Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

magehee

8 Posts

2872

April 13th, 2009 20:00

Redirect and Security Center Disabled

When trying to visit some websites, I have been redirected to a blank page.  I have also been getting "Not Protected" when opening my McAfee Security Center.  I ran HiJack This 2 and have included my log.  Thank you for your assistance.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:59:18 PM, on 4/13/2009
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\DELL\E-Center\EULALauncher.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\sttray.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Windows\system32\taskeng.exe
C:\PROGRA~1\mcafee\msc\mcshell.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\taskeng.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: QuickSet.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: http://*.mcafee.com
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: McAfee Application Installer Cleanup (0199931239671107) (0199931239671107mcinstcleanup) - McAfee, Inc. - C:\Windows\TEMP\019993~1.EXE
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7826 bytes

bamajim

10.4K Posts

April 15th, 2009 14:00


magehee

1. Go HERE and download File Lister.
  • Save it to your Desktop
  • Rt Click ->> Extract all ->> And extract it to your Desktop
  • Additional help on extracting zip files can be found HERE
  • Open the File Lister Folder.
  • Note: Leave the FileLister.vbe file in the folder and run it from there.
  • Rt Click FileLister.vbe ->>Select Open Then Open to confirm.
  • As the program runs, it will appear that nothing is happening.
  • When the program is fnished it will produce a log for you C:\Files.txt

Copy and paste the contents of that log in your reply.

If for any reeason FilelIster will not run, then reboot into Safe Mode and run it there

magehee

8 Posts

April 25th, 2009 16:00

+++++++++++++++++++++++++++++++++
+ File Lister  Version 1.0.8           +
+                                                                    +
+  By bamajim / SpywareHammer.com +
+++++++++++++++++++++++++++++++++
Report ran on --->>>  4/16/2009 10:55:19 PM

====== Running Processes ======
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\Explorer.EXE
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\WScript.exe
C:\Windows\system32\wbem\wmiprvse.exe
====== BHO's ======
BHO: (NO NAME) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
BHO: (NO NAME) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
====== HKLM\~\Run Keys ======
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
[Windows Defender] = %ProgramFiles%\Windows Defender\MSASCui.exe -hide
[SynTPEnh] = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
[Windows Mobile Device Center] = %windir%\WindowsMobile\wmdc.exe
[ATICCC] = "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
[SigmatelSysTrayApp] = sttray.exe
[Broadcom Wireless Manager UI] = C:\Windows\system32\WLTRAY.exe
[ISUSScheduler] = "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
[Adobe Reader Speed Launcher] = "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[Google Desktop Search] = "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
[dscactivate] = C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
[mcagent_exe] = "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
====== HKCU\~\Run Keys ======

====== DNS Info (List may be empty) ======
HKEY_LOCAL_MACHINE\CCS\~\{03D96EA8-7964-4441-8EA3-1D2C8329CCF4}\  NameServer=
HKEY_LOCAL_MACHINE\CCS\~\{9EC24021-28DE-4C6C-9CB6-BF40A6144664}\  NameServer=
HKEY_LOCAL_MACHINE\CS001\~\{03D96EA8-7964-4441-8EA3-1D2C8329CCF4}\  NameServer=
HKEY_LOCAL_MACHINE\CS001\~\{9EC24021-28DE-4C6C-9CB6-BF40A6144664}\  NameServer=
HKEY_LOCAL_MACHINE\CS002\~\{03D96EA8-7964-4441-8EA3-1D2C8329CCF4}\  NameServer=
HKEY_LOCAL_MACHINE\CS002\~\{9EC24021-28DE-4C6C-9CB6-BF40A6144664}\  NameServer=

====== Folders and Files from "%\" and "%\Windows" Created Last 60 Days ======
4/11/2009 4:29:48 PM    0    C:\ATI
4/11/2009 4:29:48 PM    0    C:\ATI\ACE
4/7/2009 8:16:02 PM    4/16/2009 10:55:19 PM    0    32    C:\Files.txt
4/7/2009 6:12:22 PM    1251409920    38    C:\pagefile.sys
4/14/2009 5:17:50 PM    2923520    32    C:\Windows\explorer.exe
4/14/2009 6:21:04 PM    2574    32    C:\Windows\ie8_main.log
4/16/2009 10:37:51 PM    8212    32    C:\Windows\mfebcdata
4/14/2009 4:46:50 PM    292976    32    C:\Windows\msxml4-KB954430-enu.LOG
4/16/2009 10:42:10 PM    117528    32    C:\Windows\ntbtlog.txt
4/14/2009 5:29:56 PM    124928    32    C:\Windows\System32\advpack.dll
4/14/2009 5:26:07 PM    28672    32    C:\Windows\System32\Apphlpdm.dll
4/14/2009 5:00:20 PM    2048    32    C:\Windows\System32\asferror.dll
4/14/2009 5:06:25 PM    12800    32    C:\Windows\System32\batt.dll
4/14/2009 5:06:30 PM    19456    32    C:\Windows\System32\cfgmgr32.dll
4/14/2009 5:06:31 PM    620088    32    C:\Windows\System32\ci.dll
4/14/2009 5:06:30 PM    224824    32    C:\Windows\System32\clfs.sys
4/14/2009 4:50:20 PM    1645568    32    C:\Windows\System32\connect.dll
4/14/2009 6:52:48 PM    96760    32    C:\Windows\System32\dfshim.dll
4/14/2009 5:06:25 PM    35328    32    C:\Windows\System32\dispci.dll
4/14/2009 4:53:12 PM    162816    32    C:\Windows\System32\dnsapi.dll
4/14/2009 4:53:11 PM    24576    32    C:\Windows\System32\dnscacheugc.exe
4/14/2009 4:53:12 PM    83968    32    C:\Windows\System32\dnsrslvr.dll
4/14/2009 5:06:29 PM    260096    32    C:\Windows\System32\dpx.dll
4/14/2009 5:06:30 PM    101888    32    C:\Windows\System32\drvinst.exe
4/13/2009 6:14:38 PM    143360    32    C:\Windows\System32\dunzip32.dll
4/14/2009 5:20:56 PM    4096    32    C:\Windows\System32\dxmasf.dll
4/14/2009 5:29:54 PM    347136    32    C:\Windows\System32\dxtmsft.dll
4/14/2009 5:29:55 PM    214528    32    C:\Windows\System32\dxtrans.dll
4/14/2009 5:21:53 PM    428032    32    C:\Windows\System32\EncDec.dll
4/14/2009 5:06:25 PM    7168    32    C:\Windows\System32\f3ahvoas.dll
4/14/2009 5:33:40 PM    28672    32    C:\Windows\System32\FwRemoteSvr.dll
4/14/2009 5:26:04 PM    1687040    32    C:\Windows\System32\gameux.dll
4/14/2009 5:26:04 PM    4247552    32    C:\Windows\System32\GameUXLegacyGDFs.dll
4/14/2009 5:27:48 PM    297472    32    C:\Windows\System32\gdi32.dll
4/14/2009 5:29:47 PM    63488    32    C:\Windows\System32\icardie.dll
4/14/2009 5:29:43 PM    70656    32    C:\Windows\System32\ie4uinit.exe
4/14/2009 5:29:56 PM    383488    32    C:\Windows\System32\ieapfltr.dll
4/14/2009 5:29:52 PM    6066688    32    C:\Windows\System32\ieframe.dll
4/14/2009 5:29:43 PM    44544    32    C:\Windows\System32\iernonce.dll
4/14/2009 5:29:44 PM    267776    32    C:\Windows\System32\iertutil.dll
4/14/2009 5:29:43 PM    56320    32    C:\Windows\System32\iesetup.dll
4/14/2009 5:29:53 PM    180736    32    C:\Windows\System32\ieui.dll
4/14/2009 5:29:45 PM    26624    32    C:\Windows\System32\ieUnatt.exe
4/14/2009 4:50:42 PM    737792    32    C:\Windows\System32\inetcomm.dll
4/14/2009 5:29:47 PM    1831424    32    C:\Windows\System32\inetcpl.cpl
4/14/2009 4:50:42 PM    84480    32    C:\Windows\System32\INETRES.dll
4/14/2009 5:33:40 PM    361984    32    C:\Windows\System32\IPSECSVC.DLL
4/14/2009 5:29:55 PM    27648    32    C:\Windows\System32\jsproxy.dll
4/14/2009 5:06:29 PM    6656    32    C:\Windows\System32\kbd106n.dll
4/14/2009 5:06:32 PM    19000    32    C:\Windows\System32\kd1394.dll
4/14/2009 5:00:20 PM    9728    32    C:\Windows\System32\LAPRXY.DLL
4/14/2009 5:06:28 PM    115200    32    C:\Windows\System32\loadperf.dll
4/14/2009 5:06:28 PM    39424    32    C:\Windows\System32\lodctr.exe
4/14/2009 4:51:50 PM    94720    32    C:\Windows\System32\logagent.exe
4/14/2009 4:58:27 PM    268288    32    C:\Windows\System32\mcbuilder.exe
4/14/2009 5:21:53 PM    1244672    32    C:\Windows\System32\mcmde.dll
4/14/2009 4:51:52 PM    2855424    32    C:\Windows\System32\mf.dll
4/14/2009 4:51:52 PM    2048    32    C:\Windows\System32\mferror.dll
4/14/2009 4:51:52 PM    24576    32    C:\Windows\System32\mfpmp.exe
4/14/2009 4:51:52 PM    98816    32    C:\Windows\System32\mfps.dll
4/14/2009 5:21:52 PM    68608    32    C:\Windows\System32\Mpeg2Data.ax
4/14/2009 5:21:53 PM    177152    32    C:\Windows\System32\mpg2splt.ax
4/14/2009 6:52:43 PM    282112    32    C:\Windows\System32\mscoree.dll
4/14/2009 6:52:42 PM    158720    32    C:\Windows\System32\mscorier.dll
4/14/2009 6:52:42 PM    83968    32    C:\Windows\System32\mscories.dll
4/14/2009 5:21:51 PM    57856    32    C:\Windows\System32\MSDvbNP.ax
4/14/2009 5:20:55 PM    4096    32    C:\Windows\System32\msdxm.ocx
4/14/2009 5:29:53 PM    459264    32    C:\Windows\System32\msfeeds.dll
4/14/2009 5:29:50 PM    3594752    32    C:\Windows\System32\mshtml.dll
4/14/2009 5:29:49 PM    1383424    32    C:\Windows\System32\mshtml.tlb
4/14/2009 5:29:50 PM    477696    32    C:\Windows\System32\mshtmled.dll
4/14/2009 5:21:52 PM    80896    32    C:\Windows\System32\MSNP.ax
4/14/2009 5:29:48 PM    671232    32    C:\Windows\System32\mstime.dll
4/14/2009 5:24:49 PM    1194496    32    C:\Windows\System32\msxml3.dll
4/14/2009 5:24:48 PM    2048    32    C:\Windows\System32\msxml3r.dll
4/14/2009 4:45:20 PM    1341440    32    C:\Windows\System32\msxml6.dll
4/14/2009 4:45:20 PM    2048    32    C:\Windows\System32\msxml6r.dll
4/14/2009 5:16:03 PM    797696    32    C:\Windows\System32\NaturalLanguage6.dll
4/14/2009 5:24:12 PM    425472    32    C:\Windows\System32\netapi32.dll
4/14/2009 5:16:56 PM    24064    32    C:\Windows\System32\netcfg.exe
4/14/2009 6:52:47 PM    41984    32    C:\Windows\System32\netfxperf.dll
4/14/2009 5:16:55 PM    22016    32    C:\Windows\System32\netiougc.exe
4/14/2009 5:16:10 PM    1523200    32    C:\Windows\System32\NlsData0000.dll
4/14/2009 5:16:10 PM    2597888    32    C:\Windows\System32\NlsData0001.dll
4/14/2009 5:16:10 PM    1963520    32    C:\Windows\System32\NlsData0002.dll
4/14/2009 5:16:09 PM    1963520    32    C:\Windows\System32\NlsData0003.dll
4/14/2009 5:16:09 PM    2241024    32    C:\Windows\System32\NlsData0007.dll
4/14/2009 5:16:08 PM    4874240    32    C:\Windows\System32\NlsData0009.dll
4/14/2009 5:16:05 PM    9845248    32    C:\Windows\System32\NlsData000a.dll
4/14/2009 5:16:05 PM    2641408    32    C:\Windows\System32\NlsData000c.dll
4/14/2009 5:16:05 PM    2340864    32    C:\Windows\System32\NlsData000d.dll
4/14/2009 5:16:04 PM    1963520    32    C:\Windows\System32\NlsData000f.dll
4/14/2009 5:16:11 PM    4493312    32    C:\Windows\System32\NlsData0010.dll
4/14/2009 5:16:11 PM    2655232    32    C:\Windows\System32\NlsData0011.dll
4/14/2009 5:16:11 PM    3464704    32    C:\Windows\System32\NlsData0013.dll
4/14/2009 5:16:11 PM    1963520    32    C:\Windows\System32\NlsData0018.dll
4/14/2009 5:16:10 PM    4495360    32    C:\Windows\System32\NlsData0019.dll
4/14/2009 5:16:06 PM    1963520    32    C:\Windows\System32\NlsData001a.dll
4/14/2009 5:16:06 PM    1963520    32    C:\Windows\System32\NlsData001b.dll
4/14/2009 5:16:06 PM    4493312    32    C:\Windows\System32\NlsData001d.dll
4/14/2009 5:16:13 PM    3102720    32    C:\Windows\System32\NlsData0020.dll
4/14/2009 5:16:13 PM    1799168    32    C:\Windows\System32\NlsData0021.dll
4/14/2009 5:16:12 PM    1799168    32    C:\Windows\System32\NlsData0022.dll
4/14/2009 5:16:12 PM    1963520    32    C:\Windows\System32\NlsData0024.dll
4/14/2009 5:16:12 PM    1963520    32    C:\Windows\System32\NlsData0026.dll
4/14/2009 5:16:12 PM    1965056    32    C:\Windows\System32\NlsData0027.dll
4/14/2009 5:16:06 PM    1799168    32    C:\Windows\System32\NlsData002a.dll
4/14/2009 5:16:13 PM    3102720    32    C:\Windows\System32\NlsData0039.dll
4/14/2009 5:16:07 PM    1799168    32    C:\Windows\System32\NlsData003e.dll
4/14/2009 5:16:15 PM    3102720    32    C:\Windows\System32\NlsData0045.dll
4/14/2009 5:16:14 PM    3102720    32    C:\Windows\System32\NlsData0046.dll
4/14/2009 5:16:14 PM    3102720    32    C:\Windows\System32\NlsData0047.dll
4/14/2009 5:16:14 PM    3102720    32    C:\Windows\System32\NlsData0049.dll
4/14/2009 5:16:08 PM    3102720    32    C:\Windows\System32\NlsData004a.dll
4/14/2009 5:16:08 PM    3102720    32    C:\Windows\System32\NlsData004b.dll
4/14/2009 5:16:07 PM    3102720    32    C:\Windows\System32\NlsData004c.dll
4/14/2009 5:16:07 PM    3102720    32    C:\Windows\System32\NlsData004e.dll
4/14/2009 5:16:04 PM    4493312    32    C:\Windows\System32\NlsData0414.dll
4/14/2009 5:16:04 PM    4493312    32    C:\Windows\System32\NlsData0416.dll
4/14/2009 5:16:03 PM    4493312    32    C:\Windows\System32\NlsData0816.dll
4/14/2009 5:16:03 PM    1963520    32    C:\Windows\System32\NlsData081a.dll
4/14/2009 5:16:02 PM    1963520    32    C:\Windows\System32\NlsData0c1a.dll
4/14/2009 5:16:25 PM    11722752    32    C:\Windows\System32\NlsLexicons0001.dll
4/14/2009 5:16:25 PM    4164096    32    C:\Windows\System32\NlsLexicons0002.dll
4/14/2009 5:16:24 PM    1452544    32    C:\Windows\System32\NlsLexicons0003.dll
4/14/2009 5:16:23 PM    12240896    32    C:\Windows\System32\NlsLexicons0007.dll
4/14/2009 5:16:23 PM    2644480    32    C:\Windows\System32\NlsLexicons0009.dll
4/14/2009 5:16:19 PM    9892864    32    C:\Windows\System32\NlsLexicons000a.dll
4/14/2009 5:16:18 PM    6237696    32    C:\Windows\System32\NlsLexicons000c.dll
4/14/2009 5:16:18 PM    1722368    32    C:\Windows\System32\NlsLexicons000d.dll
4/14/2009 5:16:17 PM    5654528    32    C:\Windows\System32\NlsLexicons000f.dll
4/14/2009 5:16:27 PM    4175872    32    C:\Windows\System32\NlsLexicons0010.dll
4/14/2009 5:16:27 PM    2466816    32    C:\Windows\System32\NlsLexicons0011.dll
4/14/2009 5:16:26 PM    4981248    32    C:\Windows\System32\NlsLexicons0013.dll
4/14/2009 5:16:26 PM    3331072    32    C:\Windows\System32\NlsLexicons0018.dll
4/14/2009 5:16:26 PM    6781440    32    C:\Windows\System32\NlsLexicons0019.dll
4/14/2009 5:16:20 PM    6014976    32    C:\Windows\System32\NlsLexicons001a.dll
4/14/2009 5:16:20 PM    6585856    32    C:\Windows\System32\NlsLexicons001b.dll
4/14/2009 5:16:19 PM    6346240    32    C:\Windows\System32\NlsLexicons001d.dll
4/14/2009 5:16:30 PM    1236992    32    C:\Windows\System32\NlsLexicons0020.dll
4/14/2009 5:16:30 PM    2136064    32    C:\Windows\System32\NlsLexicons0021.dll
4/14/2009 5:16:29 PM    5499904    32    C:\Windows\System32\NlsLexicons0022.dll
4/14/2009 5:16:28 PM    7964672    32    C:\Windows\System32\NlsLexicons0024.dll
4/14/2009 5:16:28 PM    5791232    32    C:\Windows\System32\NlsLexicons0026.dll
4/14/2009 5:16:28 PM    6224896    32    C:\Windows\System32\NlsLexicons0027.dll
4/14/2009 5:16:21 PM    4096    32    C:\Windows\System32\NlsLexicons002a.dll
4/14/2009 5:16:30 PM    1782272    32    C:\Windows\System32\NlsLexicons0039.dll
4/14/2009 5:16:21 PM    4045824    32    C:\Windows\System32\NlsLexicons003e.dll
4/14/2009 5:16:31 PM    1793536    32    C:\Windows\System32\NlsLexicons0045.dll
4/14/2009 5:16:31 PM    1808896    32    C:\Windows\System32\NlsLexicons0046.dll
4/14/2009 5:16:31 PM    1411072    32    C:\Windows\System32\NlsLexicons0047.dll
4/14/2009 5:16:31 PM    1558016    32    C:\Windows\System32\NlsLexicons0049.dll
4/14/2009 5:16:23 PM    3419136    32    C:\Windows\System32\NlsLexicons004a.dll
4/14/2009 5:16:22 PM    1702912    32    C:\Windows\System32\NlsLexicons004b.dll
4/14/2009 5:16:22 PM    4093440    32    C:\Windows\System32\NlsLexicons004c.dll
4/14/2009 5:16:22 PM    1972736    32    C:\Windows\System32\NlsLexicons004e.dll
4/14/2009 5:16:17 PM    4616192    32    C:\Windows\System32\NlsLexicons0414.dll
4/14/2009 5:16:16 PM    5090816    32    C:\Windows\System32\NlsLexicons0416.dll
4/14/2009 5:16:16 PM    5031936    32    C:\Windows\System32\NlsLexicons0816.dll
4/14/2009 5:16:15 PM    7042560    32    C:\Windows\System32\NlsLexicons081a.dll
4/14/2009 5:16:02 PM    6917120    32    C:\Windows\System32\NlsLexicons0c1a.dll
4/14/2009 5:16:15 PM    5071872    32    C:\Windows\System32\NlsModels0011.dll
4/14/2009 5:06:29 PM    23552    32    C:\Windows\System32\nshhttp.dll
4/14/2009 4:46:22 PM    3505208    32    C:\Windows\System32\ntkrnlpa.exe
4/14/2009 4:46:21 PM    3470904    32    C:\Windows\System32\ntoskrnl.exe
4/14/2009 5:06:29 PM    558080    32    C:\Windows\System32\oleaut32.dll
4/14/2009 4:56:40 PM    425472    32    C:\Windows\System32\PhotoMetadataHandler.dll
4/14/2009 5:32:02 PM    704000    32    C:\Windows\System32\PhotoScreensaver.scr
4/14/2009 5:29:44 PM    44544    32    C:\Windows\System32\pngfilt.dll
4/14/2009 5:33:40 PM    272896    32    C:\Windows\System32\polstore.dll
4/14/2009 4:46:40 PM    99840    32    C:\Windows\System32\poqexec.exe
4/14/2009 5:32:52 PM    241152    32    C:\Windows\System32\PortableDeviceApi.dll
4/14/2009 5:32:52 PM    95232    32    C:\Windows\System32\PortableDeviceClassExtension.dll
4/14/2009 5:32:51 PM    160768    32    C:\Windows\System32\PortableDeviceTypes.dll
4/14/2009 5:06:28 PM    17408    32    C:\Windows\System32\prflbmsg.dll
4/14/2009 4:55:28 PM    37376    32    C:\Windows\System32\printcom.dll
4/14/2009 5:21:52 PM    292352    32    C:\Windows\System32\psisdecd.dll
4/14/2009 5:21:52 PM    217088    32    C:\Windows\System32\psisrndr.ax
4/14/2009 4:49:44 PM    1327616    32    C:\Windows\System32\quartz.dll
4/14/2009 4:51:52 PM    52736    32    C:\Windows\System32\rrinstaller.exe
4/14/2009 5:06:33 PM    313856    32    C:\Windows\System32\rstrui.exe
4/14/2009 4:54:30 PM    11776    32    C:\Windows\System32\sbunattend.exe
4/14/2009 4:52:44 PM    269824    32    C:\Windows\System32\schannel.dll
4/14/2009 5:06:27 PM    595456    32    C:\Windows\System32\schedsvc.dll
4/14/2009 5:07:57 PM    1585664    32    C:\Windows\System32\setupapi.dll
4/14/2009 5:19:37 PM    11315712    32    C:\Windows\System32\shell32.dll
4/14/2009 4:58:27 PM    223232    32    C:\Windows\System32\SLC.dll
4/14/2009 4:58:14 PM    39936    32    C:\Windows\System32\slcinst.dll
4/14/2009 4:58:20 PM    566784    32    C:\Windows\System32\SLCommDlg.dll
4/14/2009 4:58:18 PM    186368    32    C:\Windows\System32\SLLUA.exe
4/14/2009 4:58:14 PM    2605568    32    C:\Windows\System32\SLsvc.exe
4/14/2009 4:58:19 PM    351232    32    C:\Windows\System32\SLUI.exe
4/14/2009 4:58:17 PM    57856    32    C:\Windows\System32\SLUINotify.dll
4/14/2009 4:58:24 PM    33280    32    C:\Windows\System32\slwmi.dll
4/14/2009 5:20:56 PM    7680    32    C:\Windows\System32\spwmp.dll
4/14/2009 5:06:33 PM    40960    32    C:\Windows\System32\srclient.dll
4/14/2009 5:06:33 PM    371712    32    C:\Windows\System32\srcore.dll
4/14/2009 5:06:33 PM    16384    32    C:\Windows\System32\srdelayed.exe
4/14/2009 5:31:56 PM    542720    32    C:\Windows\System32\sysmain.dll
4/14/2009 5:16:56 PM    167424    32    C:\Windows\System32\tcpipcfg.dll
4/14/2009 5:31:55 PM    714240    32    C:\Windows\System32\timedate.cpl
4/14/2009 5:23:30 PM    2048    32    C:\Windows\System32\tzres.dll
4/14/2009 5:06:30 PM    221696    32    C:\Windows\System32\umpnpmgr.dll
4/14/2009 5:06:28 PM    32256    32    C:\Windows\System32\unlodctr.exe
4/14/2009 5:29:44 PM    1160192    32    C:\Windows\System32\urlmon.dll
4/14/2009 5:31:09 PM    194560    32    C:\Windows\System32\WebClnt.dll
4/14/2009 4:49:01 PM    2028032    32    C:\Windows\System32\win32k.sys
4/14/2009 4:55:28 PM    441856    32    C:\Windows\System32\win32spl.dll
4/14/2009 4:56:40 PM    712192    32    C:\Windows\System32\WindowsCodecs.dll
4/14/2009 4:56:39 PM    347136    32    C:\Windows\System32\WindowsCodecsExt.dll
4/14/2009 5:29:55 PM    826368    32    C:\Windows\System32\wininet.dll
4/14/2009 5:33:40 PM    61440    32    C:\Windows\System32\winipsec.dll
4/14/2009 5:06:32 PM    944184    32    C:\Windows\System32\winload.exe
4/14/2009 5:06:32 PM    905400    32    C:\Windows\System32\winresume.exe
4/14/2009 5:31:54 PM    1652417    32    C:\Windows\System32\wlan.tmf
4/14/2009 5:31:53 PM    47104    32    C:\Windows\System32\wlanapi.dll
4/14/2009 5:31:53 PM    67584    32    C:\Windows\System32\wlanhlp.dll
4/14/2009 5:31:53 PM    289280    32    C:\Windows\System32\wlanmsm.dll
4/14/2009 5:31:53 PM    299008    32    C:\Windows\System32\wlansec.dll
4/14/2009 5:31:53 PM    502784    32    C:\Windows\System32\wlansvc.dll
4/14/2009 5:00:20 PM    223232    32    C:\Windows\System32\WMASF.DLL
4/14/2009 4:51:50 PM    996352    32    C:\Windows\System32\WMNetMgr.dll
4/14/2009 5:20:57 PM    10619904    32    C:\Windows\System32\wmp.dll
4/14/2009 5:25:21 PM    303616    32    C:\Windows\System32\wmpeffects.dll
4/14/2009 5:20:57 PM    8147968    32    C:\Windows\System32\wmploc.DLL
4/14/2009 4:51:49 PM    2433536    32    C:\Windows\System32\WMVCORE.DLL
4/14/2009 5:06:32 PM    613888    32    C:\Windows\System32\wpd_ci.dll
4/14/2009 4:55:04 PM    14848    32    C:\Windows\System32\wshrm.dll
4/14/2009 5:32:00 PM    24064    32    C:\Windows\System32\wtsapi32.dll
4/13/2009 5:51:53 PM    561688    32    C:\Windows\System32\wuapi.dll
4/13/2009 5:51:00 PM    31232    32    C:\Windows\System32\wuapp.exe
4/13/2009 5:53:38 PM    51224    32    C:\Windows\System32\wuauclt.exe
4/13/2009 5:53:38 PM    1809944    32    C:\Windows\System32\wuaueng.dll
4/13/2009 5:53:38 PM    1524736    32    C:\Windows\System32\wucltux.dll
4/13/2009 5:51:54 PM    83456    32    C:\Windows\System32\wudriver.dll
4/13/2009 5:51:54 PM    34328    32    C:\Windows\System32\wups.dll
4/13/2009 5:53:38 PM    43544    32    C:\Windows\System32\wups2.dll
4/13/2009 5:51:01 PM    162064    32    C:\Windows\System32\wuwebv.dll
====== Files under "\Administrator\Startup" Last 60 Days======
 
====== Files under "\All Users\Startup" Last 60 Days======

====== Folders under "\Program Files" Last 60 Days======
4/13/2009 6:38:03 PM    4161305    C:\Program Files\Malwarebytes' Anti-Malware
4/13/2009 6:38:05 PM    372758    C:\Program Files\Malwarebytes' Anti-Malware\Languages
4/14/2009 4:47:58 PM    0    C:\Program Files\MSXML 4.0
4/13/2009 6:55:14 PM    411942    C:\Program Files\Trend Micro
4/13/2009 6:55:14 PM    411942    C:\Program Files\Trend Micro\HijackThis
====== Files under "\System32\Drivers" Last 60 Days======
4/14/2009 5:31:59 PM    258232    32    C:\Windows\System32\drivers\acpi.sys
4/14/2009 5:18:15 PM    21560    32    C:\Windows\System32\drivers\atapi.sys
4/14/2009 5:18:15 PM    110136    32    C:\Windows\System32\drivers\ataport.sys
4/14/2009 5:31:58 PM    28344    32    C:\Windows\System32\drivers\battc.sys
4/14/2009 5:31:58 PM    14208    32    C:\Windows\System32\drivers\CmBatt.sys
4/14/2009 5:31:59 PM    20920    32    C:\Windows\System32\drivers\compbatt.sys
4/14/2009 5:06:24 PM    54784    32    C:\Windows\System32\drivers\i8042prt.sys
4/14/2009 5:06:24 PM    35384    32    C:\Windows\System32\drivers\kbdclass.sys
4/13/2009 6:38:10 PM    15504    32    C:\Windows\System32\drivers\mbam.sys
4/13/2009 6:38:07 PM    38496    32    C:\Windows\System32\drivers\mbamswissarmy.sys
4/14/2009 5:27:15 PM    41984    32    C:\Windows\System32\drivers\monitor.sys
4/14/2009 5:06:25 PM    34360    32    C:\Windows\System32\drivers\mouclass.sys
4/14/2009 5:31:09 PM    110080    32    C:\Windows\System32\drivers\mrxdav.sys
4/14/2009 4:51:09 PM    101888    32    C:\Windows\System32\drivers\mrxsmb.sys
4/14/2009 5:26:45 PM    211456    32    C:\Windows\System32\drivers\mrxsmb10.sys
4/14/2009 4:51:09 PM    58368    32    C:\Windows\System32\drivers\mrxsmb20.sys
4/14/2009 5:16:56 PM    217144    32    C:\Windows\System32\drivers\netio.sys
4/14/2009 5:27:15 PM    1060920    32    C:\Windows\System32\drivers\ntfs.sys
4/14/2009 5:18:14 PM    154624    32    C:\Windows\System32\drivers\nwifi.sys
4/14/2009 5:18:15 PM    15928    32    C:\Windows\System32\drivers\pciide.sys
4/14/2009 5:18:15 PM    45112    32    C:\Windows\System32\drivers\pciidex.sys
4/14/2009 4:55:04 PM    113664    32    C:\Windows\System32\drivers\rmcast.sys
4/14/2009 5:06:25 PM    19968    32    C:\Windows\System32\drivers\sermouse.sys
4/14/2009 4:53:29 PM    290304    32    C:\Windows\System32\drivers\srv.sys
4/14/2009 4:51:09 PM    130048    32    C:\Windows\System32\drivers\srv2.sys
4/14/2009 4:51:09 PM    84992    32    C:\Windows\System32\drivers\srvnet.sys
4/14/2009 5:16:55 PM    806400    32    C:\Windows\System32\drivers\tcpip.sys
4/14/2009 5:18:14 PM    211000    32    C:\Windows\System32\drivers\volsnap.sys
4/14/2009 5:06:26 PM    495160    32    C:\Windows\System32\drivers\Wdf01000.sys
4/14/2009 5:06:26 PM    35384    32    C:\Windows\System32\drivers\WdfLdr.sys
4/14/2009 5:31:59 PM    11264    32    C:\Windows\System32\drivers\wmiacpi.sys
====== Files Deleted under "%Temp%" ======
C:\Users\vivian\AppData\Local\Temp\vivian.bmp
C:\Users\vivian\AppData\Local\Temp\~DFB9BB.tmp
2 Files deleted
====== Files and Folders under "All Users\Application Data" Last 60 Days======
 
====== Values under HKLM\Software\microsoft\shared tools\msconfig\startupreg ======
HKLM\Software\microsoft\shared tools\msconfig\startupreg\

====== Services ( Services that are Whitelisted are not shown) ======
ACPI (Microsoft ACPI Driver)- C:\Windows\system32\drivers\acpi.sys - Boot/Running
adp94xx (adp94xx)- C:\Windows\system32\drivers\adp94xx.sys - Disabled/Stopped
adpahci (adpahci)- C:\Windows\system32\drivers\adpahci.sys - Disabled/Stopped
adpu160m (adpu160m)- C:\Windows\system32\drivers\adpu160m.sys - Disabled/Stopped
adpu320 (adpu320)- C:\Windows\system32\drivers\adpu320.sys - Disabled/Stopped
AFD (Ancilliary Function Driver for Winsock)- C:\Windows\system32\drivers\afd.sys - System/Stopped
agp440 (Intel AGP Bus Filter)- C:\Windows\system32\drivers\agp440.sys - Manual/Stopped
aic78xx (aic78xx)- C:\Windows\system32\drivers\djsvs.sys - Disabled/Stopped
aliide (aliide)- C:\Windows\system32\drivers\aliide.sys - Disabled/Stopped
amdagp (AMD AGP Bus Filter Driver)- C:\Windows\system32\drivers\amdagp.sys - Manual/Stopped
amdide (amdide)- C:\Windows\system32\drivers\amdide.sys - Disabled/Stopped
AmdK7 (AMD K7 Processor Driver)- C:\Windows\system32\drivers\amdk7.sys - Disabled/Stopped
AmdK8 (AMD K8 Processor Driver)- C:\Windows\system32\DRIVERS\amdk8.sys - Manual/Stopped
arc (arc)- C:\Windows\system32\drivers\arc.sys - Disabled/Stopped
arcsas (arcsas)- C:\Windows\system32\drivers\arcsas.sys - Disabled/Stopped
AsyncMac (RAS Asynchronous Media Driver)- C:\Windows\system32\DRIVERS\asyncmac.sys - Manual/Stopped
atapi (IDE Channel)- C:\Windows\system32\drivers\atapi.sys - Boot/Running
AtiPcie (ATI PCI Express (3GIO) Filter)- C:\Windows\system32\DRIVERS\AtiPcie.sys - Boot/Running
BCM43XX (Dell Wireless WLAN Card Driver)- C:\Windows\system32\DRIVERS\bcmwl6.sys - Manual/Stopped
bcm4sbxp (Broadcom 440x 10/100 Integrated Controller XP Driver)- C:\Windows\system32\DRIVERS\bcm4sbxp.sys - Manual/Stopped
Beep (Beep)- C:\Windows\system32\drivers\Beep.sys - System/Running
bowser (Bowser)- C:\Windows\system32\DRIVERS\bowser.sys - Manual/Stopped
BrFiltLo (Brother USB Mass-Storage Lower Filter Driver)- C:\Windows\system32\drivers\brfiltlo.sys - Manual/Stopped
BrFiltUp (Brother USB Mass-Storage Upper Filter Driver)- C:\Windows\system32\drivers\brfiltup.sys - Manual/Stopped
Brserid (Brother MFC Serial Port Interface Driver (WDM))- C:\Windows\system32\drivers\brserid.sys - Disabled/Stopped
BrSerWdm (Brother WDM Serial driver)- C:\Windows\system32\drivers\brserwdm.sys - Disabled/Stopped
BrUsbMdm (Brother MFC USB Fax Only Modem)- C:\Windows\system32\drivers\brusbmdm.sys - Disabled/Stopped
BrUsbSer (Brother MFC USB Serial WDM Driver)- C:\Windows\system32\drivers\brusbser.sys - Manual/Stopped
BTHMODEM (Bluetooth Serial Communications Driver)- C:\Windows\system32\drivers\bthmodem.sys - Disabled/Stopped
cdfs (CD/DVD File System Reader)- C:\Windows\system32\DRIVERS\cdfs.sys - Disabled/Running
cdrom (CD-ROM Driver)- C:\Windows\system32\DRIVERS\cdrom.sys - System/Running
circlass (Consumer IR Devices)- C:\Windows\system32\drivers\circlass.sys - Disabled/Stopped
CLFS (Common Log (CLFS))- C:\Windows\system32\CLFS.sys - Boot/Running
CmBatt (Microsoft ACPI Control Method Battery Driver)- C:\Windows\system32\DRIVERS\CmBatt.sys - Manual/Stopped
cmdide (cmdide)- C:\Windows\system32\drivers\cmdide.sys - Disabled/Stopped
Compbatt (Microsoft Composite Battery Driver)- C:\Windows\system32\DRIVERS\compbatt.sys - Boot/Running
crcdisk (Crcdisk Filter Driver)- C:\Windows\system32\drivers\crcdisk.sys - Boot/Running
Crusoe (Transmeta Crusoe Processor Driver)- C:\Windows\system32\drivers\crusoe.sys - Disabled/Stopped
DfsC (Dfs Client Driver)- C:\Windows\system32\Drivers\dfsc.sys - System/Stopped
disk (Disk Driver)- C:\Windows\system32\drivers\disk.sys - Boot/Running
drmkaud (Microsoft Kernel DRM Audio Descrambler)- C:\Windows\system32\drivers\drmkaud.sys - Manual/Stopped
DXGKrnl (LDDM Graphics Subsystem)- C:\Windows\system32\drivers\dxgkrnl.sys - Manual/Stopped
e1express (Intel(R) PRO/1000 PCI Express Network Connection Driver)- C:\Windows\system32\DRIVERS\e1e6032.sys - Manual/Stopped
E1G60 (Intel(R) PRO/1000 NDIS 6 Adapter Driver)- C:\Windows\system32\DRIVERS\E1G60I32.sys - Manual/Stopped
Ecache (ReadyBoost Caching Driver)- C:\Windows\system32\drivers\ecache.sys - Boot/Running
elxstor (elxstor)- C:\Windows\system32\drivers\elxstor.sys - Disabled/Stopped
fastfat (FAT12/16/32 File System Driver)- C:\Windows\system32\drivers\fastfat.sys - Manual/Running
fdc (Floppy Disk Controller Driver)- C:\Windows\system32\DRIVERS\fdc.sys - Disabled/Stopped
FileInfo (File Information FS MiniFilter)- C:\Windows\system32\drivers\fileinfo.sys - Boot/Running
Filetrace (FileTrace)- C:\Windows\system32\drivers\filetrace.sys - Manual/Stopped
flpydisk (Floppy Disk Driver)- C:\Windows\system32\DRIVERS\flpydisk.sys - Disabled/Stopped
FltMgr (FltMgr)- C:\Windows\system32\drivers\fltmgr.sys - Boot/Running
gagp30kx (Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms)- C:\Windows\system32\drivers\gagp30kx.sys - Manual/Stopped
HdAudAddService (Microsoft 1.1 UAA Function Driver for High Definition Audio Service)- C:\Windows\system32\drivers\HdAudio.sys - Manual/Stopped
HDAudBus (Microsoft UAA Bus Driver for High Definition Audio)- C:\Windows\system32\DRIVERS\HDAudBus.sys - Manual/Running
HidBth (Microsoft Bluetooth HID Miniport)- C:\Windows\system32\drivers\hidbth.sys - Disabled/Stopped
HidIr (Microsoft Infrared HID Driver)- C:\Windows\system32\drivers\hidir.sys - Disabled/Stopped
HidUsb (Microsoft HID Class Driver)- C:\Windows\system32\DRIVERS\hidusb.sys - Disabled/Stopped
HpCISSs (HpCISSs)- C:\Windows\system32\drivers\hpcisss.sys - Disabled/Stopped
HSF_DPV (HSF_DPV)- C:\Windows\system32\DRIVERS\HSX_DPV.sys - Manual/Stopped
HSXHWAZL (HSXHWAZL)- C:\Windows\system32\DRIVERS\HSXHWAZL.sys - Manual/Stopped
HTTP (HTTP)- C:\Windows\system32\drivers\HTTP.sys - Manual/Stopped
i2omp (i2omp)- C:\Windows\system32\drivers\i2omp.sys - Disabled/Stopped
i8042prt (i8042 Keyboard and PS/2 Mouse Port Driver)- C:\Windows\system32\DRIVERS\i8042prt.sys - System/Running
iaStorV (Intel RAID Controller Vista)- C:\Windows\system32\drivers\iastorv.sys - Disabled/Stopped
iirsp (iirsp)- C:\Windows\system32\drivers\iirsp.sys - Disabled/Stopped
intelide (intelide)- C:\Windows\system32\drivers\intelide.sys - Disabled/Stopped
intelppm (Intel Processor Driver)- C:\Windows\system32\DRIVERS\intelppm.sys - Disabled/Stopped
IpFilterDriver (IP Traffic Filter Driver)- C:\Windows\system32\DRIVERS\ipfltdrv.sys - Manual/Stopped
IPMIDRV (IPMIDRV)- C:\Windows\system32\drivers\ipmidrv.sys - Disabled/Stopped
IPNAT (IP Network Address Translator)- C:\Windows\system32\DRIVERS\ipnat.sys - Manual/Stopped
IRENUM (IR Bus Enumerator)- C:\Windows\system32\drivers\irenum.sys - Manual/Stopped
isapnp (PnP ISA/EISA Bus Driver)- C:\Windows\system32\drivers\isapnp.sys - Disabled/Stopped
iScsiPrt (iScsiPort Driver)- C:\Windows\system32\DRIVERS\msiscsi.sys - Manual/Running
iteatapi (ITEATAPI_Service_Install)- C:\Windows\system32\drivers\iteatapi.sys - Disabled/Stopped
iteraid (ITERAID_Service_Install)- C:\Windows\system32\drivers\iteraid.sys - Disabled/Stopped
kbdclass (Keyboard Class Driver)- C:\Windows\system32\DRIVERS\kbdclass.sys - System/Running
kbdhid (Keyboard HID Driver)- C:\Windows\system32\DRIVERS\kbdhid.sys - Disabled/Stopped
KSecDD (KSecDD)- C:\Windows\system32\Drivers\ksecdd.sys - Boot/Running
lltdio (Link-Layer Topology Discovery Mapper I/O Driver)- C:\Windows\system32\DRIVERS\lltdio.sys - Auto/Stopped
LSI_FC (LSI_FC)- C:\Windows\system32\drivers\lsi_fc.sys - Disabled/Stopped
LSI_SAS (LSI_SAS)- C:\Windows\system32\drivers\lsi_sas.sys - Disabled/Stopped
LSI_SCSI (LSI_SCSI)- C:\Windows\system32\drivers\lsi_scsi.sys - Disabled/Stopped
luafv (UAC File Virtualization)- C:\Windows\system32\drivers\luafv.sys - Auto/Stopped
mdmxsdk (mdmxsdk)- C:\Windows\system32\DRIVERS\mdmxsdk.sys - Auto/Stopped
megasas (megasas)- C:\Windows\system32\drivers\megasas.sys - Disabled/Stopped
mfeavfk (McAfee Inc. mfeavfk)- C:\Windows\system32\drivers\mfeavfk.sys - Manual/Stopped
mfebopk (McAfee Inc. mfebopk)- C:\Windows\system32\drivers\mfebopk.sys - Manual/Stopped
mfehidk (McAfee Inc. mfehidk)- C:\Windows\system32\drivers\mfehidk.sys - System/Stopped
mferkdk (McAfee Inc. mferkdk)- C:\Windows\system32\drivers\mferkdk.sys - Manual/Stopped
mfesmfk (McAfee Inc. mfesmfk)- C:\Windows\system32\drivers\mfesmfk.sys - Manual/Stopped
Modem (Modem)- C:\Windows\system32\drivers\modem.sys - Manual/Stopped
monitor (Microsoft Monitor Class Function Driver Service)- C:\Windows\system32\DRIVERS\monitor.sys - Manual/Stopped
mouclass (Mouse Class Driver)- C:\Windows\system32\DRIVERS\mouclass.sys - System/Running
mouhid (Mouse HID Driver)- C:\Windows\system32\DRIVERS\mouhid.sys - Disabled/Stopped
MountMgr (Mount Point Manager)- C:\Windows\system32\drivers\mountmgr.sys - Boot/Running
MPFP (MPFP)- C:\Windows\system32\Drivers\Mpfp.sys - System/Stopped
mpio (Microsoft Multi-Path Bus Driver)- C:\Windows\system32\drivers\mpio.sys - Disabled/Stopped
mpsdrv (Windows Firewall Authorization Driver)- C:\Windows\system32\drivers\mpsdrv.sys - Manual/Stopped
Mraid35x (Mraid35x)- C:\Windows\system32\drivers\mraid35x.sys - Disabled/Stopped
MRxDAV (WebDav Client Redirector Driver)- C:\Windows\system32\drivers\mrxdav.sys - Manual/Stopped
mrxsmb (SMB MiniRedirector Wrapper and Engine)- C:\Windows\system32\DRIVERS\mrxsmb.sys - Manual/Stopped
mrxsmb10 (SMB 1.x MiniRedirector)- C:\Windows\system32\DRIVERS\mrxsmb10.sys - Manual/Stopped
mrxsmb20 (SMB 2.0 MiniRedirector)- C:\Windows\system32\DRIVERS\mrxsmb20.sys - Manual/Stopped
msahci (msahci)- C:\Windows\system32\drivers\msahci.sys - Disabled/Stopped
msdsm (Microsoft Multi-Path Device Specific Module)- C:\Windows\system32\drivers\msdsm.sys - Disabled/Stopped
Msfs (Msfs)- C:\Windows\system32\drivers\Msfs.sys - System/Running
msisadrv (ISA/EISA Class Driver)- C:\Windows\system32\drivers\msisadrv.sys - Boot/Running
MSKSSRV (Microsoft Streaming Service Proxy)- C:\Windows\system32\drivers\MSKSSRV.sys - Manual/Stopped
MSPCLOCK (Microsoft Streaming Clock Proxy)- C:\Windows\system32\drivers\MSPCLOCK.sys - Manual/Stopped
MSPQM (Microsoft Streaming Quality Manager Proxy)- C:\Windows\system32\drivers\MSPQM.sys - Manual/Stopped
MsRPC (MsRPC)- C:\Windows\system32\drivers\MsRPC.sys - Manual/Stopped
mssmbios (Microsoft System Management BIOS Driver)- C:\Windows\system32\DRIVERS\mssmbios.sys - Manual/Running
MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter)- C:\Windows\system32\drivers\MSTEE.sys - Manual/Stopped
Mup (Mup)- C:\Windows\system32\Drivers\mup.sys - Boot/Running
NativeWifiP (NativeWiFi Filter)- C:\Windows\system32\DRIVERS\nwifi.sys - Manual/Stopped
NDIS (NDIS System Driver)- C:\Windows\system32\drivers\ndis.sys - Boot/Running
NdisTapi (Remote Access NDIS TAPI Driver)- C:\Windows\system32\DRIVERS\ndistapi.sys - Manual/Stopped
Ndisuio (NDIS Usermode I/O Protocol)- C:\Windows\system32\DRIVERS\ndisuio.sys - Manual/Stopped
NdisWan (Remote Access NDIS WAN Driver)- C:\Windows\system32\DRIVERS\ndiswan.sys - Manual/Stopped
NDProxy (NDIS Proxy)- C:\Windows\system32\drivers\NDProxy.sys - Manual/Stopped
NetBIOS (NetBIOS Interface)- C:\Windows\system32\DRIVERS\netbios.sys - System/Stopped
netbt (NETBT)- C:\Windows\system32\DRIVERS\netbt.sys - System/Stopped
nfrd960 (nfrd960)- C:\Windows\system32\drivers\nfrd960.sys - Disabled/Stopped
Npfs (Npfs)- C:\Windows\system32\drivers\Npfs.sys - System/Running
nsiproxy (NSI proxy service)- C:\Windows\system32\drivers\nsiproxy.sys - System/Stopped
Ntfs (Ntfs)- C:\Windows\system32\drivers\Ntfs.sys - Manual/Running
ntrigdigi (N-trig HID Tablet Driver)- C:\Windows\system32\drivers\ntrigdigi.sys - Disabled/Stopped
Null (Null)- C:\Windows\system32\drivers\Null.sys - System/Running
nvraid (nvraid)- C:\Windows\system32\drivers\nvraid.sys - Disabled/Stopped
nvstor (nvstor)- C:\Windows\system32\drivers\nvstor.sys - Disabled/Stopped
nv_agp (NVIDIA nForce AGP Bus Filter)- C:\Windows\system32\drivers\nv_agp.sys - Manual/Stopped
ohci1394 (NEC FireWarden OHCI Compliant IEEE 1394 Host Controller)- C:\Windows\system32\drivers\ohci1394.sys - Disabled/Stopped
Parport (Parallel port driver)- C:\Windows\system32\drivers\parport.sys - Disabled/Stopped
partmgr (Partition Manager)- C:\Windows\system32\drivers\partmgr.sys - Boot/Running
Parvdm (Parvdm)- C:\Windows\system32\drivers\parvdm.sys - Auto/Stopped
pci (PCI Bus Driver)- C:\Windows\system32\drivers\pci.sys - Boot/Running
pciide (pciide)- C:\Windows\system32\drivers\pciide.sys - Boot/Running
pcmcia (pcmcia)- C:\Windows\system32\drivers\pcmcia.sys - Disabled/Stopped
PEAUTH (PEAUTH)- C:\Windows\system32\drivers\peauth.sys - Auto/Stopped
PptpMiniport (WAN Miniport (PPTP))- C:\Windows\system32\DRIVERS\raspptp.sys - Manual/Stopped
Processor (Processor Driver)- C:\Windows\system32\drivers\processr.sys - Disabled/Stopped
PSched (QoS Packet Scheduler)- C:\Windows\system32\DRIVERS\pacer.sys - System/Stopped
PxHelp20 (PxHelp20)- C:\Windows\system32\Drivers\PxHelp20.sys - Boot/Running
ql2300 (QLogic Fibre Channel Miniport Driver)- C:\Windows\system32\drivers\ql2300.sys - Disabled/Stopped
ql40xx (QLogic iSCSI Miniport Driver)- C:\Windows\system32\drivers\ql40xx.sys - Disabled/Stopped
QWAVEdrv (QWAVE driver)- C:\Windows\system32\drivers\qwavedrv.sys - Manual/Stopped
R300 (R300)- C:\Windows\system32\DRIVERS\atikmdag.sys - Manual/Stopped
RasAcd (Remote Access Auto Connection Driver)- C:\Windows\system32\DRIVERS\rasacd.sys - System/Stopped
Rasl2tp (WAN Miniport (L2TP))- C:\Windows\system32\DRIVERS\rasl2tp.sys - Manual/Stopped
RasPppoe (Remote Access PPPOE Driver)- C:\Windows\system32\DRIVERS\raspppoe.sys - Manual/Stopped
rdbss (Redirected Buffering Sub Sysytem)- C:\Windows\system32\DRIVERS\rdbss.sys - System/Stopped
RDPCDD (RDPCDD)- C:\Windows\system32\DRIVERS\RDPCDD.sys - System/Stopped
rdpdr (Terminal Server Device Redirector Driver)- C:\Windows\system32\drivers\rdpdr.sys - Disabled/Stopped
RDPENCDD (RDP Encoder Mirror Driver)- C:\Windows\system32\drivers\rdpencdd.sys - System/Stopped
RDPWD (RDP Winstation Driver)- C:\Windows\system32\drivers\RDPWD.sys - Manual/Stopped
rimmptsk (rimmptsk)- C:\Windows\system32\DRIVERS\rimmptsk.sys - Auto/Running
rimsptsk (rimsptsk)- C:\Windows\system32\drivers\rimsptsk.sys - Disabled/Stopped
rismxdp (Ricoh xD-Picture Card Driver)- C:\Windows\system32\drivers\rixdptsk.sys - Disabled/Stopped
rspndr (Link-Layer Topology Discovery Responder)- C:\Windows\system32\DRIVERS\rspndr.sys - Auto/Stopped
sbp2port (SBP-2 Transport/Protocol Bus Driver)- C:\Windows\system32\drivers\sbp2port.sys - Disabled/Stopped
sdbus (sdbus)- C:\Windows\system32\DRIVERS\sdbus.sys - Manual/Stopped
secdrv (Security Driver)- C:\Windows\system32\drivers\secdrv.sys - Auto/Stopped
Serenum (Serenum Filter Driver)- C:\Windows\system32\drivers\serenum.sys - Manual/Stopped
Serial (Serial Port Driver)- C:\Windows\system32\drivers\serial.sys - Manual/Stopped
sermouse (Serial Mouse Driver)- C:\Windows\system32\drivers\sermouse.sys - Disabled/Stopped
sffdisk (SFF Storage Class Driver)- C:\Windows\system32\drivers\sffdisk.sys - Disabled/Stopped
sffp_mmc (SFF Storage Protocol Driver for MMC)- C:\Windows\system32\drivers\sffp_mmc.sys - Manual/Stopped
sffp_sd (SFF Storage Protocol Driver for SDBus)- C:\Windows\system32\drivers\sffp_sd.sys - Manual/Stopped
sfloppy (High-Capacity Floppy Disk Drive)- C:\Windows\system32\drivers\sfloppy.sys - Disabled/Stopped
sisagp (SIS AGP Bus Filter)- C:\Windows\system32\drivers\sisagp.sys - Manual/Stopped
SiSRaid2 (SiSRaid2)- C:\Windows\system32\drivers\sisraid2.sys - Disabled/Stopped
SiSRaid4 (SiSRaid4)- C:\Windows\system32\drivers\sisraid4.sys - Disabled/Stopped
Smb (Message-oriented TCP/IP and TCP/IPv6 Protocol (SMB session))- C:\Windows\system32\DRIVERS\smb.sys - System/Stopped
spldr (Security Processor Loader Driver)- C:\Windows\system32\drivers\spldr.sys - Boot/Stopped
srv (srv)- C:\Windows\system32\DRIVERS\srv.sys - Manual/Stopped
srv2 (srv2)- C:\Windows\system32\DRIVERS\srv2.sys - Manual/Stopped
srvnet (srvnet)- C:\Windows\system32\DRIVERS\srvnet.sys - Manual/Stopped
STHDA (SigmaTel High Definition Audio CODEC)- C:\Windows\system32\drivers\stwrt.sys - Manual/Stopped
swenum (Software Bus Driver)- C:\Windows\system32\DRIVERS\swenum.sys - Manual/Running
Symc8xx (Symc8xx)- C:\Windows\system32\drivers\symc8xx.sys - Disabled/Stopped
Sym_hi (Sym_hi)- C:\Windows\system32\drivers\sym_hi.sys - Disabled/Stopped
Sym_u3 (Sym_u3)- C:\Windows\system32\drivers\sym_u3.sys - Disabled/Stopped
SynTP (Synaptics TouchPad Driver)- C:\Windows\system32\DRIVERS\SynTP.sys - Manual/Running
Tcpip (TCP/IP Protocol Driver)- C:\Windows\system32\drivers\tcpip.sys - System/Stopped
Tcpip6 (Microsoft IPv6 Protocol Driver)- C:\Windows\system32\DRIVERS\tcpip.sys - Manual/Stopped
tcpipreg (TCP/IP Registry Compatibility)- C:\Windows\system32\drivers\tcpipreg.sys - Auto/Stopped
TDPIPE (TDPIPE)- C:\Windows\system32\drivers\tdpipe.sys - Manual/Stopped
TDTCP (TDTCP)- C:\Windows\system32\drivers\tdtcp.sys - Manual/Stopped
tdx (NetIO Legacy TDI Support Driver)- C:\Windows\system32\DRIVERS\tdx.sys - System/Stopped
TermDD (Terminal Device Driver)- C:\Windows\system32\DRIVERS\termdd.sys - System/Running
tssecsrv (Terminal Services Security Filter Driver)- C:\Windows\system32\DRIVERS\tssecsrv.sys - Manual/Stopped
tunmp (Microsoft Tun Miniport Adapter Driver)- C:\Windows\system32\DRIVERS\tunmp.sys - Manual/Stopped
tunnel (Microsoft IPv6 Tunnel Miniport Adapter Driver)- C:\Windows\system32\DRIVERS\tunnel.sys - Manual/Stopped
uagp35 (Microsoft AGPv3.5 Filter)- C:\Windows\system32\drivers\uagp35.sys - Manual/Stopped
udfs (udfs)- C:\Windows\system32\DRIVERS\udfs.sys - Disabled/Stopped
uliagpkx (Uli AGP Bus Filter)- C:\Windows\system32\drivers\uliagpkx.sys - Manual/Stopped
uliahci (uliahci)- C:\Windows\system32\drivers\uliahci.sys - Disabled/Stopped
UlSata (UlSata)- C:\Windows\system32\drivers\ulsata.sys - Disabled/Stopped
ulsata2 (ulsata2)- C:\Windows\system32\drivers\ulsata2.sys - Disabled/Stopped
umbus (UMBus Enumerator Driver)- C:\Windows\system32\DRIVERS\umbus.sys - Manual/Running
usbccgp (Microsoft USB Generic Parent Driver)- C:\Windows\system32\DRIVERS\usbccgp.sys - Disabled/Stopped
usbcir (eHome Infrared Receiver (USBCIR))- C:\Windows\system32\drivers\usbcir.sys - Disabled/Stopped
usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver)- C:\Windows\system32\DRIVERS\usbehci.sys - Manual/Running
usbhub (USB2 Enabled Hub)- C:\Windows\system32\DRIVERS\usbhub.sys - Manual/Running
usbohci (Microsoft USB Open Host Controller Miniport Driver)- C:\Windows\system32\DRIVERS\usbohci.sys - Manual/Running
usbprint (Microsoft USB PRINTER Class)- C:\Windows\system32\drivers\usbprint.sys - Disabled/Stopped
usbuhci (Microsoft USB Universal Host Controller Miniport Driver)- C:\Windows\system32\DRIVERS\usbuhci.sys - Disabled/Stopped
vga (vga)- C:\Windows\system32\DRIVERS\vgapnp.sys - Manual/Stopped
VgaSave (VgaSave)- C:\Windows\system32\drivers\vga.sys - System/Running
viaagp (VIA AGP Bus Filter)- C:\Windows\system32\drivers\viaagp.sys - Manual/Stopped
ViaC7 (VIA C7 Processor Driver)- C:\Windows\system32\drivers\viac7.sys - Disabled/Stopped
viaide (viaide)- C:\Windows\system32\drivers\viaide.sys - Disabled/Stopped
volmgr (Volume Manager Driver)- C:\Windows\system32\drivers\volmgr.sys - Boot/Running
volmgrx (Dynamic Volume Manager)- C:\Windows\system32\drivers\volmgrx.sys - Boot/Running
volsnap (Storage volumes)- C:\Windows\system32\drivers\volsnap.sys - Boot/Running
vsmraid (vsmraid)- C:\Windows\system32\drivers\vsmraid.sys - Disabled/Stopped
WacomPen (Wacom Serial Pen HID Driver)- C:\Windows\system32\drivers\wacompen.sys - Disabled/Stopped
Wanarp (Remote Access IP ARP Driver)- C:\Windows\system32\DRIVERS\wanarp.sys - Manual/Stopped
Wanarpv6 (Remote Access IPv6 ARP Driver)- C:\Windows\system32\DRIVERS\wanarp.sys - System/Stopped
Wd (Microsoft Watchdog Timer Driver)- C:\Windows\system32\drivers\wd.sys - Disabled/Stopped
Wdf01000 (Kernel Mode Driver Frameworks service)- C:\Windows\system32\drivers\Wdf01000.sys - Boot/Running
winachsf (winachsf)- C:\Windows\system32\DRIVERS\HSX_CNXT.sys - Manual/Stopped
WmiAcpi (Microsoft Windows Management Interface for ACPI)- C:\Windows\system32\DRIVERS\wmiacpi.sys - Manual/Running
ws2ifsl (Winsock IFS driver)- C:\Windows\system32\drivers\ws2ifsl.sys - Disabled/Stopped
XAudio (XAudio)- C:\Windows\system32\DRIVERS\xaudio.sys - Auto/Stopped
====== Uninstall List From Registry ======
Adobe Flash Player 10 ActiveX
Dell Wireless WLAN Card
Conexant HDA D110 MDC V.92 Modem
Google Desktop
HijackThis 2.0.2
Malwarebytes' Anti-Malware
McAfee SecurityCenter
Synaptics Pointing Device Driver
Roxio Creator Tools
Roxio Creator Data
ATI Catalyst Control Center Ex
AOL Install
Roxio Update Manager
Java(TM) SE Runtime Environment 6
NetZeroInstallers
Sonic Activation Module
NetWaiting
User's Guides
EarthLink Setup Files
Roxio Creator Copy
Browser Address Error Redirector
Roxio Express Labeler
Microsoft Works
Dell Getting Started Guide
QuickSet
Roxio Creator Audio
MSXML 4.0 SP2 (KB954430)
Roxio Creator BDAV Plugin
Product Documentation Launcher
Windows Mobile Device Center
SigmaTel Audio
Microsoft Visual C++ 2005 Redistributable
Adobe Reader 8.1.0
Roxio Creator DE
Internet Service Offers Launcher
Roxio MyDVD DE
Music, Photos & Videos Launcher
Dell Support Center
Digital Line Detect
Windows Mobile Device Center Driver Update
ATI PCI Express (3GIO) Filter Driver
Modem Diagnostic Tool
======== Other Info ========
TOTAL PHYSICAL RAM: 937 MB

====== Files with Hidden Attributes======

bamajim

10.4K Posts

April 26th, 2009 19:00

 

magehee

Using Windows explorer, see if you find c:\windows\ntbtlog.txt - If it exists, delete the file.
  • Click Start then Run and type in msconfig in the edit box and hit Enter or click Ok
  • Click on the boot.ini tab and check the box that says /BOOTLOG
  • Click Apply & Ok and reboot the PC (may take a bit longer to boot)
  • Using Windows Explorer, locate c:\windows\ntbtlog.txt and post the content of the file.

 

magehee

8 Posts

April 28th, 2009 19:00

 Service Pack 1 4 28 2009 18:04:22.500
Loaded driver \SystemRoot\system32\ntkrnlpa.exe
Loaded driver \SystemRoot\system32\hal.dll
Loaded driver \SystemRoot\system32\kdcom.dll
Loaded driver \SystemRoot\system32\PSHED.dll
Loaded driver \SystemRoot\system32\BOOTVID.dll
Loaded driver \SystemRoot\system32\CLFS.SYS
Loaded driver \SystemRoot\system32\CI.dll
Loaded driver \SystemRoot\system32\drivers\Wdf01000.sys
Loaded driver \SystemRoot\system32\drivers\WDFLDR.SYS
Loaded driver \SystemRoot\system32\drivers\acpi.sys
Loaded driver \SystemRoot\system32\drivers\WMILIB.SYS
Loaded driver \SystemRoot\system32\drivers\msisadrv.sys
Loaded driver \SystemRoot\system32\drivers\pci.sys
Loaded driver \SystemRoot\System32\drivers\partmgr.sys
Loaded driver \SystemRoot\system32\DRIVERS\compbatt.sys
Loaded driver \SystemRoot\system32\DRIVERS\BATTC.SYS
Loaded driver \SystemRoot\system32\drivers\volmgr.sys
Loaded driver \SystemRoot\System32\drivers\volmgrx.sys
Loaded driver \SystemRoot\system32\drivers\pciide.sys
Loaded driver \SystemRoot\system32\drivers\PCIIDEX.SYS
Loaded driver \SystemRoot\System32\drivers\mountmgr.sys
Loaded driver \SystemRoot\system32\drivers\atapi.sys
Loaded driver \SystemRoot\system32\drivers\ataport.SYS
Loaded driver \SystemRoot\system32\drivers\fltmgr.sys
Loaded driver \SystemRoot\system32\drivers\fileinfo.sys
Loaded driver \SystemRoot\System32\Drivers\PxHelp20.sys
Loaded driver \SystemRoot\System32\Drivers\ksecdd.sys
Loaded driver \SystemRoot\system32\drivers\ndis.sys
Loaded driver \SystemRoot\system32\drivers\msrpc.sys
Loaded driver \SystemRoot\system32\drivers\NETIO.SYS
Loaded driver \SystemRoot\System32\Drivers\Ntfs.sys
Loaded driver \SystemRoot\system32\drivers\volsnap.sys
Loaded driver \SystemRoot\System32\Drivers\spldr.sys
Loaded driver \SystemRoot\System32\Drivers\mup.sys
Loaded driver \SystemRoot\System32\drivers\ecache.sys
Loaded driver \SystemRoot\system32\drivers\disk.sys
Loaded driver \SystemRoot\system32\drivers\CLASSPNP.SYS
Loaded driver \SystemRoot\system32\DRIVERS\AtiPcie.sys
Loaded driver \SystemRoot\system32\drivers\crcdisk.sys
Loaded driver \SystemRoot\system32\DRIVERS\tunnel.sys
Loaded driver \SystemRoot\system32\DRIVERS\tunmp.sys
Loaded driver \SystemRoot\system32\DRIVERS\amdk8.sys
Loaded driver \SystemRoot\system32\DRIVERS\wmiacpi.sys
Loaded driver \SystemRoot\System32\drivers\dxgkrnl.sys
Loaded driver \SystemRoot\system32\DRIVERS\atikmdag.sys
Loaded driver \SystemRoot\system32\DRIVERS\bcmwl6.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbohci.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbehci.sys
Loaded driver \SystemRoot\system32\DRIVERS\cdrom.sys
Loaded driver \SystemRoot\system32\DRIVERS\HDAudBus.sys
Loaded driver \SystemRoot\system32\DRIVERS\i8042prt.sys
Loaded driver \SystemRoot\system32\DRIVERS\kbdclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\SynTP.sys
Loaded driver \SystemRoot\system32\DRIVERS\mouclass.sys
Loaded driver \SystemRoot\system32\DRIVERS\sdbus.sys
Loaded driver \SystemRoot\system32\DRIVERS\rimmptsk.sys
Loaded driver \SystemRoot\system32\DRIVERS\CmBatt.sys
Loaded driver \SystemRoot\system32\DRIVERS\msiscsi.sys
Loaded driver \SystemRoot\system32\DRIVERS\rasl2tp.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndistapi.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndiswan.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspppoe.sys
Loaded driver \SystemRoot\system32\DRIVERS\raspptp.sys
Loaded driver \SystemRoot\system32\DRIVERS\rassstp.sys
Loaded driver \SystemRoot\system32\DRIVERS\termdd.sys
Loaded driver \SystemRoot\system32\DRIVERS\swenum.sys
Loaded driver \SystemRoot\system32\DRIVERS\mssmbios.sys
Loaded driver \SystemRoot\system32\DRIVERS\umbus.sys
Loaded driver \SystemRoot\system32\DRIVERS\usbhub.sys
Loaded driver \SystemRoot\System32\Drivers\NDProxy.SYS
Did not load driver \SystemRoot\System32\Drivers\NDProxy.SYS
Loaded driver \SystemRoot\system32\DRIVERS\HSXHWAZL.sys
Loaded driver \SystemRoot\system32\DRIVERS\HSX_DPV.sys
Loaded driver \SystemRoot\system32\DRIVERS\HSX_CNXT.sys
Loaded driver \SystemRoot\system32\drivers\modem.sys
Loaded driver \SystemRoot\system32\drivers\stwrt.sys
Loaded driver \SystemRoot\System32\Drivers\Fs_Rec.SYS
Loaded driver \SystemRoot\System32\Drivers\Null.SYS
Loaded driver \SystemRoot\System32\Drivers\Beep.SYS
Loaded driver \SystemRoot\System32\drivers\vga.sys
Loaded driver \SystemRoot\System32\DRIVERS\RDPCDD.sys
Loaded driver \SystemRoot\system32\drivers\rdpencdd.sys
Loaded driver \SystemRoot\System32\Drivers\Msfs.SYS
Loaded driver \SystemRoot\System32\Drivers\Npfs.SYS
Loaded driver \SystemRoot\System32\DRIVERS\rasacd.sys
Loaded driver \SystemRoot\System32\drivers\tcpip.sys
Loaded driver \SystemRoot\system32\DRIVERS\tdx.sys
Loaded driver \SystemRoot\system32\DRIVERS\ipfltdrv.sys
Loaded driver \SystemRoot\System32\Drivers\Mpfp.sys
Loaded driver \SystemRoot\system32\DRIVERS\smb.sys
Loaded driver \SystemRoot\system32\drivers\afd.sys
Loaded driver \SystemRoot\System32\DRIVERS\netbt.sys
Loaded driver \SystemRoot\system32\DRIVERS\pacer.sys
Loaded driver \SystemRoot\system32\DRIVERS\netbios.sys
Loaded driver \SystemRoot\system32\DRIVERS\wanarp.sys
Loaded driver \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
Loaded driver \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
Loaded driver \SystemRoot\system32\DRIVERS\rdbss.sys
Loaded driver \SystemRoot\system32\drivers\nsiproxy.sys
Loaded driver \SystemRoot\system32\drivers\mfehidk.sys
Loaded driver \SystemRoot\System32\Drivers\dfsc.sys
Loaded driver \SystemRoot\system32\DRIVERS\monitor.sys
Loaded driver \SystemRoot\system32\drivers\luafv.sys
Loaded driver \SystemRoot\system32\drivers\drmkaud.sys
Loaded driver \SystemRoot\system32\DRIVERS\lltdio.sys
Loaded driver \SystemRoot\system32\DRIVERS\nwifi.sys
Loaded driver \SystemRoot\system32\DRIVERS\ndisuio.sys
Loaded driver \SystemRoot\system32\DRIVERS\rspndr.sys
Loaded driver \SystemRoot\system32\drivers\HTTP.sys
Loaded driver \SystemRoot\System32\DRIVERS\srvnet.sys
Loaded driver \SystemRoot\system32\DRIVERS\bowser.sys
Loaded driver \SystemRoot\System32\drivers\mpsdrv.sys
Loaded driver \SystemRoot\system32\drivers\mrxdav.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb10.sys
Loaded driver \SystemRoot\system32\DRIVERS\mrxsmb20.sys
Loaded driver \SystemRoot\System32\DRIVERS\srv2.sys
Loaded driver \SystemRoot\System32\DRIVERS\srv.sys
Did not load driver \SystemRoot\System32\DRIVERS\srv.sys
Loaded driver \SystemRoot\System32\Drivers\fastfat.SYS
Loaded driver \SystemRoot\system32\DRIVERS\mdmxsdk.sys
Loaded driver \SystemRoot\system32\drivers\peauth.sys
Loaded driver \SystemRoot\System32\Drivers\secdrv.SYS
Loaded driver \SystemRoot\System32\drivers\tcpipreg.sys
Loaded driver \SystemRoot\system32\DRIVERS\xaudio.sys
Loaded driver \SystemRoot\system32\drivers\mfebopk.sys
Loaded driver \SystemRoot\system32\drivers\mfeavfk.sys
Loaded driver \SystemRoot\system32\DRIVERS\cdfs.sys
Loaded driver \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
Loaded driver \SystemRoot\system32\drivers\mfesmfk.sys

bamajim

10.4K Posts

April 29th, 2009 07:00


magehee

Nothing there.

Run an online virus scan called Kaspersky from HERE.
  • [1.] At the main page. Press on " Accept". After reading the contents.
    [2.] At the next window Select Update. Allow the Database to update.
    Note: If prompted to run or update your Java, then follow the prompts to do so. Kaspersky requires Java to run.
    [3.] Once the Database has finished, under the Scan icon Select My Computer to start the scan. The scan may take a few minutes to complete.
    [4.] Select Scan Report.
    [5.] If any threats were found they will appear in the report
    [6.] Select "Save error report as" Then in the file name just type in kaspersky Under "save as type" select text .txt
    [7.] Save it to your Desktop.


Copy and post the results of the Kaspersky Online scan. If no threats were found then report that as well

magehee

8 Posts

May 5th, 2009 20:00

No threats

bamajim

10.4K Posts

May 7th, 2009 10:00


magehee

Please download Combofix and save to your desktop:
  • Note: It is important that it is saved directly to your desktop
    Close any open browsers.
    Double click on combofix.exe and follow the prompts.
    When it's finished it will produce a log.
    Post the contents of the C:\ComboFix.txt into your next reply.
    Note: Do not mouseclick combofix's window whilst it's running.
    That may cause the program to freeze/hang.

magehee

8 Posts

May 12th, 2009 18:00

Unable to save combofix to desktop. After clicking run, I received a message: Unable to save combofix as combofix[1].  I did not receive the save to Desktop window instead it give me the message.  I did disable the antivirus, antispyware and firewall.

I have noticed on my MSN homepage for example that initially the current weather is showing for New York, then it changes to Detroit which is my setting.

bamajim

10.4K Posts

May 18th, 2009 14:00

magehee

Sorry for the delay. If you still require assistance, please let me know.

magehee

8 Posts

May 20th, 2009 20:00

No threats found from the last scan.

bamajim

10.4K Posts

May 21st, 2009 06:00

magehee

That's good. But is your problem resolved?

magehee

8 Posts

May 26th, 2009 18:00

I received the following message when trying to save ComboFix to my desktop:

Destination Folder Access Denied

You need permission to perform this action

ComboFix[1]

Date created 5/26/2009 5:17 PM

Size: 0 bytes

bamajim

10.4K Posts

May 27th, 2009 09:00


magehee

Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

magehee

8 Posts

May 27th, 2009 15:00

This is the report from Malwarebytes'.  I also downloaded STOPzilla (which was recommended when I was trying to download ComboFix).  The results of that scan was 2 hijackers and approx 43 cookies.

Malwarebytes' Anti-Malware 1.37
Database version: 2186
Windows 6.0.6001 Service Pack 1

5/27/2009 2:34:44 PM
mbam-log-2009-05-27 (14-34-44).txt

Scan type: Quick Scan
Objects scanned: 70527
Time elapsed: 9 minute(s), 8 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Was this post helpful?

View All

No Events found!

Top