FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Page 1 of 2 1, 2  Next

View previous topic View next topic Go down

FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by veronica8910 on Thu 10 May 2012, 9:37 am

hi my pc wont complete windows updates they fail this is the message i get at the end of updates
the following updates were not installed
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2653956)
Cumulative Security Update for Internet Explorer 8 for Windows XP (KB2675157)
Update Rollup for ActiveX Killbits for Windows XP (KB2695962)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2686509)

also my antivirus wont open or run period!! neither will my comodo firewall update please help me


OTL logfile created on: 09/05/2012 23:02:21 - Run 3
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Documents and Settings\Veron\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.24 Gb Total Physical Memory | 0.93 Gb Available Physical Memory | 41.54% Memory free
4.09 Gb Paging File | 3.04 Gb Available in Paging File | 74.48% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 148.96 Gb Total Space | 93.41 Gb Free Space | 62.71% Space Free | Partition Type: NTFS
Drive D: | 137.10 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 465.70 Gb Total Space | 449.17 Gb Free Space | 96.45% Space Free | Partition Type: FAT32

Computer Name: HOME-CA08B8A03F | User Name: Veron | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/09 23:01:23 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Veron\My Documents\downloads\OTL.exe
PRC - [2012/04/28 03:07:02 | 001,224,176 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
PRC - [2012/03/25 03:02:04 | 000,180,648 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Update\1.3.21.111\GoogleCrashHandler.exe
PRC - [2012/03/11 22:13:21 | 001,983,232 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2012/03/11 22:13:00 | 006,749,512 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011/12/14 20:07:59 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files\Opera\opera.exe
PRC - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PRC - [2010/12/08 22:15:44 | 000,063,360 | ---- | M] (DivX, LLC) -- C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PRC - [2010/07/26 14:17:06 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) -- C:\WINDOWS\system32\dgdersvc.exe
PRC - [2010/07/26 14:15:26 | 000,217,088 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009/06/22 09:23:46 | 000,662,016 | ---- | M] (Sonix) -- C:\WINDOWS\vsnp2uvc.exe
PRC - [2008/04/14 01:12:25 | 001,414,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mmc.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/11/03 19:20:12 | 000,866,584 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MsMpEng.exe


========== Modules (No Company Name) ==========

MOD - [2012/04/28 03:07:01 | 000,444,400 | ---- | M] () -- C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\ppgooglenaclpluginchrome.dll
MOD - [2012/04/28 03:06:59 | 003,915,248 | ---- | M] () -- C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\pdf.dll
MOD - [2012/04/28 03:05:34 | 000,122,880 | ---- | M] () -- C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\avutil-51.dll
MOD - [2012/04/28 03:05:33 | 000,220,672 | ---- | M] () -- C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\avformat-53.dll
MOD - [2012/04/28 03:05:32 | 001,747,456 | ---- | M] () -- C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\avcodec-53.dll
MOD - [2012/04/28 02:09:18 | 008,743,584 | ---- | M] () -- C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
MOD - [2007/02/14 13:55:11 | 000,165,424 | ---- | M] () -- C:\Program Files\Panda Security\Panda Cloud Antivirus\MiniCrypto.dll
MOD - [2007/02/14 13:55:10 | 000,099,888 | ---- | M] () -- C:\Program Files\Panda Security\Panda Cloud Antivirus\APIcr.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/05/05 23:42:37 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/03/11 22:13:21 | 001,983,232 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011/04/28 13:58:54 | 000,140,608 | ---- | M] (Panda Security, S.L.) [Auto | Running] -- C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe -- (NanoServiceMain)
SRV - [2010/07/26 14:17:06 | 000,095,568 | ---- | M] (Devguru Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\dgdersvc.exe -- (dgdersvc)
SRV - [2010/07/26 14:15:26 | 000,217,088 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Veron\Desktop\BitDefender\trufos.sys -- (Trufos)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RkPavproc1.sys -- (RkPavproc1)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Veron\Desktop\BitDefender\profos.sys -- (Profos)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Veron\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - [2012/03/11 22:13:46 | 000,097,760 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\inspect.sys -- (Inspect)
DRV - [2012/03/11 22:13:45 | 000,031,704 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2012/03/11 22:13:44 | 000,494,968 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011/08/01 12:23:20 | 000,143,752 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2011/04/28 13:57:57 | 000,112,456 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2011/04/28 13:57:38 | 000,129,992 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2011/04/28 13:57:38 | 000,111,688 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2011/04/28 13:57:38 | 000,097,096 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2010/07/26 14:17:06 | 000,018,136 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2010/07/26 14:15:26 | 000,036,640 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010/06/21 04:26:36 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2010/06/21 04:26:36 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2010/06/21 04:26:36 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/06/21 04:26:36 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2010/05/12 11:14:58 | 000,098,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2010/04/27 03:25:20 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdm.sys -- (sscemdm)
DRV - [2010/04/27 03:25:20 | 000,098,560 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscebus.sys -- (sscebus) SAMSUNG USB Composite Device V2 driver (WDM)
DRV - [2010/04/27 03:25:20 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscemdfl.sys -- (sscemdfl)
DRV - [2010/04/27 03:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010/04/27 03:25:16 | 000,100,224 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bserd.sys -- (ss_bserd)
DRV - [2010/04/27 03:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)
DRV - [2010/04/27 03:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)
DRV - [2009/06/23 09:37:10 | 003,486,336 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2005/08/17 14:41:08 | 001,022,040 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 26 78 61 7D 6E B4 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{0838CC7D-D0B1-4F80-A392-F56E9BABFA4D}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{2A5CF302-941D-4E36-8E18-ADA0A429544E}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\..\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}: "URL" = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaulturl: "http://uk.search.yahoo.com/search?fr=ffsp1&p="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.param.yahoo-fr: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "chrf-ytbm"
FF - prefs.js..browser.search.param.yahoo-type: "${8}"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:9.0.0.872
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}:7.1.1.2
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@radialpoint.com/SPA,version=1: C:\Program Files\Virgin Media\Service Manager\nprpspa.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)


[2009/07/18 21:11:37 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Veron\Application Data\Mozilla\Extensions
[2011/07/18 15:47:16 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Veron\Application Data\Mozilla\Firefox\Profiles\1g0immaq.default\extensions
[2010/07/09 14:01:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Veron\Application Data\Mozilla\Firefox\Profiles\1g0immaq.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/05 18:27:32 | 000,000,000 | ---D | M] (NoScript) -- C:\Documents and Settings\Veron\Application Data\Mozilla\Firefox\Profiles\1g0immaq.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(2)
[2011/06/06 09:33:30 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Documents and Settings\Veron\Application Data\Mozilla\Firefox\Profiles\1g0immaq.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2011/07/18 15:47:16 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Documents and Settings\Veron\Application Data\Mozilla\Firefox\Profiles\1g0immaq.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2011/07/14 22:25:37 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Documents and Settings\Veron\Application Data\Mozilla\Firefox\Profiles\1g0immaq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009/11/05 18:30:31 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Veron\Application Data\Mozilla\Firefox\Profiles\1g0immaq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}(2)
[2011/07/18 15:47:17 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Veron\Application Data\Mozilla\Firefox\Profiles\1g0immaq.default\extensions\engine@conduit.com
[2010/08/08 14:42:19 | 000,002,569 | ---- | M] () -- C:\Documents and Settings\Veron\Application Data\Mozilla\Firefox\Profiles\1g0immaq.default\searchplugins\askcom.xml
[2011/07/14 23:28:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/08/25 03:58:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/09/15 21:12:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011/06/26 23:54:13 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.168\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: BitTorrentBar = C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\2.3.7.1_0\

O1 HOSTS File: ([2009/08/05 03:04:22 | 000,610,636 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 fr.a2dfp.net
O1 - Hosts: 127.0.0.1 m.fr.a2dfp.net
O1 - Hosts: 127.0.0.1 ad.a8.net
O1 - Hosts: 127.0.0.1 asy.a8ww.net
O1 - Hosts: 127.0.0.1 acezip.net #[SiteAdvisor.acezip.net]
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.] #[Win32/Adware.180Solutions]
O1 - Hosts: 127.0.0.1 phpadsnew.abac.com
O1 - Hosts: 127.0.0.1 a.abnad.net
O1 - Hosts: 127.0.0.1 b.abnad.net
O1 - Hosts: 127.0.0.1 c.abnad.net #[eTrust.Tracking.Cookie]
O1 - Hosts: 127.0.0.1 d.abnad.net
O1 - Hosts: 127.0.0.1 e.abnad.net
O1 - Hosts: 127.0.0.1 t.abnad.net
O1 - Hosts: 127.0.0.1 z.abnad.net
O1 - Hosts: 127.0.0.1 banners.absolpublisher.com
O1 - Hosts: 127.0.0.1 tracking.absolstats.com
O1 - Hosts: 127.0.0.1 adv.abv.bg
O1 - Hosts: 127.0.0.1 bimg.abv.bg
O1 - Hosts: 127.0.0.1 www2.a-counter.kiev.ua
O1 - Hosts: 127.0.0.1 track.acclaimnetwork.com
O1 - Hosts: 127.0.0.1 accuserveadsystem.com
O1 - Hosts: 127.0.0.1 [You must be registered and logged in to see this link.]
O1 - Hosts: 127.0.0.1 gtb5.acecounter.com
O1 - Hosts: 127.0.0.1 gtb19.acecounter.com
O1 - Hosts: 16306 more lines...
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [PSUNMain] C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [snp2uvc] C:\WINDOWS\vsnp2uvc.exe (Sonix)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LG SyncManager.lnk = File not found
O4 - Startup: C:\Documents and Settings\Veron\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O4 - Startup: C:\Documents and Settings\Veron\Start Menu\Programs\Startup\ZooskMessenger.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\control panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\control panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Veron\Application Data\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Veron\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} [You must be registered and logged in to see this link.] (Checkers Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_29)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} [You must be registered and logged in to see this link.] (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86BFBBDD-D2D3-4D79-A360-31CC24750164}: DhcpNameServer = 192.168.0.1
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Veron\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Veron\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/07/18 20:20:48 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008/10/06 15:35:58 | 000,000,053 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{610af626-5982-11e0-b1ad-001676297e51}\Shell - "" = AutoRun
O33 - MountPoints2\{610af626-5982-11e0-b1ad-001676297e51}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{610af626-5982-11e0-b1ad-001676297e51}\Shell\AutoRun\command - "" = E:\DPFMate.exe
O33 - MountPoints2\{90270845-73d0-11de-b46f-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{90270845-73d0-11de-b46f-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{90270845-73d0-11de-b46f-806d6172696f}\Shell\AutoRun\command - "" = D:\DWizard615.exe -- [2010/04/29 03:47:22 | 000,554,304 | R--- | M] (D-Link Corp.)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O35 - HKCU\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/05/09 22:10:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012/05/07 16:25:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Veron\Local Settings\Application Data\MetaGeek,_LLC
[2012/05/07 16:19:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Veron\Start Menu\Programs\MetaGeek
[2012/05/07 16:19:19 | 000,000,000 | ---D | C] -- C:\Program Files\MetaGeek
[2012/05/07 16:05:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Veron\Local Settings\Application Data\LogMeIn Rescue Applet
[2012/04/25 03:20:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Veron\Desktop\SHITE PICS N SHIT
[2012/04/14 02:39:35 | 000,301,640 | ---- | C] (Softonic) -- C:\Documents and Settings\Veron\Desktop\SoftonicDownloader_for_windows-live-messenger.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/09 23:07:02 | 000,000,978 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-73586283-725345543-1004UA.job
[2012/05/09 22:42:15 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/05/09 22:23:38 | 000,441,884 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/05/09 22:23:38 | 000,071,820 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/05/09 22:10:27 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/05/09 21:19:02 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2012/05/09 21:18:16 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-73586283-725345543-1004.job
[2012/05/09 21:15:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/05/07 16:19:21 | 000,002,000 | ---- | M] () -- C:\Documents and Settings\Veron\Desktop\inSSIDer.lnk
[2012/05/01 17:10:32 | 000,002,262 | ---- | M] () -- C:\Documents and Settings\Veron\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/05/01 17:10:31 | 000,002,284 | ---- | M] () -- C:\Documents and Settings\Veron\Desktop\Google Chrome.lnk
[2012/04/29 03:07:43 | 000,000,926 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1409082233-73586283-725345543-1004Core.job
[2012/04/16 02:17:00 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-73586283-725345543-1004.job
[2012/04/14 02:39:35 | 000,301,640 | ---- | M] (Softonic) -- C:\Documents and Settings\Veron\Desktop\SoftonicDownloader_for_windows-live-messenger.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/07 16:19:21 | 000,002,000 | ---- | C] () -- C:\Documents and Settings\Veron\Desktop\inSSIDer.lnk
[2012/02/16 14:49:33 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/07/05 11:12:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\PSINAflt(2).sys
[2011/06/27 18:35:13 | 000,000,280 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\SharedProperties.xml
[2011/06/27 17:33:55 | 000,000,264 | ---- | C] () -- C:\WINDOWS\System32\PSUNCpl.dat
[2011/02/03 04:20:55 | 000,000,838 | ---- | C] () -- C:\Documents and Settings\Veron\Local Settings\Application Data\FASTWiz.html
[2010/11/20 02:37:31 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/08/29 13:16:25 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010/08/29 13:16:25 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010/08/29 13:16:14 | 000,002,528 | ---- | C] () -- C:\Documents and Settings\Veron\Application Data\$_hpcst$.hpc
[2010/08/21 18:58:51 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2010/08/21 15:27:37 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2010/08/21 15:27:37 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2010/08/21 15:27:37 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2010/08/21 15:27:37 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2010/08/21 15:27:37 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2010/08/21 15:27:37 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2010/08/21 15:27:37 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2010/08/21 15:27:37 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2010/08/21 15:27:37 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2010/08/21 15:27:37 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2010/08/21 15:27:37 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2010/08/21 15:27:37 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2010/08/21 15:27:37 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2010/08/21 15:27:37 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2010/08/21 15:27:37 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2010/08/21 15:27:37 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2010/08/21 15:27:37 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2010/08/21 15:27:37 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2010/08/21 15:27:37 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2010/08/03 16:11:22 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\Veron\Application Data\Adobe GIF Format CS5 Prefs
[2010/07/29 00:10:58 | 003,486,336 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2uvc.sys
[2010/07/29 00:10:58 | 000,196,608 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2uvc.dll
[2010/07/29 00:10:58 | 000,028,544 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncduvc.sys
[2010/07/29 00:10:58 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2uvc.ini
[2010/07/29 00:10:52 | 000,241,664 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnp2uvc.dll
[2010/07/26 14:18:38 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2010/07/26 14:18:38 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2010/07/26 14:18:38 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2010/07/26 14:18:38 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll

========== LOP Check ==========

[2011/06/27 17:29:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2011/03/14 19:36:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/02/03 05:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driving Test Success
[2011/06/04 14:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2012/03/20 04:24:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Graboid Inc
[2009/08/12 04:39:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ICQ
[2012/03/04 22:00:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2011/06/27 17:25:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/06/27 17:33:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Panda Security
[2012/03/04 22:00:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2011/05/18 21:36:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2010/08/08 14:40:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
[2010/08/29 13:16:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009/07/22 17:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SITEguard
[2009/07/29 19:18:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\STOPzilla!
[2011/06/27 18:35:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/08/21 15:31:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
[2010/08/08 17:12:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2011/06/27 18:35:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Virgin Media
[2012/03/04 22:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2011/01/26 05:22:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/18 18:43:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2006/04/05 15:48:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\AVG10
[2012/03/05 00:15:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\Azureus
[2011/12/06 11:53:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
[2012/02/13 20:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\DVDVideoSoft
[2011/07/14 22:36:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\DVDVideoSoftIEHelpers
[2011/02/03 01:22:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\Epson
[2010/12/03 15:55:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\FoxyTunes
[2011/05/19 00:55:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\FrostWire
[2009/08/05 17:01:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\Leadertech
[2010/12/18 02:38:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\Local
[2011/09/02 01:02:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\MSNInstaller
[2010/08/25 04:00:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\OpenOffice.org
[2011/04/17 13:02:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\Opera
[2011/06/27 17:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\Panda Security
[2011/07/18 15:58:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\PriceGong
[2011/05/18 21:36:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\Radialpoint
[2010/08/29 13:15:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\Samsung
[2010/08/08 17:12:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\Ulead Systems
[2006/04/05 00:03:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Veron\Application Data\Virgin Media
[2012/05/09 21:19:02 | 000,000,330 | -H-- | M] () -- C:\WINDOWS\Tasks\MP Scheduled Scan.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >



veronica8910

Rookie Surfer
Rookie Surfer

Posts : 77
Joined : 2009-08-07
Operating System : windows xp 32 bit

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by Superdave on Fri 11 May 2012, 4:33 am

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.

*****************************************************************
* Open OTL
* Copy and Paste the following text in the codebox into the Custom Scans/Fixes window.

Code:
:OTL
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LG SyncManager.lnk = File not found
O4 - Startup: C:\Documents and Settings\Veron\Start Menu\Programs\Startup\ZooskMessenger.lnk = File not found
:COMMANDS
[resethosts]
[purity]
[start explorer]

* Click Run Fix
* OTLI2 may ask to reboot the machine. Please do so if asked.
* Click OK
* A report will open. Copy and Paste that report in your next reply.
**************************************************************
1. Download this diagnostics tool MGADiag.ext and save this to your Desktop.
2. Double-click on MGADiag.exe and click Continue
3. When the program has finished, click on Copy
4. Post the results in your next reply.
******************************************************
SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download SuperAntispyware Free Edition (SAS)
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
*********************************************
Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by veronica8910 on Fri 11 May 2012, 7:11 am

ok i ran OTL had to reboot and have log now


========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}\ not found.
File move failed. C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LG SyncManager.lnk scheduled to be moved on reboot.
File move failed. C:\Documents and Settings\Veron\Start Menu\Programs\Startup\ZooskMessenger.lnk scheduled to be moved on reboot.
========== COMMANDS ==========
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.42.1 log created on 05102012_204554

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\All Users\Start Menu\Programs\Startup\LG SyncManager.lnk not found!
File\Folder C:\Documents and Settings\Veron\Start Menu\Programs\Startup\ZooskMessenger.lnk not found!

Registry entries deleted on Reboot...

diagnostic report bel
ow


Diagnostic Report (1.9.0027.0):
-----------------------------------------
Windows Validation Data-->
Validation Status: Genuine
Validation Code: 0
Cached Validation Code: N/A
Windows Product Key: *****-*****-GD6GR-K6DP3-4C8MT
Windows Product Key Hash: s2kt66ZJWfV4nS1wFD5F9bxTSDw=
Windows Product ID: 76477-OEM-2111907-00102
Windows Product ID Type: 2
Windows License Type: OEM SLP
Windows OS version: 5.1.2600.2.00010300.3.0.hom
ID: {4F1CC042-2A79-4543-B8E0-E5DC71269060}(3)
Is Admin: Yes
TestCab: 0x0
LegitcheckControl ActiveX: Registered, 1.7.69.2
Signed By: Microsoft
Product Name: N/A
Architecture: N/A
Build lab: N/A
TTS Error: N/A
Validation Diagnostic: 025D1FF3-230-1
Resolution Status: N/A

Vista WgaER Data-->
ThreatID(s): N/A
Version: N/A

Windows XP Notifications Data-->
Cached Result: N/A, hr = 0x80070002
File Exists: No
Version: N/A, hr = 0x80070002
WgaTray.exe Signed By: N/A, hr = 0x80070002
WgaLogon.dll Signed By: N/A, hr = 0x80070002

OGA Notifications Data-->
Cached Result: N/A, hr = 0x80070002
Version: N/A, hr = 0x80070002
OGAExec.exe Signed By: N/A, hr = 0x80070002
OGAAddin.dll Signed By: N/A, hr = 0x80070002

OGA Data-->
Office Status: 109 N/A
OGA Version: N/A, 0x80070002
Signed By: N/A, hr = 0x80070002
Office Diagnostics: 025D1FF3-230-1

Browser Data-->
Proxy settings:
User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
Default Browser: C:\Documents and Settings\Veron\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
Download signed ActiveX controls: Prompt
Download unsigned ActiveX controls: Disabled
Run ActiveX controls and plug-ins: Allowed
Initialize and script ActiveX controls not marked as safe: Disabled
Allow scripting of Internet Explorer Webbrowser control: Disabled
Active scripting: Allowed
Script ActiveX controls marked as safe for scripting: Allowed

File Scan Data-->
File Mismatch: C:\WINDOWS\system32\winlogon.exe[5.1.2600.5512], Hr = 0x800b0100
File Mismatch: C:\WINDOWS\system32\licdll.dll[5.1.2600.5512], Hr = 0x800b0100
File Mismatch: C:\WINDOWS\system32\ntoskrnl.exe[5.1.2600.6165], Hr = 0x800b0100
File Mismatch: C:\WINDOWS\system32\ntdll.dll[5.1.2600.6055], Hr = 0x800b0100
File Mismatch: C:\WINDOWS\system32\kernel32.dll[5.1.2600.5781], Hr = 0x800b0100
File Mismatch: C:\WINDOWS\system32\crypt32.dll[5.131.2600.6154], Hr = 0x800b0100
File Mismatch: C:\WINDOWS\system32\advapi32.dll[5.1.2600.5755], Hr = 0x800b0100
File Mismatch: C:\WINDOWS\system32\setupapi.dll[5.1.2600.5512], Hr = 0x800b0100
File Mismatch: C:\WINDOWS\system32\oembios.bin[Hr = 0x800b0003]
File Mismatch: C:\WINDOWS\system32\oembios.dat[Hr = 0x800b0003]
File Mismatch: C:\WINDOWS\system32\oembios.sig[Hr = 0x800b0003]
File Mismatch: C:\WINDOWS\system32\syssetup.dll[5.1.2600.5512], Hr = 0x800b0100

Other data-->
Office Details: ~[Filtered]~

Licensing Data-->
N/A

Windows Activation Technologies-->
N/A

HWID Data-->
N/A

OEM Activation 1.0 Data-->
BIOS string matches: yes
Marker string from BIOS: 1A925:Dell Inc|1A925:Microsoft Corporation
Marker string from OEMBIOS.DAT: Dell System,Dell Computer,Dell System,Dell System

OEM Activation 2.0 Data-->
N/A

I had a problem running the SuperAntispyware Free Edition (SAS)

i used both links and i get this message "Super anti Spyware exe Bad Image"
the application or DLL C:\windows\system32\macromed\flash\flash11 ocx is not a valid windows image please check against your installation diskette.
although i currently have it running now scanning awaiting log i will edit and post at the bottom

I managed to run a full scan on my pc with Malwarebytes' Anti-Malware so log follows. i had 1 detection on the volume a (PUP.ToolbarDownloader) and it was removed after reeboot


Malwarebytes Anti-Malware 1.61.0.1400
[You must be registered and logged in to see this link.]

Database version: v2012.05.10.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Veron :: HOME-CA08B8A03F [administrator]

10/05/2012 19:19:46
mbam-log-2012-05-10 (19-19-46).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 292343
Time elapsed: 1 hour(s), 35 minute(s), 44 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\System Volume Information\_restore{60466CB1-1A7C-4469-962C-B8FFEEEC2629}\RP599\A0941412.exe (PUP.ToolbarDownloader) -> Quarantined and deleted successfully.

(end)


veronica8910

Rookie Surfer
Rookie Surfer

Posts : 77
Joined : 2009-08-07
Operating System : windows xp 32 bit

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by Superdave on Fri 11 May 2012, 9:22 am

Good job. Let's try this.

Download Combofix from any of the links below, and save it to your DESKTOP.

Link 1
Link 2
Link 3

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click ComboFix.exe to run it.

    You will see the following image:



Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by veronica8910 on Fri 11 May 2012, 12:08 pm

hi there ive followed instructions in the link you gave me & i disabled my panda cloud antivirus via task manager. however when i ran combo-fix i got a message saying that i still had anti virus scanners enabled this picked up panda cloud which i disabled and all the programmes that start it.

it also detected virgin media antivirus security, thing is i unistalled that ages ago so thats really weird.. please help

veronica8910

Rookie Surfer
Rookie Surfer

Posts : 77
Joined : 2009-08-07
Operating System : windows xp 32 bit

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by Superdave on Fri 11 May 2012, 12:31 pm

Please run CF in any case and post the log.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by veronica8910 on Fri 11 May 2012, 2:23 pm

every thing was going fine run comboFix it started got the message ComboFix will check to see if the Microsoft Windows Recovery Console is installed.. it wasn't and so it installed recovery..

then the recovery was successful click yes to check for malware.. so i did

it ran a scan up to 50% then .. i get BSOD

a problem has been detected and windows has been shut down to prevent damage to your computer.
BAD_POOL_HEADER
if this is the first time youve seen this stop error screen restart computer if this appears again follow these steps
check make sure that any new hard ware or software is properly installed. ask your hardware or software manufacturer for any windows updates you might need.
TECHNICAL INFORMATION ***STOP:0X00000019(0X00000020,0X8885D138,0X08885D550,0X1A830002



So i restarted the pc and i get a microsoft windows message box
The system has recovered from a serious error a log has been created

Error signature
BcCode:19 BcP1:00000020 Bcp28885d138: bcp3:8885d550 bcp4:1a83002 osVer:5_12600 sp:3_0 product768_1


and after this appeared so did the installation wizard for generic volume... if you have hardware that came with the installation cd insert it now.. which i do not have ....

and heres the super anti spyware log from earlier




SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]


Generated 05/10/2012 at 11:08 PM


Application Version : 5.0.1148


Core Rules Database Version : 8583
Trace Rules Database Version: 6395


Scan type : Complete Scan
Total Scan Time : 01:37:44


Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator


Memory items scanned : 542
Memory threats detected : 0
Registry items scanned : 33914
Registry threats detected : 0
File items scanned : 78810
File threats detected : 184

for some reason i am not allowed to post Adware.Tracking Cookie your site wont allow it

awaiting your instruction & advice thanks

veronica8910

Rookie Surfer
Rookie Surfer

Posts : 77
Joined : 2009-08-07
Operating System : windows xp 32 bit

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by Superdave on Sat 12 May 2012, 5:27 am

a problem has been detected and windows has been shut down to prevent damage to your computer.
BAD_POOL_HEADER
if this is the first time youve seen this stop error screen restart computer if this appears again follow these steps
check make sure that any new hard ware or software is properly installed. ask your hardware or software manufacturer for any windows updates you might need.
TECHNICAL INFORMATION ***STOP:0X00000019(0X00000020,0X8885D138,0X08885D550,0X1A830002
Here's an explanation about this problem. Does it apply to your case?

Delete ComboFix from you desktop.This one is the same problem but you must rename it before downloading it.

Download Combofix from any of the links below, and save it to your DESKTOP.

Link 1
Link 2
Link 3

When saving ComboFix rename it to PCHelpForum.exe to prevent it from being blocked by malware.

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

  • Close any open windows and double click PCHelpForum.exe to run it.

    You will see the following image:



Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by veronica8910 on Sat 12 May 2012, 9:00 am

i deleted combo fix from desktop and i reinstalled it via link changing the name before i saved to PCHelpForum.exe

i then closed down all browsers opened task manager found the description of anti virus panda cloud ended the task ran the new combofix i just renamed went straight to scanning for malware bloue box apearred like before

completed to 50%
then BSOD

so it made no difference changing the file name & combo fix is still finding my antivirus running also virgin media antivirus but i removed that months ago

will i just uninstall panda cloud completely i have revo uninstaller ??

thank you

veronica8910

Rookie Surfer
Rookie Surfer

Posts : 77
Joined : 2009-08-07
Operating System : windows xp 32 bit

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by Superdave on Sat 12 May 2012, 9:23 am

Let's try something else first.

Please download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it



Click the "Scan" button to start scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives



On completion of the scan click save log, save it to your desktop and post in your next reply

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by veronica8910 on Sat 12 May 2012, 11:17 am

ok i dowloaded aswMBR to desk top ran it .. my comodo firewall said that it was malicious and that in order for the scan to run it best i should download AVAST anti virus

i disregarded that and continued to run a scan here is the log below

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-12 01:12:37
-----------------------------
01:12:37.468 OS Version: Windows 5.1.2600 Service Pack 3
01:12:37.468 Number of processors: 1 586 0x409
01:12:37.468 ComputerName: HOME-CA08B8A03F UserName: Veron
01:12:38.937 Initialze error C0000022 - driver not loaded
01:13:11.890 Service scanning
01:13:22.046 Modules scanning
01:13:22.046 Disk 0 trace - called modules:
01:13:22.046
01:13:22.046 Scan finished successfully
01:14:07.375 The log file has been saved successfully to "C:\Documents and Settings\Veron\Desktop\aswMBR.txt"



veronica8910

Rookie Surfer
Rookie Surfer

Posts : 77
Joined : 2009-08-07
Operating System : windows xp 32 bit

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by Superdave on Sat 12 May 2012, 12:49 pm

That's not the complete log. Please run it again as well as this one.

Please download MBRCheck.exe by a_d_13 from one of the links provided below and save it to your desktop.

Link 1
Link 2
Link 3

•Double-click on MBRCheck.exe to run it.

•It will open a black window...please do not fix anything (if it gives you an option).

•When complete, you should see Done! Press ENTER to exit.... Press Enter on the keyboard.

•A log named MBRCheck_date_time.txt (i.e. MBRCheck_07.21.10_10.22.51.txt) will appear on the desktop.
•Please copy and paste the contents of that log in your next reply.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by veronica8910 on Sat 12 May 2012, 1:20 pm

MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000001d

Kernel Drivers (total 125):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806D1000 \WINDOWS\system32\hal.dll
0xBA5A8000 \WINDOWS\system32\KDCOM.DLL
0xBA4B8000 \WINDOWS\system32\BOOTVID.dll
0xB9F79000 ACPI.sys
0xBA5AA000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xB9F68000 pci.sys
0xBA0A8000 isapnp.sys
0xBA670000 pciide.sys
0xBA328000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xBA5AC000 intelide.sys
0xBA0B8000 MountMgr.sys
0xB9F49000 ftdisk.sys
0xBA330000 PartMgr.sys
0xBA0C8000 VolSnap.sys
0xB9F31000 atapi.sys
0xBA338000 cercsr6.sys
0xB9F19000 \WINDOWS\System32\Drivers\SCSIPORT.SYS
0xBA0D8000 disk.sys
0xBA0E8000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xB9EF9000 fltmgr.sys
0xB9EE7000 sr.sys
0xBA0F8000 PxHelp20.sys
0xB9ED0000 KSecDD.sys
0xB9EBD000 WudfPf.sys
0xB9E30000 Ntfs.sys
0xB9E1A000 inspect.sys
0xB9DED000 \WINDOWS\System32\DRIVERS\NDIS.SYS
0xBA340000 \WINDOWS\System32\DRIVERS\TDI.SYS
0xB9DD3000 Mup.sys
0xBA148000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xB9798000 \SystemRoot\system32\DRIVERS\ialmnt5.sys
0xB9784000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xB975C000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0xBA430000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xB9738000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xBA438000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xB9712000 \SystemRoot\system32\DRIVERS\e100b325.sys
0xBA440000 \SystemRoot\system32\DRIVERS\fdc.sys
0xBA158000 \SystemRoot\system32\DRIVERS\imapi.sys
0xBA178000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xBA188000 \SystemRoot\system32\DRIVERS\redbook.sys
0xB96EF000 \SystemRoot\system32\DRIVERS\ks.sys
0xBA448000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0xBA765000 \SystemRoot\system32\DRIVERS\audstub.sys
0xBA198000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xB9D7E000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xB96D8000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xBA1A8000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xBA1B8000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xB96C7000 \SystemRoot\system32\DRIVERS\psched.sys
0xBA1C8000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xBA450000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xBA458000 \SystemRoot\system32\DRIVERS\raspti.sys
0xBA1F8000 \SystemRoot\system32\DRIVERS\termdd.sys
0xBA460000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xBA468000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xBA5E2000 \SystemRoot\system32\DRIVERS\swenum.sys
0xB9669000 \SystemRoot\system32\DRIVERS\update.sys
0xBA54C000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xBA218000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xA94B7000 \SystemRoot\system32\drivers\sthda.sys
0xA9493000 \SystemRoot\system32\drivers\portcls.sys
0xBA228000 \SystemRoot\system32\drivers\drmk.sys
0xBA238000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xBA5E8000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xBA478000 \SystemRoot\system32\DRIVERS\flpydisk.sys
0xA7EBE000 \SystemRoot\System32\DRIVERS\cmdguard.sys
0xBA564000 \SystemRoot\system32\DRIVERS\hidusb.sys
0xBA278000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0xBA488000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0xBA5EE000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xBA6D5000 \SystemRoot\System32\Drivers\Null.SYS
0xBA5F0000 \SystemRoot\System32\Drivers\Beep.SYS
0xBA4A0000 \SystemRoot\System32\drivers\vga.sys
0xBA5F2000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xBA5F4000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xBA4A8000 \SystemRoot\System32\Drivers\Msfs.SYS
0xBA4B0000 \SystemRoot\System32\Drivers\Npfs.SYS
0xBA56C000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xA7369000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xA7310000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xBA358000 \SystemRoot\System32\DRIVERS\cmdhlp.sys
0xA72E8000 \SystemRoot\system32\DRIVERS\netbt.sys
0xBA57C000 \SystemRoot\System32\drivers\ws2ifsl.sys
0xA72C6000 \SystemRoot\System32\drivers\afd.sys
0xBA298000 \SystemRoot\system32\DRIVERS\netbios.sys
0xA72A4000 \??\C:\Documents and Settings\Veron\Desktop\SASKUTIL.SYS
0xBA360000 \??\C:\Documents and Settings\Veron\Desktop\SASDIFSV.SYS
0xA7279000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xA7232000 \SystemRoot\system32\DRIVERS\psinknc.sys
0xA714A000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xBA2A8000 \SystemRoot\System32\Drivers\Fips.SYS
0xA7124000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xBA2B8000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xBA378000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0xA722E000 \SystemRoot\system32\DRIVERS\kbdhid.sys
0xA722A000 \SystemRoot\system32\DRIVERS\mouhid.sys
0xA6368000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xA6350000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xBA646000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xA6390000 \SystemRoot\System32\drivers\Dxapi.sys
0xBA410000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xBA7B6000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF020000 \SystemRoot\System32\ialmdnt5.dll
0xBF012000 \SystemRoot\System32\ialmrnt5.dll
0xBF041000 \SystemRoot\System32\ialmdev5.DLL
0xBF075000 \SystemRoot\System32\ialmdd5.DLL
0xBF157000 \SystemRoot\System32\ATMFD.DLL
0xA6216000 \SystemRoot\system32\DRIVERS\PSINAflt.sys
0xA61FC000 \SystemRoot\system32\DRIVERS\PSINProt.sys
0xA61BD000 \SystemRoot\system32\DRIVERS\PSINFile.sys
0xA61A3000 \SystemRoot\system32\DRIVERS\PSINProc.sys
0xA60C3000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA5E56000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA5DAE000 \SystemRoot\system32\DRIVERS\srv.sys
0xA5A72000 \SystemRoot\System32\drivers\dgderdrv.sys
0xA5FAB000 \??\C:\WINDOWS\system32\FsUsbExDisk.SYS
0xA57F9000 \SystemRoot\system32\drivers\wdmaud.sys
0xA58EE000 \SystemRoot\system32\drivers\sysaudio.sys
0xA5573000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA54E2000 \SystemRoot\System32\Drivers\HTTP.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 42):
0 System Idle Process
4 SYSTEM
708 C:\WINDOWS\system32\smss.exe
756 csrss.exe
784 C:\WINDOWS\system32\winlogon.exe
828 C:\WINDOWS\system32\services.exe
840 C:\WINDOWS\system32\lsass.exe
1044 C:\WINDOWS\system32\svchost.exe
1112 svchost.exe
1208 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
1244 C:\WINDOWS\system32\svchost.exe
1256 C:\Program Files\Windows Defender\MsMpEng.exe
1356 C:\WINDOWS\system32\svchost.exe
1468 svchost.exe
1596 svchost.exe
1692 C:\WINDOWS\system32\spoolsv.exe
1824 svchost.exe
1856 C:\Documents and Settings\Veron\Desktop\SASCore.exe
1868 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1884 C:\Program Files\Bonjour\mDNSResponder.exe
1908 svchost.exe
1948 C:\WINDOWS\system32\dgdersvc.exe
284 C:\WINDOWS\system32\FsUsbExService.Exe
300 C:\Program Files\Java\jre6\bin\jqs.exe
516 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
620 C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
740 C:\WINDOWS\system32\svchost.exe
960 C:\WINDOWS\system32\wuauclt.exe
2364 alg.exe
3560 C:\WINDOWS\explorer.exe
3540 C:\WINDOWS\system32\rundll32.exe
3644 C:\WINDOWS\system32\hkcmd.exe
3664 C:\WINDOWS\system32\igfxpers.exe
3680 C:\Program Files\Windows Defender\MSASCui.exe
3764 C:\WINDOWS\vsnp2uvc.exe
3820 C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
3548 C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
3908 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
3980 C:\Program Files\Real\RealPlayer\Update\realsched.exe
4056 C:\Program Files\Common Files\Java\Java Update\jusched.exe
4092 C:\WINDOWS\system32\ctfmon.exe
2184 C:\Documents and Settings\Veron\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`02738a00 (NTFS)
\\.\E: --> \\.\PhysicalDrive1 at offset 0x00000000`00000000 (FAT32)

PhysicalDrive0 Model Number: SAMSUNGHD160JJ/P, Rev: ZM100-34
PhysicalDrive1 Model Number: SeagateDesktop, Rev: 0130

Size Device Name MBR Status
--------------------------------------------
149 GB \\.\PhysicalDrive0 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
465 GB \\.\PhysicalDrive1 RE: Unknown MBR code
SHA1: 6A699B7234A9DF79F2E6FBFBD5F11099D941A768


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Done!

veronica8910

Rookie Surfer
Rookie Surfer

Posts : 77
Joined : 2009-08-07
Operating System : windows xp 32 bit

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by Superdave on Sun 13 May 2012, 5:24 am

Please run aswMBR.Exe as described in Post 10 and post the full log.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by veronica8910 on Sun 13 May 2012, 5:59 am

i have followed your instructions accordingly.. i double clicked aswMBR on the desktop.
Automatically a a white box appeared with a red outline apparently from COMODO

says"A mallicious item has been detected"
name: Heur Suspicious @ 1
Location: C:/documents and settings Veron/desktop/aswMBR
More info: [You must be registered and logged in to see this link.] security comodo.com/report23e875589

how should i answer

Clean Ignore

so if i click clean it says " Not all malware could be safely removed some of the threats could not be automatically eliminated

do you want to get live support to remidate the problem now?

Yes Ignore

if i gnore any of this i get a box that appears from aswMBR it says

this application can use the anitivirus Avast free antivirus for scanning (it is reccomended to download it for better detection results

wouldyou like to down load it now

yes no

so i clicked no and went straigt to run scan ... seems im not allowed the full log because im getting these warning boxes

heres the scan thanks

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-05-12 19:47:23
-----------------------------
19:47:23.625 OS Version: Windows 5.1.2600 Service Pack 3
19:47:23.625 Number of processors: 1 586 0x409
19:47:23.625 ComputerName: HOME-CA08B8A03F UserName: Veron
19:47:25.000 Initialze error C0000022 - driver not loaded
19:49:18.453 Service scanning
19:49:28.609 Modules scanning
19:49:28.609 Disk 0 trace - called modules:
19:49:28.609
19:49:28.609 Scan finished successfully
19:49:43.296 The log file has been saved successfully to "C:\Documents and Settings\Veron\Desktop\aswMBRLOG.txt"



veronica8910

Rookie Surfer
Rookie Surfer

Posts : 77
Joined : 2009-08-07
Operating System : windows xp 32 bit

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by Superdave on Sun 13 May 2012, 9:31 am

Ok. let's try this scan and then try to run ComboFix again. If it won't run, please run it in Safe mode.

Please download TDSSKiller from here and save it to your Desktop.

  • Doubleclick TDSSKiller.exe to run the tool
  • Click the Start Scan button (If prompted with a "hidden service warning" do go ahead and delete it.)

  • After the scan has finished, click the Close button
  • Click the Report button and copy/paste the contents of it into your next reply
  • Note:It will also create a log in the C:\ directory.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by veronica8910 on Sun 13 May 2012, 10:25 pm

here is the log for TDSS, & combofix finally ran in safe mode its log is too long so i have posted a new combofix log

12:23:19.0578 3268 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
12:23:19.0687 3268 ============================================================
12:23:19.0687 3268 Current date / time: 2012/05/13 12:23:19.0687
12:23:19.0687 3268 SystemInfo:
12:23:19.0687 3268
12:23:19.0687 3268 OS Version: 5.1.2600 ServicePack: 3.0
12:23:19.0687 3268 Product type: Workstation
12:23:19.0687 3268 ComputerName: HOME-CA08B8A03F
12:23:19.0687 3268 UserName: Veron
12:23:19.0687 3268 Windows directory: C:\WINDOWS
12:23:19.0687 3268 System windows directory: C:\WINDOWS
12:23:19.0687 3268 Processor architecture: Intel x86
12:23:19.0687 3268 Number of processors: 1
12:23:19.0687 3268 Page size: 0x1000
12:23:19.0687 3268 Boot type: Normal boot
12:23:19.0687 3268 ============================================================
12:23:21.0578 3268 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:23:21.0578 3268 Drive \Device\Harddisk1\DR3 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:23:25.0375 3268 ============================================================
12:23:25.0375 3268 \Device\Harddisk0\DR0:
12:23:25.0375 3268 MBR partitions:
12:23:25.0375 3268 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x129ED876
12:23:25.0375 3268 \Device\Harddisk1\DR3:
12:23:25.0390 3268 MBR partitions:
12:23:25.0390 3268 ============================================================
12:23:25.0406 3268 C: <-> \Device\Harddisk0\DR0\Partition0
12:23:25.0406 3268 ============================================================
12:23:25.0406 3268 Initialize success
12:23:25.0406 3268 ============================================================
12:23:45.0937 2384 ============================================================
12:23:45.0937 2384 Scan started
12:23:45.0937 2384 Mode: Manual;
12:23:45.0937 2384 ============================================================
12:23:46.0671 2384 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Documents and Settings\Veron\Desktop\SASCORE.EXE
12:23:46.0671 2384 !SASCORE - ok
12:23:46.0812 2384 Abiosdsk - ok
12:23:46.0828 2384 abp480n5 - ok
12:23:46.0906 2384 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:23:46.0921 2384 ACPI - ok
12:23:46.0953 2384 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:23:47.0000 2384 ACPIEC - ok
12:23:47.0000 2384 adpu160m - ok
12:23:47.0125 2384 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:23:47.0140 2384 aec - ok
12:23:47.0171 2384 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:23:47.0171 2384 AFD - ok
12:23:47.0171 2384 Aha154x - ok
12:23:47.0187 2384 aic78u2 - ok
12:23:47.0187 2384 aic78xx - ok
12:23:47.0250 2384 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
12:23:47.0250 2384 Alerter - ok
12:23:47.0281 2384 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
12:23:47.0281 2384 ALG - ok
12:23:47.0281 2384 AliIde - ok
12:23:47.0296 2384 amsint - ok
12:23:47.0328 2384 androidusb (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\WINDOWS\system32\Drivers\ssadadb.sys
12:23:47.0328 2384 androidusb - ok
12:23:47.0390 2384 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:23:47.0390 2384 Apple Mobile Device - ok
12:23:47.0406 2384 AppMgmt - ok
12:23:47.0406 2384 asc - ok
12:23:47.0421 2384 asc3350p - ok
12:23:47.0421 2384 asc3550 - ok
12:23:47.0515 2384 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:23:47.0593 2384 aspnet_state - ok
12:23:47.0609 2384 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:23:47.0609 2384 AsyncMac - ok
12:23:47.0656 2384 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:23:47.0656 2384 atapi - ok
12:23:47.0656 2384 Atdisk - ok
12:23:47.0703 2384 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:23:47.0703 2384 Atmarpc - ok
12:23:47.0718 2384 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
12:23:47.0718 2384 AudioSrv - ok
12:23:47.0734 2384 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:23:47.0734 2384 audstub - ok
12:23:47.0765 2384 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:23:47.0781 2384 Beep - ok
12:23:47.0828 2384 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
12:23:47.0953 2384 BITS - ok
12:23:48.0031 2384 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files\Bonjour\mDNSResponder.exe
12:23:48.0031 2384 Bonjour Service - ok
12:23:48.0078 2384 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
12:23:48.0078 2384 Browser - ok
12:23:48.0093 2384 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys
12:23:48.0093 2384 BthEnum - ok
12:23:48.0125 2384 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys
12:23:48.0140 2384 BthPan - ok
12:23:48.0171 2384 BTHPORT (662bfd909447dd9cc15b1a1c366583b4) C:\WINDOWS\system32\Drivers\BTHport.sys
12:23:48.0187 2384 BTHPORT - ok
12:23:48.0218 2384 BthServ (f4c43c66471b87996d95db7a3a664a37) C:\WINDOWS\System32\bthserv.dll
12:23:48.0234 2384 BthServ - ok
12:23:48.0250 2384 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys
12:23:48.0250 2384 BTHUSB - ok
12:23:48.0437 2384 catchme - ok
12:23:48.0468 2384 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:23:48.0468 2384 cbidf2k - ok
12:23:48.0515 2384 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:23:48.0515 2384 CCDECODE - ok
12:23:48.0531 2384 cd20xrnt - ok
12:23:48.0562 2384 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:23:48.0562 2384 Cdaudio - ok
12:23:48.0593 2384 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:23:48.0593 2384 Cdfs - ok
12:23:48.0609 2384 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:23:48.0609 2384 Cdrom - ok
12:23:48.0640 2384 cercsr6 (84853b3fd012251690570e9e7e43343f) C:\WINDOWS\system32\drivers\cercsr6.sys
12:23:48.0640 2384 cercsr6 - ok
12:23:48.0656 2384 Changer - ok
12:23:48.0687 2384 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
12:23:48.0687 2384 CiSvc - ok
12:23:48.0718 2384 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
12:23:48.0734 2384 ClipSrv - ok
12:23:48.0812 2384 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:23:48.0890 2384 clr_optimization_v2.0.50727_32 - ok
12:23:49.0062 2384 cmdAgent (d95bc532839d710bf6eb3f5e32314b3e) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
12:23:49.0078 2384 cmdAgent - ok
12:23:49.0234 2384 cmdGuard (be1e51b694cadc4043e428a914ee544e) C:\WINDOWS\system32\DRIVERS\cmdguard.sys
12:23:49.0234 2384 cmdGuard - ok
12:23:49.0250 2384 cmdHlp (f0a78783a95b788856eec1c36d0a1e59) C:\WINDOWS\system32\DRIVERS\cmdhlp.sys
12:23:49.0250 2384 cmdHlp - ok
12:23:49.0265 2384 CmdIde - ok
12:23:49.0265 2384 COMSysApp - ok
12:23:49.0281 2384 Cpqarray - ok
12:23:49.0312 2384 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
12:23:49.0312 2384 CryptSvc - ok
12:23:49.0328 2384 dac2w2k - ok
12:23:49.0328 2384 dac960nt - ok
12:23:49.0390 2384 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
12:23:49.0406 2384 DcomLaunch - ok
12:23:49.0421 2384 dgderdrv (d0d4f3ca1d3a4400e1f40f36a800cd12) C:\WINDOWS\system32\drivers\dgderdrv.sys
12:23:49.0437 2384 dgderdrv - ok
12:23:49.0453 2384 dgdersvc (1f7baca7d1dd1b3d73b4c3934148fad3) C:\WINDOWS\system32\dgdersvc.exe
12:23:49.0453 2384 dgdersvc - ok
12:23:49.0500 2384 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
12:23:49.0500 2384 Dhcp - ok
12:23:49.0531 2384 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:23:49.0531 2384 Disk - ok
12:23:49.0546 2384 dmadmin - ok
12:23:49.0609 2384 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:23:49.0625 2384 dmboot - ok
12:23:49.0656 2384 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
12:23:49.0671 2384 dmio - ok
12:23:49.0703 2384 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:23:49.0703 2384 dmload - ok
12:23:49.0750 2384 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
12:23:49.0750 2384 dmserver - ok
12:23:49.0781 2384 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:23:49.0781 2384 DMusic - ok
12:23:49.0812 2384 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
12:23:49.0812 2384 Dnscache - ok
12:23:49.0843 2384 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
12:23:49.0843 2384 Dot3svc - ok
12:23:49.0859 2384 dpti2o - ok
12:23:49.0890 2384 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:23:49.0890 2384 drmkaud - ok
12:23:49.0921 2384 E100B (95974e66d3de4951d29e28e8bc0b644c) C:\WINDOWS\system32\DRIVERS\e100b325.sys
12:23:49.0921 2384 E100B - ok
12:23:49.0953 2384 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
12:23:49.0968 2384 EapHost - ok
12:23:50.0000 2384 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
12:23:50.0000 2384 ERSvc - ok
12:23:50.0015 2384 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:23:50.0031 2384 Eventlog - ok
12:23:50.0062 2384 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
12:23:50.0062 2384 EventSystem - ok
12:23:50.0093 2384 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:23:50.0093 2384 Fastfat - ok
12:23:50.0125 2384 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:23:50.0140 2384 FastUserSwitchingCompatibility - ok
12:23:50.0171 2384 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
12:23:50.0171 2384 Fdc - ok
12:23:50.0203 2384 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:23:50.0218 2384 Fips - ok
12:23:50.0234 2384 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:23:50.0234 2384 Flpydisk - ok
12:23:50.0296 2384 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
12:23:50.0296 2384 FltMgr - ok
12:23:50.0406 2384 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:23:50.0406 2384 FontCache3.0.0.0 - ok
12:23:50.0437 2384 FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\WINDOWS\system32\FsUsbExDisk.SYS
12:23:50.0437 2384 FsUsbExDisk - ok
12:23:50.0484 2384 FsUsbExService (f96c429788350db4ba6771c3034dfd88) C:\WINDOWS\system32\FsUsbExService.Exe
12:23:50.0484 2384 FsUsbExService - ok
12:23:50.0515 2384 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:23:50.0515 2384 Fs_Rec - ok
12:23:50.0546 2384 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:23:50.0546 2384 Ftdisk - ok
12:23:50.0578 2384 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:23:50.0578 2384 GEARAspiWDM - ok
12:23:50.0609 2384 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:23:50.0609 2384 Gpc - ok
12:23:50.0640 2384 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:23:50.0640 2384 HDAudBus - ok
12:23:50.0687 2384 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:23:50.0687 2384 helpsvc - ok
12:23:50.0703 2384 HidServ - ok
12:23:50.0703 2384 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:23:50.0703 2384 hidusb - ok
12:23:50.0750 2384 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
12:23:50.0750 2384 hkmsvc - ok
12:23:50.0765 2384 hpn - ok
12:23:50.0796 2384 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:23:50.0796 2384 HTTP - ok
12:23:50.0828 2384 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
12:23:50.0828 2384 HTTPFilter - ok
12:23:50.0843 2384 i2omgmt - ok
12:23:50.0843 2384 i2omp - ok
12:23:50.0875 2384 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\drivers\i8042prt.sys
12:23:50.0875 2384 i8042prt - ok
12:23:50.0984 2384 ialm (240d0f5d7caafd87bd8d801a97bbe041) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
12:23:51.0000 2384 ialm - ok
12:23:51.0156 2384 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:23:51.0171 2384 idsvc - ok
12:23:51.0281 2384 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:23:51.0281 2384 Imapi - ok
12:23:51.0312 2384 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
12:23:51.0312 2384 ImapiService - ok
12:23:51.0328 2384 ini910u - ok
12:23:51.0375 2384 Inspect (d22ac37cbe6cf295416ef84245b804a8) C:\WINDOWS\system32\DRIVERS\inspect.sys
12:23:51.0375 2384 Inspect - ok
12:23:51.0390 2384 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
12:23:51.0390 2384 IntelIde - ok
12:23:51.0421 2384 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:23:51.0421 2384 intelppm - ok
12:23:51.0453 2384 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
12:23:51.0453 2384 Ip6Fw - ok
12:23:51.0484 2384 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:23:51.0484 2384 IpFilterDriver - ok
12:23:51.0500 2384 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:23:51.0500 2384 IpInIp - ok
12:23:51.0531 2384 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:23:51.0531 2384 IpNat - ok
12:23:51.0640 2384 iPod Service (3a6d4d8abacf64292d060c9e06d2050d) C:\Program Files\iPod\bin\iPodService.exe
12:23:51.0656 2384 iPod Service - ok
12:23:51.0687 2384 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:23:51.0687 2384 IPSec - ok
12:23:51.0703 2384 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:23:51.0703 2384 IRENUM - ok
12:23:51.0718 2384 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:23:51.0718 2384 isapnp - ok
12:23:51.0781 2384 JavaQuickStarterService (a38441ed570f190cc041a7be49488fa7) C:\Program Files\Java\jre6\bin\jqs.exe
12:23:51.0796 2384 JavaQuickStarterService - ok
12:23:51.0812 2384 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:23:51.0812 2384 Kbdclass - ok
12:23:51.0828 2384 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:23:51.0828 2384 kbdhid - ok
12:23:51.0859 2384 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:23:51.0859 2384 kmixer - ok
12:23:51.0890 2384 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:23:51.0890 2384 KSecDD - ok
12:23:51.0921 2384 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
12:23:51.0921 2384 lanmanserver - ok
12:23:51.0968 2384 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
12:23:51.0984 2384 lanmanworkstation - ok
12:23:51.0984 2384 lbrtfdc - ok
12:23:52.0015 2384 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
12:23:52.0031 2384 LmHosts - ok
12:23:52.0062 2384 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
12:23:52.0062 2384 Messenger - ok
12:23:52.0093 2384 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:23:52.0093 2384 mnmdd - ok
12:23:52.0125 2384 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
12:23:52.0125 2384 mnmsrvc - ok
12:23:52.0156 2384 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:23:52.0156 2384 Modem - ok
12:23:52.0187 2384 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:23:52.0187 2384 Mouclass - ok
12:23:52.0234 2384 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:23:52.0234 2384 mouhid - ok
12:23:52.0265 2384 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:23:52.0265 2384 MountMgr - ok
12:23:52.0281 2384 mraid35x - ok
12:23:52.0296 2384 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:23:52.0296 2384 MRxDAV - ok
12:23:52.0359 2384 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:23:52.0359 2384 MRxSmb - ok
12:23:52.0390 2384 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
12:23:52.0390 2384 MSDTC - ok
12:23:52.0421 2384 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:23:52.0421 2384 Msfs - ok
12:23:52.0437 2384 MSIServer - ok
12:23:52.0437 2384 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:23:52.0437 2384 MSKSSRV - ok
12:23:52.0468 2384 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:23:52.0468 2384 MSPCLOCK - ok
12:23:52.0484 2384 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:23:52.0484 2384 MSPQM - ok
12:23:52.0515 2384 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:23:52.0515 2384 mssmbios - ok
12:23:52.0531 2384 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:23:52.0531 2384 MSTEE - ok
12:23:52.0546 2384 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:23:52.0546 2384 Mup - ok
12:23:52.0593 2384 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:23:52.0593 2384 NABTSFEC - ok
12:23:52.0671 2384 NanoServiceMain (a830e59f98827943686e90bf79fc96fa) C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
12:23:52.0671 2384 NanoServiceMain - ok
12:23:52.0734 2384 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
12:23:52.0734 2384 napagent - ok
12:23:52.0781 2384 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:23:52.0781 2384 NDIS - ok
12:23:52.0812 2384 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:23:52.0812 2384 NdisIP - ok
12:23:52.0843 2384 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:23:52.0843 2384 NdisTapi - ok
12:23:52.0859 2384 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:23:52.0859 2384 Ndisuio - ok
12:23:52.0890 2384 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:23:52.0890 2384 NdisWan - ok
12:23:52.0906 2384 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:23:52.0906 2384 NDProxy - ok
12:23:52.0937 2384 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:23:52.0937 2384 NetBIOS - ok
12:23:52.0968 2384 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:23:52.0968 2384 NetBT - ok
12:23:53.0015 2384 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:23:53.0015 2384 NetDDE - ok
12:23:53.0031 2384 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
12:23:53.0031 2384 NetDDEdsdm - ok
12:23:53.0062 2384 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:23:53.0062 2384 Netlogon - ok
12:23:53.0109 2384 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
12:23:53.0125 2384 Netman - ok
12:23:53.0187 2384 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:23:53.0203 2384 NetTcpPortSharing - ok
12:23:53.0234 2384 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
12:23:53.0250 2384 Nla - ok
12:23:53.0265 2384 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:23:53.0265 2384 Npfs - ok
12:23:53.0312 2384 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:23:53.0312 2384 Ntfs - ok
12:23:53.0328 2384 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:23:53.0328 2384 NtLmSsp - ok
12:23:53.0390 2384 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
12:23:53.0406 2384 NtmsSvc - ok
12:23:53.0421 2384 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:23:53.0421 2384 Null - ok
12:23:53.0453 2384 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:23:53.0468 2384 NwlnkFlt - ok
12:23:53.0468 2384 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:23:53.0484 2384 NwlnkFwd - ok
12:23:53.0500 2384 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys
12:23:53.0515 2384 Parport - ok
12:23:53.0515 2384 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:23:53.0515 2384 PartMgr - ok
12:23:53.0531 2384 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:23:53.0546 2384 ParVdm - ok
12:23:53.0546 2384 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:23:53.0546 2384 PCI - ok
12:23:53.0562 2384 PCIDump - ok
12:23:53.0578 2384 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
12:23:53.0578 2384 PCIIde - ok
12:23:53.0625 2384 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:23:53.0625 2384 Pcmcia - ok
12:23:53.0640 2384 PDCOMP - ok
12:23:53.0640 2384 PDFRAME - ok
12:23:53.0656 2384 PDRELI - ok
12:23:53.0671 2384 PDRFRAME - ok
12:23:53.0671 2384 perc2 - ok
12:23:53.0687 2384 perc2hib - ok
12:23:53.0750 2384 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
12:23:53.0750 2384 PlugPlay - ok
12:23:53.0750 2384 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:23:53.0765 2384 PolicyAgent - ok
12:23:53.0796 2384 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:23:53.0796 2384 PptpMiniport - ok
12:23:53.0796 2384 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:23:53.0796 2384 ProtectedStorage - ok
12:23:53.0812 2384 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:23:53.0812 2384 PSched - ok
12:23:53.0859 2384 PSINAflt (9abf1d1da5afaaaa41fcbd940aa2e844) C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
12:23:53.0859 2384 PSINAflt - ok
12:23:53.0890 2384 PSINFile (5bab5fb4cb1963f643a1a8b4d816cf8f) C:\WINDOWS\system32\DRIVERS\PSINFile.sys
12:23:53.0890 2384 PSINFile - ok
12:23:53.0921 2384 PSINKNC (0518f472a69249e18612e29278bd58ec) C:\WINDOWS\system32\DRIVERS\psinknc.sys
12:23:53.0921 2384 PSINKNC - ok
12:23:53.0937 2384 PSINProc (87b2fe6d7b427947541360f48c302054) C:\WINDOWS\system32\DRIVERS\PSINProc.sys
12:23:53.0937 2384 PSINProc - ok
12:23:53.0968 2384 PSINProt (f4804beb5ff6741019b56a02ead4d3b7) C:\WINDOWS\system32\DRIVERS\PSINProt.sys
12:23:53.0968 2384 PSINProt - ok
12:23:54.0000 2384 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:23:54.0000 2384 Ptilink - ok
12:23:54.0031 2384 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:23:54.0031 2384 PxHelp20 - ok
12:23:54.0031 2384 ql1080 - ok
12:23:54.0046 2384 Ql10wnt - ok
12:23:54.0062 2384 ql12160 - ok
12:23:54.0062 2384 ql1240 - ok
12:23:54.0078 2384 ql1280 - ok
12:23:54.0078 2384 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:23:54.0078 2384 RasAcd - ok
12:23:54.0109 2384 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
12:23:54.0109 2384 RasAuto - ok
12:23:54.0140 2384 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:23:54.0140 2384 Rasl2tp - ok
12:23:54.0187 2384 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
12:23:54.0187 2384 RasMan - ok
12:23:54.0203 2384 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:23:54.0218 2384 RasPppoe - ok
12:23:54.0218 2384 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:23:54.0234 2384 Raspti - ok
12:23:54.0250 2384 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:23:54.0265 2384 Rdbss - ok
12:23:54.0265 2384 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:23:54.0265 2384 RDPCDD - ok
12:23:54.0312 2384 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
12:23:54.0328 2384 RDPWD - ok
12:23:54.0359 2384 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
12:23:54.0359 2384 RDSessMgr - ok
12:23:54.0406 2384 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:23:54.0406 2384 redbook - ok
12:23:54.0437 2384 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
12:23:54.0437 2384 RemoteAccess - ok
12:23:54.0484 2384 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys
12:23:54.0484 2384 RFCOMM - ok
12:23:54.0500 2384 RkPavproc1 - ok
12:23:54.0515 2384 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
12:23:54.0531 2384 RpcLocator - ok
12:23:54.0578 2384 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
12:23:54.0578 2384 RpcSs - ok
12:23:54.0609 2384 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
12:23:54.0625 2384 RSVP - ok
12:23:54.0640 2384 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
12:23:54.0640 2384 SamSs - ok
12:23:54.0734 2384 SASDIFSV (39763504067962108505bff25f024345) C:\Documents and Settings\Veron\Desktop\SASDIFSV.SYS
12:23:54.0734 2384 SASDIFSV - ok
12:23:54.0765 2384 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Documents and Settings\Veron\Desktop\SASKUTIL.SYS
12:23:54.0765 2384 SASKUTIL - ok
12:23:54.0781 2384 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
12:23:54.0781 2384 SCardSvr - ok
12:23:54.0812 2384 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
12:23:54.0812 2384 Schedule - ok
12:23:54.0906 2384 SeaPort (271077b91d7ad1b616f8afdfe8e3f981) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
12:23:54.0921 2384 SeaPort - ok
12:23:54.0984 2384 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:23:54.0984 2384 Secdrv - ok
12:23:55.0046 2384 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
12:23:55.0046 2384 seclogon - ok
12:23:55.0078 2384 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
12:23:55.0078 2384 SENS - ok
12:23:55.0125 2384 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
12:23:55.0125 2384 Serial - ok
12:23:55.0156 2384 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:23:55.0156 2384 Sfloppy - ok
12:23:55.0218 2384 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
12:23:55.0218 2384 SharedAccess - ok
12:23:55.0265 2384 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:23:55.0265 2384 ShellHWDetection - ok
12:23:55.0265 2384 Simbad - ok
12:23:55.0312 2384 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:23:55.0312 2384 SLIP - ok
12:23:55.0593 2384 SNP2UVC (e1f5f9fbf8a2cfed174e4ec38a358b93) C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
12:23:55.0640 2384 SNP2UVC - ok
12:23:55.0734 2384 Sparrow - ok
12:23:55.0750 2384 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:23:55.0750 2384 splitter - ok
12:23:55.0781 2384 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
12:23:55.0796 2384 Spooler - ok
12:23:55.0828 2384 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:23:55.0828 2384 sr - ok
12:23:55.0859 2384 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
12:23:55.0875 2384 srservice - ok
12:23:55.0906 2384 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:23:55.0921 2384 Srv - ok
12:23:55.0968 2384 ssadbus (406776fe3c2b66796bac1a7afb9ac8a1) C:\WINDOWS\system32\DRIVERS\ssadbus.sys
12:23:55.0968 2384 ssadbus - ok
12:23:56.0000 2384 ssadmdfl (b19532d015a5d295e2aa34bb521202cf) C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
12:23:56.0000 2384 ssadmdfl - ok
12:23:56.0031 2384 ssadmdm (2aebf9108e6f435458b9499c27394da4) C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
12:23:56.0031 2384 ssadmdm - ok
12:23:56.0062 2384 ssadserd (28f893c9b4e98dee5ae3c24db56b1b11) C:\WINDOWS\system32\DRIVERS\ssadserd.sys
12:23:56.0062 2384 ssadserd - ok
12:23:56.0109 2384 sscebus (b2063ce662af3ab20045121a5b716df6) C:\WINDOWS\system32\DRIVERS\sscebus.sys
12:23:56.0125 2384 sscebus - ok
12:23:56.0125 2384 sscemdfl (66799dc0afe3dcaf8368cae17394a762) C:\WINDOWS\system32\DRIVERS\sscemdfl.sys
12:23:56.0125 2384 sscemdfl - ok
12:23:56.0140 2384 sscemdm (cbf03ffc08f8db547bab2f79aa663d16) C:\WINDOWS\system32\DRIVERS\sscemdm.sys
12:23:56.0156 2384 sscemdm - ok
12:23:56.0203 2384 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
12:23:56.0203 2384 SSDPSRV - ok
12:23:56.0265 2384 ss_bbus (3f0164fbc0bd1adbd02df9759181451a) C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
12:23:56.0265 2384 ss_bbus - ok
12:23:56.0296 2384 ss_bmdfl (b89d62206034e5fe573c80a24dd55675) C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
12:23:56.0296 2384 ss_bmdfl - ok
12:23:56.0328 2384 ss_bmdm (1ed0fcea586fe2a416ee15196e5631dd) C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
12:23:56.0328 2384 ss_bmdm - ok
12:23:56.0359 2384 ss_bserd (994d2e5378cc337ec7dd73c1e04fcaa4) C:\WINDOWS\system32\DRIVERS\ss_bserd.sys
12:23:56.0359 2384 ss_bserd - ok
12:23:56.0468 2384 STHDA (26eb7acf476a3461b85f5bce9a677a4a) C:\WINDOWS\system32\drivers\sthda.sys
12:23:56.0468 2384 STHDA - ok
12:23:56.0531 2384 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
12:23:56.0546 2384 stisvc - ok
12:23:56.0593 2384 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:23:56.0593 2384 streamip - ok
12:23:56.0640 2384 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:23:56.0640 2384 swenum - ok
12:23:56.0671 2384 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:23:56.0671 2384 swmidi - ok
12:23:56.0687 2384 SwPrv - ok
12:23:56.0703 2384 symc810 - ok
12:23:56.0703 2384 symc8xx - ok
12:23:56.0718 2384 sym_hi - ok
12:23:56.0718 2384 sym_u3 - ok
12:23:56.0750 2384 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:23:56.0765 2384 sysaudio - ok
12:23:56.0796 2384 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
12:23:56.0796 2384 SysmonLog - ok
12:23:56.0843 2384 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
12:23:56.0843 2384 TapiSrv - ok
12:23:56.0890 2384 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:23:56.0906 2384 Tcpip - ok
12:23:56.0937 2384 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:23:56.0937 2384 TDPIPE - ok
12:23:56.0984 2384 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:23:56.0984 2384 TDTCP - ok
12:23:57.0031 2384 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:23:57.0031 2384 TermDD - ok
12:23:57.0078 2384 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
12:23:57.0078 2384 TermService - ok
12:23:57.0109 2384 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
12:23:57.0125 2384 Themes - ok
12:23:57.0125 2384 TosIde - ok
12:23:57.0156 2384 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
12:23:57.0171 2384 TrkWks - ok
12:23:57.0218 2384 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:23:57.0218 2384 Udfs - ok
12:23:57.0234 2384 ultra - ok
12:23:57.0281 2384 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:23:57.0296 2384 Update - ok
12:23:57.0328 2384 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
12:23:57.0343 2384 upnphost - ok
12:23:57.0359 2384 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
12:23:57.0375 2384 UPS - ok
12:23:57.0421 2384 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
12:23:57.0421 2384 USBAAPL - ok
12:23:57.0468 2384 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
12:23:57.0468 2384 usbaudio - ok
12:23:57.0500 2384 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:23:57.0500 2384 usbccgp - ok
12:23:57.0531 2384 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:23:57.0546 2384 usbehci - ok
12:23:57.0562 2384 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:23:57.0562 2384 usbhub - ok
12:23:57.0609 2384 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:23:57.0609 2384 usbprint - ok
12:23:57.0640 2384 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:23:57.0640 2384 usbscan - ok
12:23:57.0671 2384 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:23:57.0671 2384 USBSTOR - ok
12:23:57.0703 2384 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:23:57.0703 2384 usbuhci - ok
12:23:57.0750 2384 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
12:23:57.0750 2384 usbvideo - ok
12:23:57.0796 2384 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:23:57.0796 2384 VgaSave - ok
12:23:57.0796 2384 ViaIde - ok
12:23:57.0828 2384 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:23:57.0828 2384 VolSnap - ok
12:23:57.0890 2384 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
12:23:57.0890 2384 VSS - ok
12:23:57.0937 2384 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
12:23:57.0937 2384 W32Time - ok
12:23:57.0984 2384 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:23:57.0984 2384 Wanarp - ok
12:23:58.0046 2384 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
12:23:58.0062 2384 Wdf01000 - ok
12:23:58.0078 2384 WDICA - ok
12:23:58.0125 2384 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:23:58.0125 2384 wdmaud - ok
12:23:58.0156 2384 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
12:23:58.0156 2384 WebClient - ok
12:23:58.0218 2384 WinDefend (f45dd1e1365d857dd08bc23563370d0e) C:\Program Files\Windows Defender\MsMpEng.exe
12:23:58.0218 2384 WinDefend - ok
12:23:58.0328 2384 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
12:23:58.0328 2384 winmgmt - ok
12:23:58.0375 2384 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\mspmsnsv.dll
12:23:58.0375 2384 WmdmPmSN - ok
12:23:58.0421 2384 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:23:58.0421 2384 WmiApSrv - ok
12:23:58.0546 2384 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
12:23:58.0562 2384 WMPNetworkSvc - ok
12:23:58.0625 2384 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
12:23:58.0640 2384 WpdUsb - ok
12:23:58.0671 2384 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:23:58.0687 2384 WS2IFSL - ok
12:23:58.0718 2384 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
12:23:58.0734 2384 wscsvc - ok
12:23:58.0765 2384 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:23:58.0765 2384 WSTCODEC - ok
12:23:58.0812 2384 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
12:23:58.0812 2384 wuauserv - ok
12:23:58.0843 2384 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:23:58.0859 2384 WudfPf - ok
12:23:58.0859 2384 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:23:58.0875 2384 WudfRd - ok
12:23:58.0906 2384 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
12:23:58.0906 2384 WudfSvc - ok
12:23:58.0984 2384 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
12:23:59.0000 2384 WZCSVC - ok
12:23:59.0031 2384 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
12:23:59.0046 2384 xmlprov - ok
12:23:59.0078 2384 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:23:59.0281 2384 \Device\Harddisk0\DR0 - ok
12:23:59.0296 2384 MBR (0x1B8) (2852254352eac3b4f1a878ff2733facc) \Device\Harddisk1\DR3
12:24:06.0890 2384 \Device\Harddisk1\DR3 - ok
12:24:06.0906 2384 Boot (0x1200) (a7e96cb85d7519c9979bf10d33b36757) \Device\Harddisk0\DR0\Partition0
12:24:06.0921 2384 \Device\Harddisk0\DR0\Partition0 - ok
12:24:06.0921 2384 ============================================================
12:24:06.0921 2384 Scan finished
12:24:06.0921 2384 ============================================================
12:24:06.0937 3228 Detected object count: 0
12:24:06.0937 3228 Actual detected object count: 0




Last edited by veronica8910 on Mon 14 May 2012, 4:26 am; edited 1 time in total

veronica8910

Rookie Surfer
Rookie Surfer

Posts : 77
Joined : 2009-08-07
Operating System : windows xp 32 bit

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by veronica8910 on Mon 14 May 2012, 4:25 am

combofix-log

ComboFix 12-05-13.03 - Administrator 05/13/2012 18:07:45.6.1 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.2294.1988 [GMT 1:00]
Running from: c:\documents and settings\Administrator\Desktop\PCHelpForum.exe
AV: Panda Cloud Antivirus *Enabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
AV: Virgin Media Security Anti-Virus *Enabled/Outdated* {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
FW: Virgin Media Security Firewall *Enabled* {80593BF4-D969-4EC5-ADAE-A22F2DFC7A22}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\windows\system32\advapi32(2).dll
c:\windows\system32\ctfmon(2).exe
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\kernel32(2).dll
c:\windows\system32\muzapp.exe
c:\windows\system32\services(2).exe
c:\windows\system32\system
.
.
((((((((((((((((((((((((( Files Created from 2012-04-13 to 2012-05-13 )))))))))))))))))))))))))))))))
.
.
2012-05-13 17:02 . 2012-05-13 17:02 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Opera
2012-05-12 19:03 . 2012-05-12 19:03 56200 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{72C53F69-8621-4C86-B797-972A0B2D1E70}\offreg.dll
2012-05-11 19:01 . 2012-04-18 02:06 6734704 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{72C53F69-8621-4C86-B797-972A0B2D1E70}\mpengine.dll
2012-05-10 20:21 . 2012-05-10 20:21 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2012-05-10 18:07 . 2012-05-10 18:07 -------- d-----w- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2012-05-10 17:44 . 2012-05-10 17:44 -------- d-----w- c:\program files\Common Files\Java
2012-05-10 17:44 . 2012-05-10 17:43 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-05-10 17:44 . 2012-05-10 17:43 476960 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-05-10 12:31 . 2012-05-10 12:31 -------- d-----w- c:\windows\system32\wbem\Repository
2012-05-10 12:22 . 2012-05-10 12:22 -------- d-----w- c:\program files\BitTorrent
2012-05-10 12:21 . 2012-05-10 12:21 -------- d-----w- c:\program files\PKR
2012-05-10 12:21 . 2012-05-10 12:21 -------- d-----r- c:\program files\Skype
2012-05-10 12:21 . 2012-05-10 12:21 -------- d-----w- c:\program files\Common Files\Skype
2012-05-10 12:20 . 2012-05-10 12:20 -------- d-----w- c:\program files\Common Files\xing shared
2012-05-10 12:19 . 2012-05-10 12:19 -------- d-----w- c:\program files\DVD Flick
2012-05-10 11:43 . 2012-05-10 12:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
2012-05-10 11:43 . 2012-05-10 12:19 -------- d-----w- c:\program files\QuickTime
2012-05-10 11:22 . 2012-05-10 11:22 -------- d-sh--w- c:\documents and settings\Administrator\IETldCache
2012-05-07 15:19 . 2012-05-07 15:19 -------- d-----w- c:\program files\MetaGeek
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-10 17:43 . 2010-08-25 02:58 472864 ----a-w- c:\windows\system32\deployJava1.dll
2012-04-18 02:06 . 2009-07-18 20:19 6734704 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2012-04-04 14:56 . 2009-08-01 20:29 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-02-23 09:18 . 2009-11-05 17:41 237072 ------w- c:\windows\system32\MpSigStub.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\system32\drivers\atapi.sys
[-] 2004-08-04 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
.
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\asyncmac.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\system32\drivers\asyncmac.sys
.
[-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\cache\beep.sys
[-] 2004-08-04 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
.
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kbdclass.sys
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\kbdclass.sys
[-] 2008-04-13 . 463C1EC80CD17420A542B7F36A36F128 . 24576 . . [5.1.2600.5512] . . c:\windows\system32\drivers\kbdclass.sys
.
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\ndis.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ndis.sys
.
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\ntfs.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ntfs.sys
.
[-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\cache\null.sys
[-] 2004-08-04 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
.
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\cache\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-04-13 19:20 . 74E3807D4D0B922A177B7BF3CA4FC41C . 361344 . . [------] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys
.
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll
[-] 2008-04-14 . A06CE3399D16DB864F55FAEB1F1927A9 . 77824 . . [5.1.2600.5512] . . c:\windows\system32\browser.dll
.
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lsass.exe
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\lsass.exe
[-] 2008-04-14 . BF2466B3E18E970D8A976FB95FC1CA85 . 13312 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\lsass.exe
.
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netman.dll
[-] 2008-04-14 . 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE . 198144 . . [5.1.2600.5512] . . c:\windows\system32\netman.dll
.
[-] 2008-04-14 00:11 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\ServicePackFiles\i386\comres.dll
[-] 2008-04-14 00:11 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\system32\comres.dll
[-] 2008-04-14 00:11 . 1280A158C722FA95A80FB7AEBE78FA7D . 792064 . . [2001.12.4414.700] . . c:\windows\system32\dllcache\cache\comres.dll
.
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\ServicePackFiles\i386\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\bits\qmgr.dll
[-] 2008-04-14 . 574738F61FCA2935F5265DC4E5691314 . 409088 . . [6.7.2600.5512] . . c:\windows\system32\dllcache\cache\qmgr.dll
.
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 6B27A5C03DFB94B4245739065431322C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\cache\rpcss.dll
[-] 2009-02-09 . 9222562D44021B988B9F9F62207FB6F2 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2008-04-14 . 2589FE6015A316C0F5D5112B4DA7B509 . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll
.
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-06 . 65DF52F5B8B6E9BBD183505225C37315 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\cache\services.exe
[-] 2009-02-06 . 020CEAAEDC8EB655B6506B8C70D53BB6 . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . 0E776ED5F7CC9F94299E70461B7B8185 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe
.
[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe
[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe
[-] 2008-04-14 . D8E14A61ACC1D4A6CD0D38AEBAC7FA3B . 57856 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\spoolsv.exe
.
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\winlogon.exe
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\winlogon.exe
[-] 2008-04-14 . ED0EF0A136DEC83DF69F04118870003E . 507904 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\winlogon.exe
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
.
[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2010-08-23 . 93AFB83FBC1F9443CAC722FCA63D73BF . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2010-08-23 . 736B12B725AEB2B07F0241A9F680CB10 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
[-] 2008-04-14 . BD38D1EBE24A46BD3EDA059560AFBA12 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll
[-] 2008-04-14 . 06F247492BC786CE5C24A23E178C711A . 617472 . . [5.82] . . c:\windows\system32\dllcache\cache\comctl32.dll
[-] 2004-08-04 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2004-08-04 . 5AF68A5E44734A082442668E9C787743 . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
.
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\cryptsvc.dll
[-] 2008-04-14 . 3D4E199942E29207970E04315D02AD3B . 62464 . . [5.1.2600.5512] . . c:\windows\system32\cryptsvc.dll
.
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:26 . D4991D98F2DB73C60D042F1AEF79EFAE . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:23 . F17F6226BDC0CD5F0BEF0DAF84D29BEC . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2008-04-14 00:11 . 19A799805B24990867B00C120D300C3A . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll
.
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\imm32.dll
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\imm32.dll
[-] 2008-04-14 . 0DA85218E92526972A821587E6A8BF8F . 110080 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\imm32.dll
.
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . B921FB870C9AC0D509B2CCABBBBE95F3 . 989696 . . [5.1.2600.5781] . . c:\windows\system32\dllcache\cache\kernel32.dll
[-] 2009-03-21 . DA11D9D6ECBDF0F93436A4B7C13F7BEC . 991744 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . C24B983D211C34DA8FCC1AC38477971D . 989696 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll
.
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\linkinfo.dll
[-] 2008-04-14 . 2DC5A8019E2387987905F77C664E4BE2 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\linkinfo.dll
.
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\lpk.dll
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\lpk.dll
[-] 2008-04-14 . 012DF358CEBAA23ACB26D82077820817 . 22016 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\lpk.dll
.
[-] 2012-03-01 . DADE53318D8E5335EE2E1745F1C3FC4D . 5978624 . . [8.00.6001.19222] . . c:\windows\SoftwareDistribution\Download\10e15349103fd74db71a357203602738\SP3GDR\mshtml.dll
[-] 2012-03-01 . 5DBB0C997AD276BCE9D30CD609BDBF67 . 5980672 . . [8.00.6001.23318] . . c:\windows\SoftwareDistribution\Download\10e15349103fd74db71a357203602738\SP3QFE\mshtml.dll
[-] 2011-11-04 . DD8D655E1881B70A5259A23A6018A6C2 . 5978112 . . [8.00.6001.19170] . . c:\windows\system32\mshtml.dll
[-] 2011-11-04 . DD8D655E1881B70A5259A23A6018A6C2 . 5978112 . . [8.00.6001.19170] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2011-11-04 . 699421E2E1313C18671A703953CAE14B . 5978624 . . [8.00.6001.23266] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll
[-] 2011-10-03 . 4963CB503600FC3BCBDBFBA51FBA1FAC . 5971456 . . [8.00.6001.19154] . . c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
[-] 2011-10-03 . 1240A6B7B470BED0AA6C9FEC7AB0EA26 . 5972992 . . [8.00.6001.23250] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll
[-] 2011-07-25 . 23B3C8E9F3F280180573569253CE98AB . 5969920 . . [8.00.6001.19120] . . c:\windows\ie8updates\KB2586448-IE8\mshtml.dll
[-] 2011-07-25 . BCE7CCEBAD6C8955D2B4C3B246BD0E57 . 5971456 . . [8.00.6001.23216] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll
[-] 2011-05-30 . 22BA5235EA846EDA87F68A1DCC2BFCF9 . 5964800 . . [8.00.6001.19088] . . c:\windows\ie8updates\KB2559049-IE8\mshtml.dll
[-] 2011-05-30 . 22BA5235EA846EDA87F68A1DCC2BFCF9 . 5964800 . . [8.00.6001.19088] . . c:\windows\SoftwareDistribution\Download\730e51ab61fc82e473594dd494abebf2\SP3GDR\mshtml.dll
[-] 2011-05-30 . D0B1DB576941CB0B6669B8752FFAC79A . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll
[-] 2011-05-30 . D0B1DB576941CB0B6669B8752FFAC79A . 5967360 . . [8.00.6001.23181] . . c:\windows\SoftwareDistribution\Download\730e51ab61fc82e473594dd494abebf2\SP3QFE\mshtml.dll
[-] 2011-04-25 . 4C57EAF103103F4BCD084A9A353573B0 . 3608576 . . [7.00.6000.17098] . . c:\windows\ie8\mshtml.dll
[-] 2011-04-25 . 7E9C4CD54CC21D3F0F7AC8A562FF7101 . 3610624 . . [7.00.6000.21300] . . c:\windows\$hf_mig$\KB2530548-IE7\SP3QFE\mshtml.dll
[-] 2011-02-17 . C9158D1A97BC96CA728F721237DEE9AA . 3607040 . . [7.00.6000.17097] . . c:\windows\ie7updates\KB2530548-IE7\mshtml.dll
[-] 2011-02-17 . F1CBB65EFAFAFA19B06D902DE9E02DEA . 3609600 . . [7.00.6000.21299] . . c:\windows\$hf_mig$\KB2497640-IE7\SP3QFE\mshtml.dll
[-] 2010-12-20 . 48017FB21F1F1DD7E7281B80E162FA43 . 3609088 . . [7.00.6000.21297] . . c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\mshtml.dll
[-] 2010-12-20 . 48017FB21F1F1DD7E7281B80E162FA43 . 3609088 . . [7.00.6000.21297] . . c:\windows\SoftwareDistribution\Download\79810b38397180784856d3f418ff8477\sp3qfe\mshtml.dll
[-] 2010-12-20 . 6FBDFAB3DF839EB93248519681F3C2C9 . 3606528 . . [7.00.6000.17095] . . c:\windows\ie7updates\KB2497640-IE7\mshtml.dll
[-] 2010-12-20 . 6FBDFAB3DF839EB93248519681F3C2C9 . 3606528 . . [7.00.6000.17095] . . c:\windows\SoftwareDistribution\Download\79810b38397180784856d3f418ff8477\sp3gdr\mshtml.dll
[-] 2010-11-06 . 2F2DA920F5B9582D40B9761D2AB45696 . 3604480 . . [7.00.6000.17093] . . c:\windows\ie7updates\KB2482017-IE7\mshtml.dll
[-] 2010-11-06 . 1B62916D85DFC66158B1FD0CAC16BA05 . 3607040 . . [7.00.6000.21295] . . c:\windows\$hf_mig$\KB2416400-IE7\SP3QFE\mshtml.dll
[-] 2010-09-09 . 2D4ADA592FA9CBBC6D25A4A6293CD719 . 3601920 . . [7.00.6000.17092] . . c:\windows\ie7updates\KB2416400-IE7\mshtml.dll
[-] 2010-09-09 . 151A139487B733CD1B967ED2B14C290E . 3605504 . . [7.00.6000.21294] . . c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\mshtml.dll
[-] 2010-06-24 . 0FB7E2774BD643C181D673426AF3F62A . 3603968 . . [7.00.6000.21283] . . c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\mshtml.dll
[-] 2010-06-24 . E716E9EBCFFFFE45264CE6A1FC135B4B . 3600896 . . [7.00.6000.17080] . . c:\windows\ie7updates\KB2360131-IE7\mshtml.dll
[-] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2530548-IE8\mshtml.dll
[-] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3GDR\mshtml.dll
[-] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[-] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . c:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3QFE\mshtml.dll
[-] 2010-05-04 . F247F7AC6713066D4C71721BDC73FC2E . 3600384 . . [7.00.6000.17063] . . c:\windows\ie7updates\KB2183461-IE7\mshtml.dll
[-] 2010-05-04 . C466BDCDFAE6F6EFD618F34BA90B1923 . 3603456 . . [7.00.6000.21264] . . c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\mshtml.dll
[-] 2009-10-29 . 89A9658515A18E673034369E043FAB01 . 3598336 . . [7.00.6000.16945] . . c:\windows\ie7updates\KB982381-IE7\mshtml.dll
[-] 2009-10-29 . 8B48737260C273C9B0DACA84EA1CCDBD . 3602432 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\mshtml.dll
[-] 2009-10-21 . 36145D2D908FB8A24772F04842366918 . 3598336 . . [7.00.6000.16939] . . c:\windows\ie7updates\KB976325-IE7\mshtml.dll
[-] 2009-10-21 . E6453EE08B283419171889786D057A75 . 3602432 . . [7.00.6000.21142] . . c:\windows\$hf_mig$\KB976749-IE7\SP3QFE\mshtml.dll
[-] 2009-08-29 . E52A845DCE011D56B12B8F3F4606F956 . 3598336 . . [7.00.6000.16915] . . c:\windows\ie7updates\KB976749-IE7\mshtml.dll
[-] 2009-08-29 . EDAD55105DDD067AE3906011F297267C . 3600384 . . [7.00.6000.21115] . . c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\mshtml.dll
[-] 2009-07-19 . 758C8BEDAB7CE5F9070C85E2E57CBD80 . 3597824 . . [7.00.6000.16890] . . c:\windows\ie7updates\KB974455-IE7\mshtml.dll
[-] 2009-07-19 . 758C8BEDAB7CE5F9070C85E2E57CBD80 . 3597824 . . [7.00.6000.16890] . . c:\windows\system32\dllcache\cache\mshtml.dll
[-] 2009-07-19 . F6098CC1B1C3858D53F20F3CB5774F3B . 3600384 . . [7.00.6000.21089] . . c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\mshtml.dll
[-] 2009-04-29 . C6FD770D518FB024245A0EE217D72BC1 . 3598336 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\mshtml.dll
[-] 2009-04-29 . C6FD770D518FB024245A0EE217D72BC1 . 3598336 . . [7.00.6000.21045] . . c:\windows\SoftwareDistribution\Download\803badc49670f68514bc104c4297fe82\SP3QFE\mshtml.dll
[-] 2009-04-29 04:56 . 7E9CCF2D2DF820B2861B3A842DD53D61 . 3596288 . . [------] . . c:\windows\ie7updates\KB972260-IE7\mshtml.dll
[-] 2009-04-29 . 2B4315EC9E3124408A2A5074C4B97700 . 3596288 . . [7.00.6000.16850] . . c:\windows\SoftwareDistribution\Download\803badc49670f68514bc104c4297fe82\SP3GDR\mshtml.dll
[-] 2009-04-29 . ABD8093E43E53AEA5898D2214B92E9BA . 3068928 . . [6.00.2900.5803] . . c:\windows\ie7\mshtml.dll
[-] 2009-04-29 . 06CF679E3D24C3DF270556456A0F1EDA . 3069440 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB969897$\mshtml.dll
[-] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2007-08-13 . C6EC2493346ED8888A549F59210A8ED3 . 3578368 . . [7.00.5730.13] . . c:\windows\ie7updates\KB969897-IE7\mshtml.dll
.
[-] 2008-04-14 . D7075E95AA599EE77B7A89D39296BD3D . 343040 . . [7.0.2600.5512] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.5512_x-ww_3fd60d63\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\ServicePackFiles\i386\msvcrt.dll
[-] 2008-04-14 . 355EDBB4D412B01F1740C17E3F50FA00 . 343040 . . [7.0.2600.5512] . . c:\windows\system32\msvcrt.dll
[-] 2004-08-04 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2004-08-04 . 98EC447E00229AFD88D5161A25D065DA . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
.
[-] 2008-06-20 . 832E4DD8964AB7ACC880B2837CB1ED20 . 245248 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll
[-] 2008-06-20 . FCEE5FCB99F7C724593365C706D28388 . 245248 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 943337D786A56729263071623BBB9DE5 . 245248 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2008-04-14 . B4138E99236F0F57D4CF49BAE98A0746 . 245248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll
.
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\netlogon.dll
[-] 2008-04-14 . 1B7F071C51B77C272875C3A23E1E4550 . 407040 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\netlogon.dll
.
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\powrprof.dll
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\powrprof.dll
[-] 2008-04-14 . 50A166237A0FA771261275A405646CC0 . 17408 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\cache\powrprof.dll
.
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\scecli.dll
[-] 2008-04-14 . A86BB5E61BF3E39B62AB4C7E7085A084 . 181248 . . [5.1.2600.5512] . . c:\windows\system32\scecli.dll
.
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfc.dll
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\sfc.dll
[-] 2008-04-14 . 96E1C926F22EE1BFBAE82901A35F6BF3 . 5120 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\sfc.dll
.
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\svchost.exe
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\svchost.exe
[-] 2008-04-14 . 27C6D03BCDB8CFEB96B716F3D8BE3E18 . 14336 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\svchost.exe
.
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tapisrv.dll
[-] 2008-04-14 . 3CB78C17BB664637787C9A1C98F79C38 . 249856 . . [5.1.2600.5512] . . c:\windows\system32\tapisrv.dll
.
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\user32.dll
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\user32.dll
[-] 2008-04-14 . B26B135FF1B9F60C9388B4A7D16F600B . 578560 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\user32.dll
.
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\userinit.exe
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\userinit.exe
[-] 2008-04-14 . A93AEE1928A9D7CE3E16D24EC7380F89 . 26112 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\userinit.exe
.
[-] 2012-03-01 . 009E7B4C284F080608D7286484015EE5 . 916992 . . [8.00.6001.19222] . . c:\windows\SoftwareDistribution\Download\10e15349103fd74db71a357203602738\SP3GDR\wininet.dll
[-] 2012-03-01 . 4EC67FAB39F37626AD6D9895FC094ABF . 919552 . . [8.00.6001.23318] . . c:\windows\SoftwareDistribution\Download\10e15349103fd74db71a357203602738\SP3QFE\wininet.dll
[-] 2011-11-04 . 552263502EA8C24D301A0C43FF90B3ED . 916992 . . [8.00.6001.19165] . . c:\windows\system32\wininet.dll
[-] 2011-11-04 . 552263502EA8C24D301A0C43FF90B3ED . 916992 . . [8.00.6001.19165] . . c:\windows\system32\dllcache\wininet.dll
[-] 2011-11-04 . 4E4716CAF514717814D07113AD0425B6 . 919552 . . [8.00.6001.23261] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll
[-] 2011-08-22 . 1A377838B4B468E37C3EEB5BAA24F925 . 916480 . . [8.00.6001.19131] . . c:\windows\ie8updates\KB2618444-IE8\wininet.dll
[-] 2011-08-22 . 19630AEBBFAEB06984CAB91848270AAF . 919552 . . [8.00.6001.23227] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll
[-] 2011-06-23 . AF4EDDC6C0446FCE5681B5DED52B8F0E . 916480 . . [8.00.6001.19098] . . c:\windows\ie8updates\KB2586448-IE8\wininet.dll
[-] 2011-06-23 . 509CF67AE762A38E23A5455A0053853C . 919552 . . [8.00.6001.23192] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll
[-] 2011-04-25 . CC951C2212A200475A587A440E0AA804 . 916480 . . [8.00.6001.19072] . . c:\windows\ie8updates\KB2559049-IE8\wininet.dll
[-] 2011-04-25 . CC951C2212A200475A587A440E0AA804 . 916480 . . [8.00.6001.19072] . . c:\windows\SoftwareDistribution\Download\730e51ab61fc82e473594dd494abebf2\SP3GDR\wininet.dll
[-] 2011-04-25 . 7F4F1697001B9E9A7924D219DC215903 . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll
[-] 2011-04-25 . 7F4F1697001B9E9A7924D219DC215903 . 919552 . . [8.00.6001.23165] . . c:\windows\SoftwareDistribution\Download\730e51ab61fc82e473594dd494abebf2\SP3QFE\wininet.dll
[-] 2011-04-25 15:51 . 6AF4B52834380B4450F90437387936E2 . 832512 . . [------] . . c:\windows\ie8\wininet.dll
[-] 2011-04-25 . 72942C4583A65E93FB21CA4F5D0A54C7 . 841216 . . [7.00.6000.21300] . . c:\windows\$hf_mig$\KB2530548-IE7\SP3QFE\wininet.dll
[-] 2011-02-17 . 2F7A5408260CD0D3D2E916F811E166F5 . 832512 . . [7.00.6000.17096] . . c:\windows\ie7updates\KB2530548-IE7\wininet.dll
[-] 2011-02-17 . 25FF5FFE129621CD879F9DB3B308D42C . 841216 . . [7.00.6000.21298] . . c:\windows\$hf_mig$\KB2497640-IE7\SP3QFE\wininet.dll
[-] 2010-12-20 . 9C444BC487BBC30773C67F17F1108ABB . 841216 . . [7.00.6000.21297] . . c:\windows\$hf_mig$\KB2482017-IE7\SP3QFE\wininet.dll
[-] 2010-12-20 . 9C444BC487BBC30773C67F17F1108ABB . 841216 . . [7.00.6000.21297] . . c:\windows\SoftwareDistribution\Download\79810b38397180784856d3f418ff8477\sp3qfe\wininet.dll
[-] 2010-12-20 . 69AC2C73642C3FADED461CA1A069FCF7 . 832512 . . [7.00.6000.17095] . . c:\windows\ie7updates\KB2497640-IE7\wininet.dll
[-] 2010-12-20 . 69AC2C73642C3FADED461CA1A069FCF7 . 832512 . . [7.00.6000.17095] . . c:\windows\SoftwareDistribution\Download\79810b38397180784856d3f418ff8477\sp3gdr\wininet.dll
[-] 2010-11-06 . 67CD1C036ECC93B1B45B07A4AFDA1D96 . 832512 . . [7.00.6000.17093] . . c:\windows\ie7updates\KB2482017-IE7\wininet.dll
[-] 2010-11-06 . F4310169BC5EE25617301E8E78FE5C84 . 841216 . . [7.00.6000.21295] . . c:\windows\$hf_mig$\KB2416400-IE7\SP3QFE\wininet.dll
[-] 2010-09-09 . 22B3D4A94B1E3CFCD4A6378069F5E585 . 832512 . . [7.00.6000.17091] . . c:\windows\ie7updates\KB2416400-IE7\wininet.dll
[-] 2010-09-09 . 032F0278A8E39AA3F72FD795F5A83A23 . 841216 . . [7.00.6000.21293] . . c:\windows\$hf_mig$\KB2360131-IE7\SP3QFE\wininet.dll
[-] 2010-06-24 . 2E5F7848F3FEECC1F3915A64C0AD0FA8 . 841216 . . [7.00.6000.21283] . . c:\windows\$hf_mig$\KB2183461-IE7\SP3QFE\wininet.dll
[-] 2010-06-24 . 473A87B1DD8941FFE9315CFE6A13B354 . 832512 . . [7.00.6000.17080] . . c:\windows\ie7updates\KB2360131-IE7\wininet.dll
[-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2530548-IE8\wininet.dll
[-] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3GDR\wininet.dll
[-] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3QFE\wininet.dll
[-] 2010-05-04 . 83306356DE710DA87ED91A6AF6233214 . 832512 . . [7.00.6000.17055] . . c:\windows\ie7updates\KB2183461-IE7\wininet.dll
[-] 2010-05-04 . 506B3DCB9C26070072E3047C6910F844 . 841216 . . [7.00.6000.21256] . . c:\windows\$hf_mig$\KB982381-IE7\SP3QFE\wininet.dll
[-] 2009-10-29 . 7C599DEC022BEF6E3C9F4DB4FC164E8B . 832512 . . [7.00.6000.16945] . . c:\windows\ie7updates\KB982381-IE7\wininet.dll
[-] 2009-10-29 . CA5CB4F174592090FBECFEAD9B51BB90 . 841216 . . [7.00.6000.21148] . . c:\windows\$hf_mig$\KB976325-IE7\SP3QFE\wininet.dll
[-] 2009-08-29 . DB111200015F08DDDB8857E11C6A80E3 . 832512 . . [7.00.6000.16915] . . c:\windows\ie7updates\KB976325-IE7\wininet.dll
[-] 2009-08-29 . A5885AF9BFBD942B828E6020AD326517 . 840704 . . [7.00.6000.21115] . . c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\wininet.dll
[-] 2009-06-29 . 4C6B4138165A4C53FE8A5B1D809526C3 . 828928 . . [7.00.6000.21073] . . c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\wininet.dll
[-] 2009-06-29 . A39B7BA7AB9B1CC2A0009F59772DB83C . 827392 . . [7.00.6000.16876] . . c:\windows\ie7updates\KB974455-IE7\wininet.dll
[-] 2009-06-29 . A39B7BA7AB9B1CC2A0009F59772DB83C . 827392 . . [7.00.6000.16876] . . c:\windows\system32\dllcache\cache\wininet.dll
[-] 2009-04-29 . 8E2D471157B0DF329D8D0EA5D83B0DDB . 827392 . . [7.00.6000.16850] . . c:\windows\ie7updates\KB972260-IE7\wininet.dll
[-] 2009-04-29 . 8E2D471157B0DF329D8D0EA5D83B0DDB . 827392 . . [7.00.6000.16850] . . c:\windows\SoftwareDistribution\Download\803badc49670f68514bc104c4297fe82\SP3GDR\wininet.dll
[-] 2009-04-29 . 62CCA075F44015147B8971DAFFBCFF76 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll
[-] 2009-04-29 . 62CCA075F44015147B8971DAFFBCFF76 . 828928 . . [7.00.6000.21045] . . c:\windows\SoftwareDistribution\Download\803badc49670f68514bc104c4297fe82\SP3QFE\wininet.dll
[-] 2009-04-29 . 6002073519FA478BF89977369CDFD156 . 666624 . . [6.00.2900.5803] . . c:\windows\ie7\wininet.dll
[-] 2009-04-29 . 04BCB4F87B35502568F6CF33433543A5 . 668160 . . [6.00.2900.5803] . . c:\windows\$hf_mig$\KB969897\SP3QFE\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB969897$\wininet.dll
[-] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2007-08-13 . A4A0FC92358F39538A6494C42EF99FE9 . 818688 . . [7.00.5730.13] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll
.
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2_32.dll
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\ws2_32.dll
[-] 2008-04-14 . 2CCC474EB85CEAA3E1FA1726580A3E5A . 82432 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\ws2_32.dll
.
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ws2help.dll
[-] 2008-04-14 . 9789E95E1D88EEB4B922BF3EA7779C28 . 19968 . . [5.1.2600.5512] . . c:\windows\system32\ws2help.dll
.
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\explorer.exe
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\explorer.exe
[-] 2008-04-14 . 12896823FB95BFB3DC9B46BCAEDC9923 . 1033728 . . [6.00.2900.5512] . . c:\windows\system32\dllcache\cache\explorer.exe
.
[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\regedit.exe
[-] 2008-04-14 . 058710B720282CA82B909912D3EF28DB . 146432 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regedit.exe
.
[-] 2011-11-01 . 6BAD1BED9872E62049E487FB91AE2F3A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\ole32.dll
[-] 2011-11-01 . 6BAD1BED9872E62049E487FB91AE2F3A . 1288704 . . [5.1.2600.6168] . . c:\windows\system32\dllcache\ole32.dll
[-] 2011-11-01 . 7D9DDE1AB4B00DDB173F5A16E9206517 . 1289216 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll
[-] 2010-07-16 . 7A6A7900B5E322763430BA6FD9A31224 . 1288192 . . [5.1.2600.6010] . . c:\windows\$NtUninstallKB2624667$\ole32.dll
[-] 2010-07-16 . 8D51FB47062F2A1A9EFECCEF338A4C46 . 1289216 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll
[-] 2008-04-14 . ECCE74BC6168375016450A86A164D976 . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll
.
[-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll
[-] 2010-04-16 . 9E03DC5AB51CFD0190541CE2038D819D . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll
[-] 2010-04-16 . F8894BCC961D461674002B4BAE7AECC1 . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll
[-] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
.
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\ksuser.dll
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ksuser.dll
[-] 2008-04-14 . 9B9F1C38D559047B8AC0DBA2D5FEBDE9 . 4096 . . [5.3.2600.5512] . . c:\windows\system32\ReinstallBackups\0021\DriverFiles\i386\ksuser.dll
[-] 2004-08-03 . CBCD254547689BFF80C9F547B20911E9 . 4096 . . [5.3.2600.2180] . . c:\windows\system32\ReinstallBackups\0014\DriverFiles\i386\ksuser.dll
.
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\ctfmon.exe
[-] 2008-04-14 . 5F1D5F88303D4A4DBC8E5F97BA967CC3 . 15360 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\ctfmon.exe
.
[-] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll
[-] 2009-07-27 . 99BC0B50F511924348BE19C7C7313BBF . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2009-07-27 . 888CD7B39C37E13A2419BECFAAF0A28C . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll
[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll
[-] 2008-04-14 . 1926899BF9FFE2602B63074971700412 . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll
.
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\srsvc.dll
.
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wscntfy.exe
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\wscntfy.exe
[-] 2008-04-14 . F92E1076C42FCD6DB3D72D8CFE9816D5 . 13824 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\wscntfy.exe
.
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\xmlprov.dll
[-] 2008-04-14 . 295D21F14C335B53CB8154E5B1F892B9 . 129024 . . [5.1.2600.5512] . . c:\windows\system32\xmlprov.dll
.
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\system32\eventlog.dll
.
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\sfcfiles.dll
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
[-] 2008-04-14 . 9DD07AF82244867CA36681EA2D29CE79 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\sfcfiles.dll
.
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ipsec.sys
[-] 2008-04-13 . 23C74D75E36E7158768DD63D92789A91 . 75264 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ipsec.sys
.
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
[-] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\system32\regsvc.dll
.
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\schedsvc.dll
[-] 2008-04-14 . 0A9A7365A1CA4319AA7C1D6CD8E4EAFA . 192512 . . [5.1.2600.5512] . . c:\windows\system32\schedsvc.dll
.
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ssdpsrv.dll
[-] 2008-04-14 . 0A5679B3714EDAB99E357057EE88FCA6 . 71680 . . [5.1.2600.5512] . . c:\windows\system32\ssdpsrv.dll
.
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\termsrv.dll
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\termsrv.dll
[-] 2008-04-14 . FF3477C03BE7201C294C35F684B3479F . 295424 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\termsrv.dll
.
[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\hnetcfg.dll
[-] 2008-04-14 . 3CB32D3B8CBE79899D63280BB7A83CD9 . 344064 . . [5.1.2600.5512] . . c:\windows\system32\hnetcfg.dll
.
[-] 2004-08-04 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\dllcache\cache\acpiec.sys
[-] 2004-08-04 . 9859C0F6936E723E4892D7141B1327D5 . 11648 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
.
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\ServicePackFiles\i386\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\dllcache\cache\aec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\system32\drivers\aec.sys
.
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\agp440.sys
[-] 2008-04-13 . 08FD04AA961BDC77FB983F328334E3D7 . 42368 . . [5.1.2600.5512] . . c:\windows\system32\drivers\agp440.sys
.
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\ip6fw.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\system32\drivers\ip6fw.sys
.
[-] 2010-09-18 07:18 . 842900DEDBC8E3E8DBCCCB298FD88F65 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll
[-] 2010-09-18 06:53 . E76A5C202E68AF5A322D16B5A78F48B9 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll
[-] 2008-04-14 00:11 . CDDD4416B2B4C7295FE3FDB6DDE57E4E . 927504 . . [4.1.0.61] . . c:\windows\system32\dllcache\cache\mfc40u.dll
.
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msgsvc.dll
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\msgsvc.dll
[-] 2008-04-14 . 986B1FF5814366D71E0AC5755C88F2D3 . 33792 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\msgsvc.dll
.
[-] 2008-04-14 00:12 . C7E39EA41233E9F5B86C8DA3A9F1E4A8 . 52224 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll
[-] 2006-10-18 20:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\dllcache\mspmsnsv.dll
.
[-] 2011-10-25 . DB19FFF0C805664CB95062C027B11FE9 . 2069376 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe
[-] 2011-10-25 . CE1A2FEDBD001ECDC5AD1975AFAD040A . 2069376 . . [5.1.2600.6165] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2011-10-25 . CE1A2FEDBD001ECDC5AD1975AFAD040A . 2069376 . . [5.1.2600.6165] . . c:\windows\system32\ntkrnlpa.exe
[-] 2011-10-25 . CE1A2FEDBD001ECDC5AD1975AFAD040A . 2069376 . . [5.1.2600.6165] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2010-12-09 . F67CD97282E0ABFAF91A9A1359B16F2D . 2069376 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe
[-] 2010-12-09 . F67CD97282E0ABFAF91A9A1359B16F2D . 2069376 . . [5.1.2600.6055] . . c:\windows\SoftwareDistribution\Download\f35839bf00bc83543dbda7acaf1e2a3b\SP3QFE\ntkrnlpa.exe
[-] 2010-12-09 . 84FF488E249DBD2050EB39EA81C6F5C2 . 2069376 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe
[-] 2010-12-09 . 84FF488E249DBD2050EB39EA81C6F5C2 . 2069376 . . [5.1.2600.6055] . . c:\windows\SoftwareDistribution\Download\f35839bf00bc83543dbda7acaf1e2a3b\SP3GDR\ntkrnlpa.exe
[-] 2010-04-28 . 756362706DE8BC92F11E197C98A73844 . 2066944 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe
[-] 2010-04-27 . DC57ABED7BDE1487E658968B4423BED7 . 2066816 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe
[-] 2010-02-16 . A046C627EC20456E2959B7BD628E1FD0 . 2066816 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe
[-] 2010-02-16 . DED8B5A89B085284634502E9D75AC78C . 2066944 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 363B2BBEE0AEDC9E5433616D0AD0236A . 2066176 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 7437BA6F538E89381A2E3643AED296C7 . 2066048 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[-] 2009-02-07 . 5BA7F2141BC6DB06100D0E5A732C617A . 2066048 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\cache\ntkrnlpa.exe
[-] 2009-02-06 . 607352B9CB3D708C67F6039097801B5A . 2066176 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe
[-] 2008-04-13 . 109F8E3E3C82E337BB71B6BC9B895D61 . 2065792 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe
.
[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\ServicePackFiles\i386\ntmssvc.dll
[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\ntmssvc.dll
[-] 2008-04-14 00:12 . 156F64A3345BD23C600655FB4D10BC08 . 435200 . . [5.1.2400.5512] . . c:\windows\system32\dllcache\cache\ntmssvc.dll
.
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\upnphost.dll
[-] 2008-04-14 . 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 . 185856 . . [5.1.2600.5512] . . c:\windows\system32\upnphost.dll
.
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\ServicePackFiles\i386\dsound.dll
[-] 2008-04-14 . 4D83ED8BDDEC431FC8AD907B47CFB6E3 . 367616 . . [5.3.2600.5512] . . c:\windows\system32\dsound.dll
.
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\d3d9.dll
[-] 2008-04-14 . 0607CBC6FA20114CB491EFE4B2F9EFAD . 1689088 . . [5.03.2600.5512] . . c:\windows\system32\d3d9.dll
.
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\ServicePackFiles\i386\ddraw.dll
[-] 2008-04-14 . A340CD71EB535A3DD751B5F28723E50C . 279552 . . [5.03.2600.5512] . . c:\windows\system32\ddraw.dll
.
[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\olepro32.dll
[-] 2008-04-14 00:12 . 5652F6CE1D9E9D8068B9D29BC21B5409 . 84992 . . [5.1.2600.5512] . . c:\windows\system32\olepro32.dll
.
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\perfctrs.dll
[-] 2008-04-14 . DBE2B62353660ECCA0D75EA307A717E9 . 39936 . . [5.1.2600.5512] . . c:\windows\system32\perfctrs.dll
.
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\version.dll
[-] 2008-04-14 . C7CE131408739B0B3A318BE2D0032719 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\version.dll
.
[-] 2011-10-25 . F512C662874D7545E5BD8005E6800A44 . 2192768 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe
[-] 2011-10-25 . 892CDDFF7EF96951B9B0B50974070E47 . 2192768 . . [5.1.2600.6165] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2011-10-25 . 892CDDFF7EF96951B9B0B50974070E47 . 2192768 . . [5.1.2600.6165] . . c:\windows\system32\ntoskrnl.exe
[-] 2011-10-25 . 892CDDFF7EF96951B9B0B50974070E47 . 2192768 . . [5.1.2600.6165] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2010-12-09 . A531BBD3DE13121C1380ED7DC99082DB . 2192768 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . A531BBD3DE13121C1380ED7DC99082DB . 2192768 . . [5.1.2600.6055] . . c:\windows\SoftwareDistribution\Download\f35839bf00bc83543dbda7acaf1e2a3b\SP3QFE\ntoskrnl.exe
[-] 2010-12-09 . 64C1ADF6DF629F340C5A439FE0EF8ED1 . 2192768 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe
[-] 2010-12-09 . 64C1ADF6DF629F340C5A439FE0EF8ED1 . 2192768 . . [5.1.2600.6055] . . c:\windows\SoftwareDistribution\Download\f35839bf00bc83543dbda7acaf1e2a3b\SP3GDR\ntoskrnl.exe
[-] 2010-04-28 . 472059774023F80EB7227EAF9A7ACDA1 . 2189952 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe
[-] 2010-04-27 . A2ABBEC40CDB57454645D06B7EBD22F5 . 2190080 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe
[-] 2010-02-17 . D41C3CBAD0E1C0728D1CDFD541F60CFA . 2189952 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe
[-] 2010-02-16 . E1F653A542449D54FA2D27463D99B6B6 . 2190080 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 8415D9C7C050E7022AED8ABF281BE4A6 . 2189184 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-08-04 . FDE779EA1A564EBFE16F4E0F82B61BAD . 2189312 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-02-07 . EFE8EACE83EAAD5849A7A548FB75B584 . 2189184 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[-] 2009-02-06 . 7A95B10A73737EBF24139AAA63F5212B . 2189056 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\cache\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe
[-] 2008-04-13 . 0C89243C7C3EE199B96FCC16990E0679 . 2188928 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe
.
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\srsvc.dll
[-] 2008-04-14 . 3805DF0AC4296A34BA4BF93B346CC378 . 171008 . . [5.1.2600.5512] . . c:\windows\system32\dllcache\cache\srsvc.dll
.
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\w32time.dll
[-] 2008-04-14 . 54AF4B1D5459500EF0937F6D33B1914F . 175104 . . [5.1.2600.5512] . . c:\windows\system32\w32time.dll
.
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\wiaservc.dll
[-] 2008-04-14 . 8BAD69CBAC032D4BBACFCE0306174C30 . 333824 . . [5.1.2600.5512] . . c:\windows\system32\wiaservc.dll
.
[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\midimap.dll
[-] 2008-04-14 . 5C12660A97822F6E61576943B49AAAD6 . 18944 . . [5.1.2600.5512] . . c:\windows\system32\midimap.dll
.
[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rasadhlp.dll
[-] 2008-04-14 . 6F9BEF24C578D5D6740E080BEDD6A448 . 7680 . . [5.1.2600.5512] . . c:\windows\system32\rasadhlp.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
2011-05-09 08:49 176936 ----a-w- c:\program files\BitTorrentBar\prxtbBitT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{88c7f2aa-f93f-432c-8f0e-b7d85967a527}"= "c:\program files\BitTorrentBar\prxtbBitT.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-07-19 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-07-19 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-07-19 114688]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2009-06-22 662016]
"DivX Download Manager"="c:\program files\DivX\DivX Plus Web Player\DDmService.exe" [2010-12-08 63360]
"PSUNMain"="c:\program files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe" [2011-04-28 439616]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2011-10-20 2497352]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2012-01-02 296056]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start [You must be registered and logged in to see this link.] [?]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Privoxy.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Privoxy.lnk
backup=c:\windows\pss\Privoxy.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2011-07-19 17:29 421736 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2010-07-28 11:56 3365176 ----a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Documents and Settings\\Veron\\Local Settings\\temp\\CProgram FilesOpera\\OperaUpgrader.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=
.
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [5/2/2011 8:36 PM 31704]
R2 !SASCORE;SAS Core Service;"c:\documents and settings\Veron\Desktop\SASCORE.EXE" --> c:\documents and settings\Veron\Desktop\SASCORE.EXE [?]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [5/2/2011 8:36 PM 492768]
S1 PSINKNC;PSINKNC;c:\windows\system32\drivers\PSINKNC.sys [4/28/2011 1:57 PM 129992]
S1 SASDIFSV;SASDIFSV;\??\c:\documents and settings\Veron\Desktop\SASDIFSV.SYS --> c:\documents and settings\Veron\Desktop\SASDIFSV.SYS [?]
S1 SASKUTIL;SASKUTIL;\??\c:\documents and settings\Veron\Desktop\SASKUTIL.SYS --> c:\documents and settings\Veron\Desktop\SASKUTIL.SYS [?]
S2 dgdersvc;Device Error Recovery Service;c:\windows\system32\dgdersvc.exe [7/26/2010 2:17 PM 95568]
S2 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [8/29/2010 1:16 PM 217088]
S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\Panda Security\Panda Cloud Antivirus\PSANHost.exe [4/28/2011 1:58 PM 140608]
S2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [8/1/2011 12:23 PM 143752]
S2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [4/28/2011 1:57 PM 97096]
S2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [4/28/2011 1:57 PM 111688]
S2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [4/28/2011 1:57 PM 112456]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\drivers\ssadadb.sys [8/29/2010 1:17 PM 30312]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [7/26/2010 2:17 PM 18136]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [8/29/2010 1:16 PM 36640]
S3 RkPavproc1;RkPavproc1;\??\c:\windows\system32\drivers\RkPavproc1.sys --> c:\windows\system32\drivers\RkPavproc1.sys [?]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\drivers\ss_bbus.sys [8/29/2010 1:17 PM 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\drivers\ss_bmdfl.sys [8/29/2010 1:17 PM 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\drivers\ss_bmdm.sys [8/29/2010 1:17 PM 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\drivers\ss_bserd.sys [8/29/2010 1:17 PM 100224]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\drivers\ssadbus.sys [8/29/2010 1:17 PM 96488]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\drivers\ssadmdfl.sys [8/29/2010 1:17 PM 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\drivers\ssadmdm.sys [8/29/2010 1:17 PM 121576]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\drivers\ssadserd.sys [8/29/2010 1:17 PM 98152]
S3 sscebus;SAMSUNG USB Composite Device V2 driver (WDM);c:\windows\system32\drivers\sscebus.sys [8/29/2010 1:17 PM 98560]
S3 sscemdfl;SAMSUNG Mobile Modem V2 Filter;c:\windows\system32\drivers\sscemdfl.sys [8/29/2010 1:17 PM 14848]
S3 sscemdm;SAMSUNG Mobile Modem V2 Drivers;c:\windows\system32\drivers\sscemdm.sys [8/29/2010 1:17 PM 123648]
.
Contents of the 'Scheduled Tasks' folder
.
2012-03-22 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:57]
.
2012-05-13 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
2012-05-13 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1409082233-73586283-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 16:02]
.
2012-04-16 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1409082233-73586283-725345543-1004.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 16:02]
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = [You must be registered and logged in to see this link.]
TCP: DhcpNameServer = 192.168.0.1
.
- - - - ORPHANS REMOVED - - - -
.
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\documents and settings\Veron\Desktop\SASSEH.DLL
Notify-!SASWinLogon - c:\documents and settings\Veron\Desktop\SASWINLO.DLL
SafeBoot-ServicepointService
MSConfigStartUp-Messenger (Yahoo!) - c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
AddRemove-Uninstall_is1 - c:\program files\Common Files\DVDVideoSoft\unins000.exe
AddRemove-{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} - c:\documents and settings\Veron\Desktop\Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2012-05-13 18:13
Windows 5.1.2600 Service Pack 3 NTFS
.
detected NTDLL code modification:
ZwClose
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(600)
c:\documents and settings\Veron\Desktop\SASWINLO.DLL
c:\windows\system32\WININET.dll
.
Completion time: 2012-05-13 18:16:10
ComboFix-quarantined-files.txt 2012-05-13 17:16
.
Pre-Run: 103,058,890,752 bytes free
Post-Run: 103,185,625,088 bytes free
.
- - End Of File - - C8D9053DF64860107901EAAA07C0EE5A

veronica8910

Rookie Surfer
Rookie Surfer

Posts : 77
Joined : 2009-08-07
Operating System : windows xp 32 bit

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by Superdave on Mon 14 May 2012, 5:40 am

I noticed that you're running two firewalls which is a no-no. Which one do you want to get rid of:AVG Firewall or COMODO Firewall ?

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by veronica8910 on Mon 14 May 2012, 9:04 am

did you wow thats strange as i deleted that months ago also but this was before i had revo uninstaller.. well i would like to keep comodo firewall i prefer that one the best thank you .. only thing is revo cant find it to uninstall so what do you suggest i do?

thank you

veronica8910

Rookie Surfer
Rookie Surfer

Posts : 77
Joined : 2009-08-07
Operating System : windows xp 32 bit

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by Superdave on Mon 14 May 2012, 9:34 am

only thing is revo cant find it to uninstall so what do you suggest i do?
Programs should alsway be uninstalled otherwise, they are lots of leftovers. This should get rid of them. Just post the top part of the ComboFix log that shows the removals. No need to post the whole log.

Re-running ComboFix to remove infections:


  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Open notepad and copy/paste the text in the quotebox below into it:

    KillAll::

    SecCenter::
    {5B5A3BD7-8573-4672-AEA8-C9BB713B6755}
    {80593BF4-D969-4EC5-ADAE-A22F2DFC7A22}

  • Save this as CFScript.txt, in the same location as ComboFix.exe



  • Referring to the picture above, drag CFScript into ComboFix.exe
  • When finished, it shall produce a log for you at C:\ComboFix.txt
  • Please post the contents of the log in your next reply.

***********************************************
P2P - I see you have P2P software installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.
BitTorrent
Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
*****************************************************
Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by veronica8910 on Tue 15 May 2012, 3:41 am

heres the top part of comboFix log the removals

ComboFix 12-05-11.03 - Veron 14/05/2012 17:01:05.8.1 - x86 NETWORK
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.2294.1982 [GMT 1:00]
Running from: c:\documents and settings\Veron\Desktop\PCHelpForum.exe
Command switches used :: c:\documents and settings\Veron\Desktop\CFScript.txt
AV: Panda Cloud Antivirus *Enabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
FW: COMODO Firewall *Enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\documents and settings\Veron\Application Data\PriceGong\Data\1.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\a.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\b.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\c.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\d.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\e.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\f.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\g.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\h.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\i.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\j.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\k.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\l.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\m.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\Veron\Application Data\PriceGong\Data\n.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\o.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\p.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\q.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\r.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\s.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\t.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\u.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\v.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\w.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\wlu.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\x.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\y.txt
c:\documents and settings\Veron\Application Data\PriceGong\Data\z.txt

i have not yet removed bitcomet or p2p but i will take your advice and completely remove them after this post

and here is the log from Securitycheck.bat

esults of screen317's Security Check version 0.99.32
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
COMODO Internet Security
Panda Cloud Antivirus
```````````````````````````````
Anti-malware/Other Utilities Check:

SpywareBlaster 4.2
Windows Defender
SpywareBlaster 4.2 Out of Date!
HijackThis 2.0.2
Java(TM) 6 Update 32
Adobe Flash Player 11.1.102.55
Adobe Reader X (10.1.3)
````````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
Windows Defender MsMpEng.exe
``````````End of Log````````````

veronica8910

Rookie Surfer
Rookie Surfer

Posts : 77
Joined : 2009-08-07
Operating System : windows xp 32 bit

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by Superdave on Tue 15 May 2012, 6:28 am

You should update SpywareBlaster.

SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

[You must be registered and logged in to see this link.]

Unzip it into a folder on your desktop.

  • Double click Sysprot.exe to start the program.
  • Click on the Log tab.
  • In the Write to log box select the following items.

    • Process << Selected
    • Kernel Modules << Selected
    • SSDT << Selected
    • Kernel Hooks << Selected
    • IRP Hooks << NOT Selected
    • Ports << NOT Selected
    • Hidden Files << Selected

  • At the bottom of the page

    • Hidden Objects Only << Selected

  • Click on the Create Log button on the bottom right.
  • After a few seconds a new window should appear.
  • Select Scan Root Drive. Click on the Start button.
  • When it is complete a new window will appear to indicate that the scan is finished.
  • The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by veronica8910 on Tue 15 May 2012, 7:44 am

i tried to update spware blaster but it says protection database update unsuccessful.. The server may be unavailable, or there may be a conflict with the firewall installed on your pc . the update infoemation file may have gotten corrupted during dowload please try again soon ... so i went to firewall settings/exceptions and added spyware blaster to the exceptions tab.. still couldnt update the programme i ran the sysProt and managed to get the log



SysProt AntiRootkit v1.0.1.0
by swatkat

******************************************************************************************
******************************************************************************************

Process:
Name: [System Idle Process]
PID: 0
Hidden: No
Window Visible: No

Name: SYSTEM
PID: 4
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\smss.exe
PID: 712
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\csrss.exe
PID: 760
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\winlogon.exe
PID: 788
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\services.exe
PID: 832
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\lsass.exe
PID: 844
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1048
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1116
Hidden: No
Window Visible: No

Name: C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PID: 1212
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1248
Hidden: No
Window Visible: No

Name: C:\Program Files\Windows Defender\MsMpEng.exe
PID: 1260
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1360
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1464
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1572
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\spoolsv.exe
PID: 1684
Hidden: No
Window Visible: No

Name: C:\WINDOWS\explorer.exe
PID: 1980
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 2040
Hidden: No
Window Visible: No

Name: C:\Documents and Settings\Veron\Desktop\SASCore.exe
PID: 156
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PID: 180
Hidden: No
Window Visible: No

Name: C:\Program Files\Bonjour\mDNSResponder.exe
PID: 280
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\rundll32.exe
PID: 512
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 528
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\hkcmd.exe
PID: 540
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\igfxpers.exe
PID: 548
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\dgdersvc.exe
PID: 576
Hidden: No
Window Visible: No

Name: C:\WINDOWS\vsnp2uvc.exe
PID: 700
Hidden: No
Window Visible: No

Name: C:\Program Files\DivX\DivX Plus Web Player\DDMService.exe
PID: 752
Hidden: No
Window Visible: No

Name: C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUNMain.exe
PID: 1340
Hidden: No
Window Visible: No

Name: C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PID: 1444
Hidden: No
Window Visible: No

Name: C:\Program Files\Real\RealPlayer\Update\realsched.exe
PID: 1468
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\FsUsbExService.Exe
PID: 1556
Hidden: No
Window Visible: No

Name: C:\Program Files\Common Files\Java\Java Update\jusched.exe
PID: 1032
Hidden: No
Window Visible: No

Name: C:\Program Files\Java\jre6\bin\jqs.exe
PID: 1836
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\ctfmon.exe
PID: 1852
Hidden: No
Window Visible: No

Name: C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
PID: 1916
Hidden: No
Window Visible: No

Name: C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PID: 644
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\svchost.exe
PID: 1200
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\wuauclt.exe
PID: 2184
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\alg.exe
PID: 3560
Hidden: No
Window Visible: No

Name: C:\WINDOWS\system32\wuauclt.exe
PID: 2208
Hidden: No
Window Visible: No

Name: C:\Documents and Settings\Veron\Desktop\SysProt\SysProt\SysProt.exe
PID: 2268
Hidden: No
Window Visible: Yes

******************************************************************************************
******************************************************************************************
Kernel Modules:
Module Name: \??\C:\Documents and Settings\Veron\Desktop\SysProt\SysProt\SysProtDrv.sys
Service Name: SysProtDrv.sys
Module Base: A5693000
Module End: A569E000
Hidden: No

Module Name: \WINDOWS\system32\ntkrnlpa.exe
Service Name: ---
Module Base: 804D7000
Module End: 806D0380
Hidden: No

Module Name: \WINDOWS\system32\hal.dll
Service Name: ---
Module Base: 806D1000
Module End: 806F1300
Hidden: No

Module Name: \WINDOWS\system32\KDCOM.DLL
Service Name: ---
Module Base: BA5A8000
Module End: BA5AA000
Hidden: No

Module Name: \WINDOWS\system32\BOOTVID.dll
Service Name: ---
Module Base: BA4B8000
Module End: BA4BB000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ACPI.sys
Service Name: ACPI
Module Base: B9F79000
Module End: B9FA7000
Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\WMILIB.SYS
Service Name: ---
Module Base: BA5AA000
Module End: BA5AC000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\pci.sys
Service Name: PCI
Module Base: B9F68000
Module End: B9F79000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\isapnp.sys
Service Name: isapnp
Module Base: BA0A8000
Module End: BA0B2000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\pciide.sys
Service Name: PCIIde
Module Base: BA670000
Module End: BA671000
Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Service Name: ---
Module Base: BA328000
Module End: BA32F000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\intelide.sys
Service Name: IntelIde
Module Base: BA5AC000
Module End: BA5AE000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\MountMgr.sys
Service Name: MountMgr
Module Base: BA0B8000
Module End: BA0C3000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\ftdisk.sys
Service Name: Disk
Module Base: B9F49000
Module End: B9F68000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\PartMgr.sys
Service Name: PartMgr
Module Base: BA330000
Module End: BA335000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\VolSnap.sys
Service Name: VolSnap
Module Base: BA0C8000
Module End: BA0D5000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\atapi.sys
Service Name: atapi
Module Base: B9F31000
Module End: B9F49000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\cercsr6.sys
Service Name: cercsr6
Module Base: BA338000
Module End: BA340000
Hidden: No

Module Name: \WINDOWS\System32\Drivers\SCSIPORT.SYS
Service Name: ScsiPort
Module Base: B9F19000
Module End: B9F31000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\disk.sys
Service Name: ---
Module Base: BA0D8000
Module End: BA0E1000
Hidden: No

Module Name: \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Service Name: ---
Module Base: BA0E8000
Module End: BA0F5000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\fltmgr.sys
Service Name: FltMgr
Module Base: B9EF9000
Module End: B9F19000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sr.sys
Service Name: sr
Module Base: B9EE7000
Module End: B9EF9000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\PxHelp20.sys
Service Name: PxHelp20
Module Base: BA0F8000
Module End: BA102000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\KSecDD.sys
Service Name: KSecDD
Module Base: B9ED0000
Module End: B9EE7000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\WudfPf.sys
Service Name: WudfPf
Module Base: B9EBD000
Module End: B9ED0000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\Ntfs.sys
Service Name: Ntfs
Module Base: B9E30000
Module End: B9EBD000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\inspect.sys
Service Name: Inspect
Module Base: B9E1A000
Module End: B9E30000
Hidden: No

Module Name: \WINDOWS\System32\DRIVERS\NDIS.SYS
Service Name: NDIS
Module Base: B9DED000
Module End: B9E1A000
Hidden: No

Module Name: \WINDOWS\System32\DRIVERS\TDI.SYS
Service Name: ---
Module Base: BA340000
Module End: BA345000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\Mup.sys
Service Name: Mup
Module Base: B9DD3000
Module End: B9DED000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\intelppm.sys
Service Name: intelppm
Module Base: BA178000
Module End: BA181000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
Service Name: ialm
Module Base: B9798000
Module End: B9899000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Service Name: ---
Module Base: B9784000
Module End: B9798000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
Service Name: HDAudBus
Module Base: B975C000
Module End: B9784000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Service Name: usbuhci
Module Base: BA458000
Module End: BA45E000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Service Name: ---
Module Base: B9738000
Module End: B975C000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Service Name: usbehci
Module Base: BA460000
Module End: BA468000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\e100b325.sys
Service Name: E100B
Module Base: B9712000
Module End: B9738000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\imapi.sys
Service Name: Imapi
Module Base: BA188000
Module End: BA193000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Service Name: Cdrom
Module Base: BA198000
Module End: BA1A8000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\redbook.sys
Service Name: redbook
Module Base: BA1A8000
Module End: BA1B7000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ks.sys
Service Name: ---
Module Base: B96EF000
Module End: B9712000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
Service Name: GEARAspiWDM
Module Base: BA468000
Module End: BA46E000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\audstub.sys
Service Name: audstub
Module Base: BA73D000
Module End: BA73E000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Service Name: Rasl2tp
Module Base: BA1B8000
Module End: BA1C5000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Service Name: NdisTapi
Module Base: B9D92000
Module End: B9D95000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Service Name: NdisWan
Module Base: B96D8000
Module End: B96EF000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Service Name: RasPppoe
Module Base: BA1C8000
Module End: BA1D3000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Service Name: PptpMiniport
Module Base: BA1D8000
Module End: BA1E4000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\psched.sys
Service Name: PSched
Module Base: B96C7000
Module End: B96D8000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Service Name: Gpc
Module Base: BA1E8000
Module End: BA1F1000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Service Name: Ptilink
Module Base: BA470000
Module End: BA475000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\raspti.sys
Service Name: Raspti
Module Base: BA478000
Module End: BA47D000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\termdd.sys
Service Name: TermDD
Module Base: BA1F8000
Module End: BA202000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Service Name: Kbdclass
Module Base: BA480000
Module End: BA486000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Service Name: Mouclass
Module Base: BA488000
Module End: BA48E000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\swenum.sys
Service Name: swenum
Module Base: BA5E4000
Module End: BA5E6000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\update.sys
Service Name: Update
Module Base: B9669000
Module End: B96C7000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Service Name: mssmbios
Module Base: B9D86000
Module End: B9D8A000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Service Name: NDProxy
Module Base: BA258000
Module End: BA262000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Service Name: usbhub
Module Base: BA278000
Module End: BA287000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Service Name: ---
Module Base: BA5EE000
Module End: BA5F0000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sthda.sys
Service Name: STHDA
Module Base: A94B7000
Module End: A95A9000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\portcls.sys
Service Name: ---
Module Base: A9493000
Module End: A94B7000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\drmk.sys
Service Name: ---
Module Base: BA288000
Module End: BA297000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\cmdguard.sys
Service Name: cmdGuard
Module Base: A941D000
Module End: A9493000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Service Name: Fs_Rec
Module Base: BA5F8000
Module End: BA5FA000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Null.SYS
Service Name: Null
Module Base: BA771000
Module End: BA772000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Beep.SYS
Service Name: Beep
Module Base: BA5FA000
Module End: BA5FC000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS
Service Name: ---
Module Base: BA498000
Module End: BA49F000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\vga.sys
Service Name: VgaSave
Module Base: BA4A0000
Module End: BA4A6000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Service Name: mnmdd
Module Base: BA5FC000
Module End: BA5FE000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Service Name: RDPCDD
Module Base: BA5FE000
Module End: BA600000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Msfs.SYS
Service Name: Msfs
Module Base: BA4A8000
Module End: BA4AD000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Npfs.SYS
Service Name: Npfs
Module Base: BA4B0000
Module End: BA4B8000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Service Name: RasAcd
Module Base: BA558000
Module End: BA55B000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Service Name: IPSec
Module Base: A7E63000
Module End: A7E76000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Service Name: Tcpip
Module Base: A7E0A000
Module End: A7E63000
Hidden: No

Module Name: C:\WINDOWS\System32\DRIVERS\cmdhlp.sys
Service Name: cmdHlp
Module Base: BA358000
Module End: BA35E000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\netbt.sys
Service Name: NetBT
Module Base: A7DE2000
Module End: A7E0A000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\ws2ifsl.sys
Service Name: WS2IFSL
Module Base: BA568000
Module End: BA56B000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\afd.sys
Service Name: AFD
Module Base: A7DC0000
Module End: A7DE2000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\netbios.sys
Service Name: NetBIOS
Module Base: BA2B8000
Module End: BA2C1000
Hidden: No

Module Name: \??\C:\Documents and Settings\Veron\Desktop\SASKUTIL.SYS
Service Name: SASKUTIL
Module Base: A7D9E000
Module End: A7DC0000
Hidden: No

Module Name: \??\C:\Documents and Settings\Veron\Desktop\SASDIFSV.SYS
Service Name: SASDIFSV
Module Base: BA360000
Module End: BA366000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Service Name: Rdbss
Module Base: A7D73000
Module End: A7D9E000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\psinknc.sys
Service Name: PSINKNC
Module Base: A7D2C000
Module End: A7D4B000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Service Name: MRxSmb
Module Base: A7C44000
Module End: A7CB4000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Fips.SYS
Service Name: Fips
Module Base: BA2C8000
Module End: BA2D3000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Service Name: IpNat
Module Base: A7C1E000
Module End: A7C44000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Service Name: Wanarp
Module Base: BA2D8000
Module End: BA2E1000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
Service Name: USBSTOR
Module Base: BA378000
Module End: BA37F000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\hidusb.sys
Service Name: hidusb
Module Base: A7D28000
Module End: A7D2B000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS
Service Name: ---
Module Base: BA2E8000
Module End: BA2F1000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\kbdhid.sys
Service Name: kbdhid
Module Base: A7D20000
Module End: A7D24000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mouhid.sys
Service Name: mouhid
Module Base: A7D1C000
Module End: A7D1F000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Fastfat.SYS
Service Name: Fastfat
Module Base: A6368000
Module End: A638C000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Service Name: Cdfs
Module Base: BA148000
Module End: BA158000
Hidden: No

Module Name: \SystemRoot\System32\Drivers\dump_atapi.sys
Service Name: ---
Module Base: A6350000
Module End: A6368000
Hidden: Yes

Module Name: \SystemRoot\System32\Drivers\dump_WMILIB.SYS
Service Name: ---
Module Base: BA638000
Module End: BA63A000
Hidden: Yes

Module Name: C:\WINDOWS\System32\drivers\Dxapi.sys
Service Name: ---
Module Base: A63AC000
Module End: A63AF000
Hidden: No

Module Name: C:\WINDOWS\System32\watchdog.sys
Service Name: ---
Module Base: BA420000
Module End: BA425000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\dxgthk.sys
Service Name: ---
Module Base: BA7C4000
Module End: BA7C5000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
Service Name: PSINAflt
Module Base: A6216000
Module End: A6238000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\PSINProt.sys
Service Name: PSINProt
Module Base: A61FC000
Module End: A6216000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\PSINFile.sys
Service Name: PSINFile
Module Base: A61BD000
Module End: A61D4000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\PSINProc.sys
Service Name: PSINProc
Module Base: A61A3000
Module End: A61BD000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Service Name: Ndisuio
Module Base: A60D7000
Module End: A60DB000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\wdmaud.sys
Service Name: wdmaud
Module Base: A5E6E000
Module End: A5E83000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\sysaudio.sys
Service Name: sysaudio
Module Base: A6193000
Module End: A61A2000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Service Name: MRxDAV
Module Base: A5C5B000
Module End: A5C88000
Hidden: No

Module Name: C:\WINDOWS\system32\DRIVERS\srv.sys
Service Name: Srv
Module Base: A5933000
Module End: A598B000
Hidden: No

Module Name: C:\WINDOWS\System32\Drivers\HTTP.sys
Service Name: HTTP
Module Base: A53CA000
Module End: A540B000
Hidden: No

Module Name: \??\C:\WINDOWS\system32\FsUsbExDisk.SYS
Service Name: FsUsbExDisk
Module Base: A55BB000
Module End: A55C4000
Hidden: No

Module Name: C:\WINDOWS\System32\drivers\dgderdrv.sys
Service Name: dgderdrv
Module Base: A5543000
Module End: A5546000
Hidden: No

Module Name: C:\WINDOWS\system32\drivers\kmixer.sys
Service Name: kmixer
Module Base: A50F7000
Module End: A5122000
Hidden: No

******************************************************************************************
******************************************************************************************
SSDT:
Function Name: ZwAdjustPrivilegesToken
Address: A942779A
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwConnectPort
Address: A9426D46
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwCreateFile
Address: A9427400
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwCreateKey
Address: A9427FA4
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwCreateSection
Address: A9429ABC
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwCreateSymbolicLinkObject
Address: A9429E3A
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwCreateThread
Address: A9426732
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwDeleteKey
Address: A9427986
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwDeleteValueKey
Address: A9427B7A
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwDuplicateObject
Address: A9426538
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwEnumerateKey
Address: A94286C6
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwEnumerateValueKey
Address: A942891C
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwLoadDriver
Address: A94294EE
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwMakeTemporaryObject
Address: A942700E
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwOpenFile
Address: A94275DC
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwOpenKey
Address: A9427F94
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwOpenProcess
Address: A9426166
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwOpenSection
Address: A94272A8
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwOpenThread
Address: A942636A
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwQueryKey
Address: A9428B2A
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwQueryMultipleValueKey
Address: A9428F7E
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwQueryValueKey
Address: A9428D3C
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwRenameKey
Address: A94284DE
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwSetSecurityObject
Address: A9427DB6
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwSetSystemInformation
Address: A94297DA
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwSetValueKey
Address: A9428266
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwShutdownSystem
Address: A9426F78
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwSystemDebugControl
Address: A9427194
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

Function Name: ZwTerminateProcess
Address: A61A9416
Driver Base: A61A3000
Driver End: A61BD000
Driver Name: \SystemRoot\system32\DRIVERS\PSINProc.sys

Function Name: ZwTerminateThread
Address: A9426936
Driver Base: A941D000
Driver End: A9493000
Driver Name: \SystemRoot\System32\DRIVERS\cmdguard.sys

******************************************************************************************
******************************************************************************************
No Kernel Hooks found

******************************************************************************************
******************************************************************************************
Hidden files/folders:
Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\_____________________________________________________________________________________________________________________________________________________________hostiles.txt.36.zip.to
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\______________________________________________________________________________________________________________________________________________________________hostiles.txt.36.zip.t
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\_______________________________________________________________________________________________________________________________________________________________hostiles.txt.36.zip.
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\________________________________________________________________________________________________________________________________________________________________hostiles.txt.36.zip
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\_________________________________________________________________________________________________________________________________________________________________hostiles.txt.36.zi
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\__________________________________________________________________________________________________________________________________________________________________hostiles.txt.36.z
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________hostiles.txt.36.
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\____________________________________________________________________________________________________________________________________________________________________hostiles.txt.36
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\_____________________________________________________________________________________________________________________________________________________________________hostiles.txt.3
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\______________________________________________________________________________________________________________________________________________________________________hostiles.txt.
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\_______________________________________________________________________________________________________________________________________________________________________hostiles.txt
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\________________________________________________________________________________________________________________________________________________________________________hostiles.tx
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\_________________________________________________________________________________________________________________________________________________________________________hostiles.t
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\__________________________________________________________________________________________________________________________________________________________________________hostiles.
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________hostiles
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\____________________________________________________________________________________________________________________________________________________________________________hostile
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\_____________________________________________________________________________________________________________________________________________________________________________hostil
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\______________________________________________________________________________________________________________________________________________________________________________hosti
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\_______________________________________________________________________________________________________________________________________________________________________________host
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\________________________________________________________________________________________________________________________________________________________________________________hos
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\_________________________________________________________________________________________________________________________________________________________________________________ho
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\__________________________________________________________________________________________________________________________________________________________________________________h
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Application Data\FrostWire\azureus\torrents\___________________________________________________________________________________________________________________________________________________________________________________
Status: Hidden

Object: C:\Documents and Settings\Veron\Recent\Tagged - ?H?????NO BUY,’s Profile.lnk
Status: Hidden

Object: C:\Qoobox\BackEnv\AppData.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Cache.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Cookies.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Desktop.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Favorites.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\History.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\LocalAppData.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\LocalSettings.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Music.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\NetHood.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Personal.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Pictures.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\PrintHood.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Profiles.Folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Profiles.Folder.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Programs.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Recent.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SendTo.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SetPath.bat
Status: Access denied

Object: C:\Qoobox\BackEnv\StartMenu.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\StartUp.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\SysPath.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\Templates.folder.dat
Status: Access denied

Object: C:\Qoobox\BackEnv\VikPev00
Status: Access denied

veronica8910

Rookie Surfer
Rookie Surfer

Posts : 77
Joined : 2009-08-07
Operating System : windows xp 32 bit

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by Superdave on Tue 15 May 2012, 9:19 am

Please try uninstalling and re-installing SpywareBlaster.

Are you still having problems with your MS updates?


I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the icon on your desktop.

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

Superdave
Tech Staff


Tech Staff

Posts : 4193
Joined : 2010-02-01
Operating System : Windows 8.1 and a dual-boot with XP Home SP3

View user profile

Back to top Go down

Re: FAILED SECURITY UPDATES & CAN'T RUN ANTI VIRUS PROGRAMME

Post by Sponsored content Today at 1:04 am


Sponsored content


Back to top Go down

Page 1 of 2 1, 2  Next

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum