0x740B0000
Library C:\Windows\System32\SndVolSSO.dll (SCA Volume/Microsoft Corporation) 0x74120000
Library C:\Windows\system32\msiltcfg.dll (Windows Installer Configuration API Stub/Microsoft Corporation) 0x75950000
Library C:\Windows\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75860000
Library C:\Windows\system32\msi.dll (Windows Installer/Microsoft Corporation) 0x73C70000
Library C:\Windows\ehome\ehSSO.dll (Windows Media Center Shell Service Object/Microsoft Corporation) 0x73C40000
Library C:\Windows\system32\HID.DLL (Hid User Library/Microsoft Corporation) 0x75210000
Library C:\Windows\System32\netshell.dll (Network Connections Shell/Microsoft Corporation) 0x72800000
Library C:\Windows\System32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x75840000
Library C:\Windows\System32\dhcpcsvc.DLL (DHCP Client Service/Microsoft Corporation) 0x75720000
Library C:\Windows\System32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x759F0000
Library C:\Windows\System32\WINNSI.DLL (Network Store Information RPC interface/Microsoft Corporation) 0x75820000
Library C:\Windows\System32\dhcpcsvc6.DLL (DHCPv6 Client/Microsoft Corporation) 0x75700000
Library C:\Windows\System32\nlaapi.dll (Network Location Awareness 2/Microsoft Corporation) 0x74E80000
Library C:\Windows\system32\FirewallAPI.dll (Windows Firewall API/Microsoft Corporation) 0x74D90000
Library C:\Windows\system32\pnidui.dll (Network System Icon/Microsoft Corporation) 0x72C60000
Library C:\Windows\system32\QUtil.dll (Quarantine Utilities/Microsoft Corporation) 0x74BF0000
Library C:\Windows\system32\wevtapi.dll (Eventing Consumption and Configuration API/Microsoft Corporation) 0x75760000
Library C:\Windows\system32\wlanutil.dll (Windows Wireless LAN 802.11 Utility DLL/Microsoft Corporation) 0x748B0000
Library C:\Windows\system32\FunDisc.dll (Function Discovery Dll/Microsoft Corporation) 0x73BE0000
Library C:\Windows\system32\fdproxy.dll (Function Discovery Proxy Dll/Microsoft Corporation) 0x748A0000
Library C:\Windows\System32\msxml3.dll (MSXML 3.0 SP9/Microsoft Corporation) 0x726D0000
Library C:\Windows\system32\actxprxy.dll (ActiveX Interface Marshaling Library/Microsoft Corporation) 0x72BA0000
Library C:\Windows\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x75E70000
Library C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll (Tablet PC Input Panel Text Services Framework/Microsoft Corporation) 0x72B40000
Library C:\Windows\system32\thumbcache.dll (Microsoft Thumbnail Cache/Microsoft Corporation) 0x74D70000
Library C:\Windows\system32\MLANG.dll (Multi Language Support DLL/Microsoft Corporation) 0x73BB0000
Library C:\Windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x73B30000
Library C:\Windows\system32\imagehlp.dll (Windows NT Image Helper/Microsoft Corporation) 0x76AB0000
Library C:\Windows\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x75870000
Library C:\Windows\system32\Wlanapi.dll (Windows WLAN AutoConfig Client Side API DLL/Microsoft Corporation) 0x74860000
Library C:\Windows\system32\OneX.DLL (IEEE 802.1X supplicant library/Microsoft Corporation) 0x72B10000
Library C:\Windows\system32\eappprxy.dll (Microsoft EAPHost Peer Client DLL/Microsoft Corporation) 0x74110000
Library C:\Windows\system32\eappcfg.dll (Eap Peer Config/Microsoft Corporation) 0x72520000
Library C:\Windows\system32\bcrypt.dll (Windows Cryptographic Primitives Library/Microsoft Corporation) 0x75A20000
Library C:\Windows\System32\AltTab.dll (Windows Shell Alt Tab/Microsoft Corporation) 0x72C00000
Library C:\Windows\system32\wpdshserviceobj.dll (Windows Portable Device Shell Service Object/Microsoft Corporation) 0x72450000
Library C:\Windows\system32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x722F0000
Library C:\Windows\System32\srchadmin.dll (Indexing Options/Microsoft Corporation) 0x72270000
Library C:\Windows\system32\webcheck.dll (Web Site Monitor/Microsoft Corporation) 0x72230000
Library C:\Windows\System32\SyncCenter.dll (Microsoft Sync Center/Microsoft Corporation) 0x71DF0000
Library C:\Windows\system32\wscntfy.dll (Windows Security Center Notification App/Microsoft Corporation) 0x722B0000
Library C:\Windows\system32\WSCAPI.dll (Windows Security Center API/Microsoft Corporation) 0x74100000
Library C:\Windows\system32\bthprops.cpl (Bluetooth Control Panel Applet/Microsoft Corporation) 0x72130000
Library C:\Windows\system32\imapi2.dll (Image Mastering API v2/Microsoft Corporation) 0x72070000
Library C:\Windows\system32\PortableDeviceTypes.dll (Windows Portable Device (Parameter) Types Component/Microsoft Corporation) 0x72100000
Library C:\Windows\system32\PortableDeviceApi.dll (Windows Portable Device API Components/Microsoft Corporation) 0x71C00000
Library C:\Windows\System32\QAgent.dll (Quarantine Agent Proxy/Microsoft Corporation) 0x720D0000
Library C:\Windows\System32\fwpuclnt.dll (FWP/IPsec User-Mode API/Microsoft Corporation) 0x71B70000
Library C:\Windows\System32\ntlanman.dll (Microsoft® Lan Manager/Microsoft Corporation) 0x72C40000
Library C:\Windows\System32\drprov.dll (Microsoft Terminal Server Network Provider/Microsoft Corporation) 0x73C30000
Library C:\Windows\System32\davclnt.dll (Web DAV Client DLL/Microsoft Corporation) 0x73C20000

Process C:\Users\Orange and Blue\Desktop\gmer\gmer.exe 1724
Library C:\Users\Orange and Blue\Desktop\gmer\gmer.exe 0x00400000
Library C:\Windows\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x77810000
Library C:\Windows\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x776E0000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\COMCTL32.DLL (Common Controls Library/Microsoft Corporation) 0x71AE0000
Library C:\Windows\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x76660000
Library C:\Windows\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x76590000
Library C:\Windows\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x76720000
Library C:\Windows\system32\USER32.dll (Multi-User Windows USER API Client DLL/Microsoft Corporation) 0x76410000
Library C:\Windows\system32\IMM32.DLL (Multi-User Windows IMM32 API Client DLL/Microsoft Corporation) 0x76200000
Library C:\Windows\system32\MSCTF.dll (MSCTF Server DLL/Microsoft Corporation) 0x764B0000
Library C:\Windows\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77940000
Library C:\Windows\system32\LPK.DLL (Language Pack/Microsoft Corporation) 0x77A40000
Library C:\Windows\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x76150000
Library C:\Windows\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x76A50000
Library C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x75550000
Library C:\Windows\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x76770000
Library C:\Windows\system32\VERSION.DLL (Version Checking and File Installation Libraries/Microsoft Corporation) 0x75860000

---- Services - GMER 1.0.15 ----


SUNDAVIS PLEASE FORGIVE ME 4 MAKING SO MANY POSTS BUT IT WOULD NOT LET ME POST THIS SO I HAD TO BREAK THIS DOWN. I KEPT GETTING AN ERROR MESSAGE ONCE I GET IT POSTED. I HAD TO RUN THIS IN SAFE MODE BECAUSE I GOT THE BLUE SCREEN OF DEATH TWICE. ERROR CODES WHERE: (1) A THREAD TRIED TO RELEASE A THREAD IT DID NOT OWN, (2) _IROL_NOT_LESS_OREQUAL. ALSO I HAVE ALWAYS HAD A TROJAN LOCATED IN MY HP GAMES BUT COULDNT BE DELETED FROM PREVIOUS SCANS I RAN IN THE PAST. I AM ALMOST POSTIIVE THAT A TROJAN IS HIDING ON THIS SYSTEM BECAUSE IT COULDNT BE DELETED FROM PREVIOUS SCANS SO I JUST RESTORED SYSTEM THINKN IT WOULD REMOVE IT AND IT DIDNT. WHILE I AM ON BLEEPING COMUPTER MY SCREEN SEEMED REALLY FUNNY LOOKING BECAUSE ONCE I POSTED I GOT THOSE LITTLE SMILEY ICONS THAT ARE IN "POST ICONS" THEY WERE IN THE MIDDLE OF THE SCREEN---WEIRD. PROGRAMS I HAVE TRIED IN THE PAST WHERE COMOBOX, ROOTREPEAL, DRWEB AND MANY MORE BUT NONE OF THEM RUN BECAUSE AS SOON AS I DOWNLOAD THEM I GET AN ERROR MESSAGE.

Edited by kymberly, 30 December 2009 - 09:59 PM.


#13 sundavis

sundavis

  • Malware Response Team
  • 2,708 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:29 PM

Posted 30 December 2009 - 11:05 PM

Hi kymberly,



AS SOON AS I DOWNLOAD THEM I GET AN ERROR MESSAGE.

What kind of message? Can you be more specific? Anyway, Let's proceed that and check what happens.

What Dr.Web found goes to HP game products or online games. It maybe a false positive since you have restored your system.

but if it really concerns you. You can uninstall it via control panel > programs and features >right click HP Games and select uninstall. After that, please show hidden files and delete those folders manually.

C:\Program Files\HP Games
C:\Program Files\Online Services
D:\hp\apps\APP04310

Step1
  • If you already have Combofix, please delete that copy and download it again as it's being updated regularly.
  • Please visit this webpage for download links, and instructions for running the tool:
    http://www.bleepingcomputer.com/combofix/how-to-use-combofix
  • Note: If you have Windows Vista, you can skip the recovery console step. In Vista it's in the System Recovery Options menu. The System Recovery Options menu is on the Windows Vista installation disc.
    If Windows doesn't start correctly, you can use these tools to repair startup problems.
  • Close/disable all antivirus and antimalware programs so they do not interfere with the running of ComboFix.
  • Click Yes to allow Combofix to continue scanning for malware.
  • When done, a log will be produced (or locate it in C:\ComboFix.txt). Please post that log in your next reply.
  • Do not mouse click on Combofix while it is running. That may cause it to stall.
In your next reply, please post back:

1.ComboFix log

Tell me the remaining issues you're still experiencing now.

#14 kymberly

kymberly
  • Topic Starter

  • Banned
  • 387 posts
  • OFFLINE
  •  
  • Local time:09:29 PM

Posted 31 December 2009 - 12:27 AM

ComboFix 09-12-30.01 - Go to Hell 12/30/2009 21:07:23.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1918.1293 [GMT -8:00]
Running from: c:\users\Go to Hell\Desktop\ComboFix.exe
AV: McAfee VirusScan *On-access scanning enabled* (Updated) {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Personal Firewall *enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}
SP: McAfee VirusScan *enabled* (Updated) {C78B3C70-4777-4742-BB91-9D615CC575E6}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Resident AV is active

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500
c:\$recycle.bin\S-1-5-21-3855407397-716935182-3364912696-500

.
((((((((((((((((((((((((( Files Created from 2009-11-28 to 2009-12-31 )))))))))))))))))))))))))))))))
.

2009-12-31 05:13 . 2009-12-31 05:14 -------- d-----w- c:\users\Go to Hell\AppData\Local\temp
2009-12-31 05:13 . 2009-12-31 05:13 -------- d-----w- c:\users\Orange and Blue\AppData\Local\temp
2009-12-31 05:13 . 2009-12-31 05:13 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-12-26 02:59 . 2009-12-26 02:59 -------- d-----w- c:\users\Go to Hell\AppData\Roaming\Malwarebytes
2009-12-26 02:58 . 2009-12-04 00:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-26 02:58 . 2009-12-26 02:58 -------- d-----w- c:\programdata\Malwarebytes
2009-12-26 02:58 . 2009-12-04 00:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-26 02:58 . 2009-12-26 02:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-26 02:45 . 2009-12-26 02:45 -------- d-----w- c:\program files\trend micro
2009-12-26 02:45 . 2009-12-26 02:45 -------- d-----w- C:\rsit
2009-12-26 01:01 . 2009-12-26 01:01 93056 ----a-w- C:\uxrirkog.sys
2009-12-26 00:56 . 2009-12-26 00:56 274432 ----a-w- c:\windows\system32\raschap.dll
2009-12-26 00:56 . 2009-12-26 00:56 232960 ----a-w- c:\windows\system32\rastls.dll
2009-12-24 01:18 . 2009-12-24 01:51 -------- d-----w- c:\users\Go to Hell\DoctorWeb
2009-12-09 19:00 . 2009-12-09 19:00 0 ----a-w- c:\users\Go to Hell\settings.dat
2009-12-09 18:57 . 2009-12-09 18:57 123904 ----a-w- c:\windows\system32\L2SecHC.dll
2009-12-09 18:57 . 2009-12-09 18:57 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2009-12-09 18:57 . 2009-12-09 18:57 47104 ----a-w- c:\windows\system32\wlanapi.dll
2009-12-09 18:57 . 2009-12-09 18:57 290816 ----a-w- c:\windows\system32\wlanmsm.dll
2009-12-09 18:57 . 2009-12-09 18:57 502272 ----a-w- c:\windows\system32\wlansvc.dll
2009-12-09 18:57 . 2009-12-09 18:57 297984 ----a-w- c:\windows\system32\wlansec.dll
2009-12-09 18:56 . 2009-12-09 18:56 2923520 ----a-w- c:\windows\explorer.exe
2009-12-09 18:45 . 2009-12-09 18:45 441856 ----a-w- c:\windows\system32\win32spl.dll
2009-12-09 18:45 . 2009-12-09 18:45 37376 ----a-w- c:\windows\system32\printcom.dll
2009-12-09 18:44 . 2009-12-09 18:44 2031104 ----a-w- c:\windows\system32\win32k.sys
2009-12-09 18:44 . 2009-12-09 18:44 14848 ----a-w- c:\windows\system32\wshrm.dll
2009-12-09 18:44 . 2009-12-09 18:44 113664 ----a-w- c:\windows\system32\drivers\rmcast.sys
2009-12-09 18:44 . 2009-12-09 18:44 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-12-09 18:43 . 2009-12-09 18:43 11776 ----a-w- c:\windows\system32\sbunattend.exe
2009-12-09 18:43 . 2009-12-09 18:43 558080 ----a-w- c:\windows\system32\oleaut32.dll
2009-12-09 18:42 . 2009-12-09 18:42 290304 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-09 18:42 . 2009-12-09 18:42 84480 ----a-w- c:\windows\system32\dnsrslvr.dll
2009-12-09 18:42 . 2009-12-09 18:42 24576 ----a-w- c:\windows\system32\dnscacheugc.exe
2009-12-09 18:42 . 2009-12-09 18:42 269824 ----a-w- c:\windows\system32\schannel.dll
2009-12-09 18:41 . 2009-12-09 18:41 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-12-09 18:41 . 2009-12-09 18:41 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-12-09 18:41 . 2009-12-09 18:41 1686528 ----a-w- c:\windows\system32\gameux.dll
2009-12-09 18:41 . 2009-12-09 18:41 98816 ----a-w- c:\windows\system32\mfps.dll
2009-12-09 18:41 . 2009-12-09 18:41 52736 ----a-w- c:\windows\system32\rrinstaller.exe
2009-12-09 18:41 . 2009-12-09 18:41 2855424 ----a-w- c:\windows\system32\mf.dll
2009-12-09 18:41 . 2009-12-09 18:41 24576 ----a-w- c:\windows\system32\mfpmp.exe
2009-12-09 18:41 . 2009-12-09 18:41 2048 ----a-w- c:\windows\system32\mferror.dll
2009-12-09 18:41 . 2009-12-09 18:41 996352 ----a-w- c:\windows\system32\WMNetMgr.dll
2009-12-09 18:41 . 2009-12-09 18:41 94720 ----a-w- c:\windows\system32\logagent.exe
2009-12-09 18:40 . 2009-12-09 18:40 84992 ----a-w- c:\windows\system32\drivers\srvnet.sys
2009-12-09 18:40 . 2009-12-09 18:40 58368 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2009-12-09 18:40 . 2009-12-09 18:40 101888 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2009-12-09 18:39 . 2009-12-09 18:39 84480 ----a-w- c:\windows\system32\INETRES.dll
2009-12-09 18:39 . 2009-12-09 18:39 737792 ----a-w- c:\windows\system32\inetcomm.dll
2009-12-09 18:39 . 2009-12-09 18:39 60928 ----a-w- c:\windows\system32\msasn1.dll
2009-12-09 18:39 . 2009-12-09 18:39 1645568 ----a-w- c:\windows\system32\connect.dll
2009-12-09 18:38 . 2009-12-09 18:38 5120 ----a-w- c:\windows\system32\wmi.dll
2009-12-09 18:38 . 2009-12-09 18:38 152576 ----a-w- c:\windows\system32\imagehlp.dll
2009-12-09 18:38 . 2009-12-09 18:38 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2009-12-09 18:38 . 2009-12-09 18:38 788992 ----a-w- c:\windows\system32\rpcrt4.dll
2009-12-09 18:37 . 2009-12-09 18:37 1327104 ----a-w- c:\windows\system32\quartz.dll
2009-12-09 18:36 . 2009-12-09 18:36 130048 ----a-w- c:\windows\system32\drivers\srv2.sys
2009-12-09 18:35 . 2009-12-09 18:35 321536 ----a-w- c:\windows\system32\WSDApi.dll
2009-12-09 18:35 . 2009-12-09 18:35 -------- d-----w- c:\program files\MSXML 4.0
2009-12-09 18:34 . 2009-12-09 18:34 633856 ----a-w- c:\windows\system32\user32.dll
2009-12-09 18:34 . 2009-12-09 18:34 2048 ----a-w- c:\windows\system32\msxml6r.dll
2009-12-09 18:34 . 2009-12-09 18:34 1341440 ----a-w- c:\windows\system32\msxml6.dll
2009-12-09 18:33 . 2009-12-09 18:33 750080 ----a-w- c:\windows\system32\qmgr.dll
2009-12-09 18:33 . 2009-12-09 18:33 604672 ----a-w- c:\windows\system32\WMSPDMOD.DLL
2009-12-09 18:32 . 2009-12-09 18:32 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-12-09 18:32 . 2009-12-09 18:32 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-12-09 18:32 . 2009-12-09 18:32 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-12-09 18:32 . 2009-12-09 18:32 311296 ----a-w- c:\windows\system32\unregmp2.exe
2009-12-08 03:23 . 2009-12-08 04:46 -------- d-----w- c:\users\Orange and Blue\DoctorWeb
2009-12-08 02:16 . 2009-12-08 02:16 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-12-08 02:16 . 2009-12-08 02:16 44768 ----a-w- c:\windows\system32\wups2.dll
2009-12-08 02:16 . 2009-12-08 02:16 2421760 ----a-w- c:\windows\system32\wucltux.dll
2009-12-08 02:16 . 2009-12-08 02:16 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-12-08 02:15 . 2009-12-08 02:15 33792 ----a-w- c:\windows\system32\wuapp.exe
2009-12-08 02:15 . 2009-12-08 02:15 171608 ----a-w- c:\windows\system32\wuwebv.dll
2009-12-05 05:01 . 2009-12-05 05:01 -------- d-----w- c:\programdata\SiteAdvisor
2009-12-05 04:59 . 2009-11-05 00:54 79816 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2009-12-05 04:59 . 2009-11-05 00:54 40552 ----a-w- c:\windows\system32\drivers\mfesmfk.sys
2009-12-05 04:59 . 2009-11-05 00:54 35272 ----a-w- c:\windows\system32\drivers\mfebopk.sys
2009-12-05 04:59 . 2009-07-16 20:32 130424 ----a-w- c:\windows\system32\drivers\Mpfp.sys
2009-12-05 04:59 . 2009-12-05 04:59 -------- d-----w- c:\program files\Common Files\McAfee
2009-12-05 04:59 . 2009-12-05 04:59 -------- d-----w- c:\program files\McAfee.com
2009-12-05 04:59 . 2009-12-08 02:10 -------- d-----w- c:\program files\McAfee
2009-12-05 04:55 . 2009-11-05 00:53 34248 ----a-w- c:\windows\system32\drivers\mferkdk.sys
2009-12-05 04:42 . 2009-12-08 02:20 -------- d-----w- c:\programdata\McAfee
2009-12-05 03:37 . 2009-12-05 03:37 92472 ----a-w- c:\users\Orange and Blue\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-05 03:37 . 2009-12-05 03:37 -------- d-----w- c:\users\Orange and Blue\AppData\Roaming\Snapfish
2009-12-05 03:17 . 2009-12-09 18:53 92472 ----a-w- c:\users\Go to Hell\AppData\Local\GDIPFONTCACHEV1.DAT
2009-12-05 03:17 . 2009-12-05 03:17 -------- d-----w- c:\users\Go to Hell\AppData\Roaming\Snapfish
2009-12-04 23:36 . 2009-12-04 23:36 -------- d-----w- c:\programdata\Hewlett-Packard
2009-12-04 23:32 . 2009-12-31 05:05 -------- d-----w- c:\windows\SMINST
2009-12-04 23:27 . 2009-12-05 06:19 -------- d-----w- c:\programdata\Symantec
2009-12-04 23:27 . 2009-12-05 05:02 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-12-04 23:25 . 2009-12-05 03:33 -------- d-----w- c:\program files\Yahoo!
2009-12-04 23:24 . 2009-12-04 23:24 -------- d-----w- c:\program files\earthlink totalaccess
2009-12-04 23:21 . 2009-12-04 23:21 -------- d-----w- c:\programdata\PC-Doctor
2009-12-04 23:21 . 2009-12-04 23:35 -------- d-----w- c:\program files\PC-Doctor 5 for Windows
2009-12-04 23:19 . 2009-12-04 23:19 -------- d-----w- c:\programdata\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
2009-12-04 23:19 . 2006-11-29 20:33 321108 ----a-w- c:\programdata\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\mia.dll
2009-12-04 23:19 . 2006-11-29 20:33 2538535 ----a-w- c:\programdata\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe
2009-12-04 23:19 . 2009-12-04 23:19 -------- d-----w- c:\program files\Activation Assistant for the 2007 Microsoft Office suites
2009-12-04 23:18 . 2006-10-27 03:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll
2009-12-04 23:18 . 2006-10-27 03:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-12-04 23:17 . 2009-12-04 23:17 -------- d-----w- c:\windows\PCHEALTH
2009-12-04 23:17 . 2009-12-04 23:17 -------- d-----w- c:\program files\Microsoft.NET
2009-12-04 23:16 . 2009-12-04 23:18 -------- d-----w- c:\programdata\Microsoft Help
2009-12-04 23:16 . 2009-12-04 23:16 -------- d-----r- C:\MSOCache
2009-12-04 23:16 . 2009-12-04 23:18 -------- d-----w- c:\program files\Microsoft Works
2009-12-04 23:14 . 2009-12-04 23:14 -------- d-----w- c:\program files\Snapfish Media Detector
2009-12-04 23:14 . 2009-12-04 23:14 -------- d-----w- c:\program files\Common Files\Adobe
2009-12-04 23:13 . 2009-12-04 23:13 -------- d-----w- c:\program files\muvee Technologies
2009-12-04 23:13 . 2009-12-04 23:13 -------- d-----w- c:\program files\Common Files\muvee Technologies
2009-12-04 23:13 . 2009-12-04 23:13 -------- d-----w- c:\programdata\muvee Technologies
2009-12-04 23:12 . 2009-12-04 23:12 -------- d-----w- c:\program files\Common Files\xing shared
2009-12-04 23:12 . 2009-12-04 23:12 -------- d-----w- c:\program files\Common Files\Real
2009-12-04 23:12 . 2009-12-04 23:12 -------- d-----w- c:\program files\Real
2009-12-04 23:11 . 2009-12-04 23:12 -------- d-----w- c:\program files\Rhapsody
2009-12-04 23:11 . 2009-12-04 23:11 -------- d---a-w- c:\program files\Common Files\LightScribe
2009-12-04 23:11 . 2009-12-04 23:11 -------- d---a-w- c:\program files\Common Files\LS Getting Started
2009-12-04 23:10 . 2009-12-04 23:10 -------- d-----w- c:\program files\Common Files\SureThing Shared
2009-12-04 23:09 . 2009-12-04 23:09 -------- d-----w- c:\programdata\Sonic
2009-12-04 23:09 . 2009-12-04 23:09 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-12-04 23:08 . 2009-12-04 23:08 -------- d-----w- c:\programdata\Roxio
2009-12-04 23:08 . 2009-12-04 23:10 -------- d-----w- c:\program files\Common Files\Sonic Shared
2009-12-04 23:08 . 2009-12-04 23:10 -------- d-----w- c:\program files\Roxio

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-26 01:08 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-12-09 18:51 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-12-09 18:46 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-12-09 18:41 . 2009-12-09 18:41 2560 ----a-w- c:\windows\AppPatch\AcRes.dll
2009-12-09 18:41 . 2009-12-09 18:41 537600 ----a-w- c:\windows\AppPatch\AcLayers.dll
2009-12-09 18:41 . 2009-12-09 18:41 449024 ----a-w- c:\windows\AppPatch\AcSpecfc.dll
2009-12-09 18:41 . 2009-12-09 18:41 2143744 ----a-w- c:\windows\AppPatch\AcGenral.dll
2009-12-09 18:41 . 2009-12-09 18:41 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll
2009-12-04 23:23 . 2009-12-04 22:52 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-04 23:03 . 2009-12-04 22:52 -------- d-----w- c:\program files\Common Files\InstallShield
2009-12-04 22:52 . 2009-12-04 22:52 319456 ----a-w- c:\windows\DIFxAPI.dll
2009-12-04 22:52 . 2009-12-04 22:52 315392 ----a-w- c:\windows\HideWin.exe
2009-12-04 22:52 . 2009-12-04 22:52 -------- d-----w- c:\program files\Realtek
2009-12-04 22:46 . 2006-11-02 08:30 134760 ----a-w- c:\windows\system32\halacpi.dll
2009-12-04 22:46 . 2006-11-02 08:30 160872 ----a-w- c:\windows\system32\halmacpi.dll
2009-11-05 00:54 . 2009-11-05 00:54 214664 ----a-w- c:\windows\system32\drivers\mfehidk.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2006-11-02 1004136]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"KBD"="c:\hp\KBD\KbdStub.EXE" [2006-12-08 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 118784]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-02-11 90192]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-02-11 8429568]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-02-11 81920]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-01 4390912]
"SnapfishMediaDetector"="c:\program files\Snapfish Media Detector\SnapfishMediaDetector.exe" [2007-03-02 1441792]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]
"mcagent_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2009-10-29 1218008]
"McENUI"="c:\progra~1\McAfee\MHN\McENUI.exe" [2009-07-08 1176808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"PCDrProfiler"="c:\program files\PC-Doctor 5 for Windows\RunProfiler.exe" [2007-02-08 73728]
"Launcher"="c:\windows\SMINST\launcher.exe" [2007-03-07 44168]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Snapfish Media Detector.lnk - c:\program files\Snapfish Media Detector\SnapfishMediaDetector.exe [2007-3-2 1441792]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [12/4/2009 9:01 PM 203280]
S3 netr73;Netopia RT73 Wireless Driver for Vista;c:\windows\System32\drivers\netr73.sys [5/24/2009 7:36 AM 501248]
.
Contents of the 'Scheduled Tasks' folder

2009-12-05 c:\windows\Tasks\McDefragTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-12-05 20:22]

2009-12-05 c:\windows\Tasks\McQcTask.job
- c:\progra~1\mcafee\mqc\QcConsol.exe [2009-12-05 20:22]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.att.net/
mStart Page = hxxp://www.yahoo.com
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-30 21:14
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(3852)
c:\program files\McAfee\SiteAdvisor\saHook.dll
.
Completion time: 2009-12-30 21:16:32
ComboFix-quarantined-files.txt 2009-12-31 05:16

Pre-Run: 282,088,501,248 bytes free
Post-Run: 282,141,290,496 bytes free

- - End Of File - - 0E53927D0FF64FB3EB06891E9089EF8A

Once I ran this I got a pitch black screen after signing on. THen i ctrl alt delete and notice that something called LogonUI.exe was hogging and when i tried to end process it disappeared. Just wanted you to know. I also notice on Mcafee scan log results dated 12/4/2009 It detected a Trojan. Detection Name: Generic Start Page! File: C:\Program Files\Online Services\Alous\AOL90\comps\ACS\ACSSETUP.EXE--cannot be deleted.

#15 sundavis

sundavis

  • Malware Response Team
  • 2,708 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:08:29 PM

Posted 31 December 2009 - 02:24 AM

Hi kymberly,



What McAfee alerts is the same as those in Dr.Web log as described in my previous post. You may uninstall and delete those folders if you feel comfortable.

Let's check your system with Kas Online Scanner one more time. If nothing outstanding out there, you should be good to go. Be patient, it will take some time to run the full course.

Please go to Here to download Java Runtime Environment (JRE) 6 Update 17 and install the newest version. After that, please do the following:


Step1


Let's clean some temp files. Please do the following:

Please download ATF Cleaner by Atribune.

Double-click ATF-Cleaner.exe to run the program.
Under Main "Select Files to Delete" choose: Select All.
Click the Empty Selected button.


If you use Firefox browser
Click Firefox at the top and choose: Select All
Click the Empty Selected button.

NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.


Step2


Please perform an online scan with Firefox or Internet Explorer at Kaspersky Online Scanner.--->Right click on your browser and select Run As Administrator to run.
  • Please go to Kaspersky Online Scanner and perform an online antivirus scan.
  • Click Accept button on the "Requirements and limitations".
  • When Java warning " The applcation digital signature has been verified. Do you want to run the application " appears, Click on "Run" button.
  • It will be Downloading and installing the program and Updating the database.
  • When Updating the database have finished, click on Settings.
  • Make sure all boxes are checked. then click on the Save button.
  • Click on My Computer under Scan menu. It will start scanning, so be patient and let it run.
  • Once the scan is completed, Click on View Scan Report.
  • You may see a list of infected items over there. Click on Save Report As.
  • Click "Desktop" , Name the file as "KAS", Change the Files of type to Text file (.txt) and Click on Save button.
  • Please post the contents in your next reply.
  • You can refer to this animation
Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.



Please post back the logs in your next reply.

1.Kas Online Scan Report
2.Fresh HJT log

Tell me if you have any concerns on your pc now.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users