PDA

View Full Version : Vista 32bit goes into safe mode only, please help.



JKstang
2011-08-11, 17:51
I've been asked to fix a Dell Inspiron 1545 for a friend's daughter. Apparently for the last month or so the system has been unable to enter Normal mode. I have determind that what started as a simple driver corruption is something far more involved and to be honest (and humbled) I'm stumped. I attempted to find the demon using my usual methods...but they will not install or run for one reason or another, so I'm asking the gurus. Below is the DDS log,
for some reason I can't seem to attach the .zip file
.
DDS (Ver_2011-06-23.01) - NTFSx86 NETWORK
Internet Explorer: 7.0.6001.18000
Run by Melissa at 10:28:14 on 2011-08-11
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3034.2587 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mDefault_Page_URL = hxxp://www.dell.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mURLSearchHooks: Elf 1.15 Toolbar: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - c:\program files\elf_1.15\tbElf0.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll
BHO: ooVoo Toolbar: {574be437-25ae-4010-a53e-8c63b6ae02ff} - c:\program files\oovootoolbar\vmntemplateX.dll
BHO: Window Shopper: {74f475fa-6c75-43bd-aab9-ecda6184f600} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110624202007.dll
BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: 2433b577: {b9321238-d1a4-662c-02c5-699ece457bf9} - c:\programdata\atl32.dll
BHO: Elf 1.15 Toolbar: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - c:\program files\elf_1.15\tbElf0.dll
BHO: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Elf 1.15 Toolbar: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - c:\program files\elf_1.15\tbElf0.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: ooVoo Toolbar: {574be437-25ae-4010-a53e-8c63b6ae02ff} - c:\program files\oovootoolbar\vmntemplateX.dll
TB: {B9B97401-98E1-4942-930D-C36652DAB7F2} - No File
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [QuickSet] c:\program files\dell\quickset\QuickSet.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Corel Photo Downloader] "c:\program files\common files\corel\corel photodownloader\Corel PhotoDownloader.exe" -startup
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [<NO NAME>]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [cleanddm] c:\windows\system32\config\systemprofile\appdata\local\cleanddm.exe
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-explorer: HideSCAHealth = 1 (0x1)
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.5.150
TCP: Interfaces\{B7A8E1A5-C963-4259-9FD8-CF519D660D67} : DhcpNameServer = 192.168.5.150
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\programdata\atl32.dll
.
============= SERVICES / DRIVERS ===============
.
S1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2011-2-3 54776]
S2 AeLookupSvc32;Application Experience ;c:\programdata\iprop32.exe --> c:\programdata\iprop32.exe [?]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_0145da1d\AEstSrv.exe [2010-7-28 81920]
S2 AESTFilters32;Andrea ST Filters Service ;c:\programdata\nlslexicons002732.exe --> c:\programdata\NlsLexicons002732.exe [?]
S2 ALG32;Application Layer Gateway Service ;c:\programdata\comres32.exe --> c:\programdata\comres32.exe [?]
S2 ALG3232;Application Layer Gateway Service ;c:\programdata\perfproc32.exe --> c:\programdata\perfproc32.exe [?]
S2 ALG323232;Application Layer Gateway Service ;c:\programdata\lltdapi32.exe --> c:\programdata\lltdapi32.exe [?]
S2 ALG32323232;Application Layer Gateway Service ;c:\programdata\msscp32.exe --> c:\programdata\msscp32.exe [?]
S2 ALG3232323232;Application Layer Gateway Service ;c:\programdata\dxmasf32.exe --> c:\programdata\dxmasf32.exe [?]
S2 Appinfo32;Application Information ;c:\programdata\compatui32.exe --> c:\programdata\CompatUI32.exe [?]
S2 Appinfo3232;Application Information ;c:\programdata\comctl3232.exe --> c:\programdata\comctl3232.exe [?]
S2 Appinfo323232;Application Information ;c:\programdata\wevtsvc32.exe --> c:\programdata\wevtsvc32.exe [?]
S2 Appinfo32323232;Application Information ;c:\programdata\wmasf32.exe --> c:\programdata\WMASF32.exe [?]
S2 Apple Mobile Device32;Apple Mobile Device ;c:\programdata\expsrv32.exe --> c:\programdata\expsrv32.exe [?]
S2 Apple Mobile Device3232;Apple Mobile Device ;c:\programdata\kbdnecnt32.exe --> c:\programdata\kbdnecnt32.exe [?]
S2 Apple Mobile Device323232;Apple Mobile Device ;c:\programdata\unbcl32.exe --> c:\programdata\unbcl32.exe [?]
S2 Apple Mobile Device32323232;Apple Mobile Device ;c:\programdata\cardgames32.exe --> c:\programdata\CardGames32.exe [?]
S2 Apple Mobile Device3232323232;Apple Mobile Device ;c:\programdata\usp1032.exe --> c:\programdata\usp1032.exe [?]
S2 Apple Mobile Device323232323232;Apple Mobile Device ;c:\programdata\nlslexicons041432.exe --> c:\programdata\NlsLexicons041432.exe [?]
S2 Apple Mobile Device32323232323232;Apple Mobile Device ;c:\programdata\batmeter32.exe --> c:\programdata\batmeter32.exe [?]
S2 AudioEndpointBuilder32;Windows Audio Endpoint Builder ;c:\programdata\sxs32.exe --> c:\programdata\sxs32.exe [?]
S2 Audiosrv32;Windows Audio ;c:\programdata\nlsdata0c1a32.exe --> c:\programdata\NlsData0c1a32.exe [?]
S2 Audiosrv3232;Windows Audio ;c:\programdata\kbdgr132.exe --> c:\programdata\KBDGR132.exe [?]
S2 Audiosrv323232;Windows Audio ;c:\programdata\nlslexicons0c1a32.exe --> c:\programdata\NlsLexicons0c1a32.exe [?]
S2 Audiosrv32323232;Windows Audio ;c:\programdata\loadperf32.exe --> c:\programdata\loadperf32.exe [?]
S2 Audiosrv3232323232;Windows Audio ;c:\programdata\catsrv32.exe --> c:\programdata\catsrv32.exe [?]
S2 BFE32;Base Filtering Engine ;c:\programdata\nlslexicons003e32.exe --> c:\programdata\NlsLexicons003e32.exe [?]
S2 BFE3232;Base Filtering Engine ;c:\programdata\ocsetapi32.exe --> c:\programdata\ocsetapi32.exe [?]
S2 BITS32;Background Intelligent Transfer Service ;c:\programdata\imjp10k32.exe --> c:\programdata\IMJP10K32.exe [?]
S2 BITS3232;Background Intelligent Transfer Service ;c:\programdata\kbdbe32.exe --> c:\programdata\KBDBE32.exe [?]
S2 BITS323232;Background Intelligent Transfer Service ;c:\programdata\sampleres32.exe --> c:\programdata\SampleRes32.exe [?]
S2 BITS32323232;Background Intelligent Transfer Service ;c:\programdata\sensapi32.exe --> c:\programdata\SensApi32.exe [?]
S2 BITS3232323232;Background Intelligent Transfer Service ;c:\programdata\ir32_3232.exe --> c:\programdata\ir32_3232.exe [?]
S2 Bonjour Service32;Bonjour Service ;c:\programdata\kbdgkl32.exe --> c:\programdata\KBDGKL32.exe [?]
S2 Bonjour Service3232;Bonjour Service ;c:\programdata\dfrgifps32.exe --> c:\programdata\dfrgifps32.exe [?]
S2 Bonjour Service323232;Bonjour Service ;c:\programdata\kbdest32.exe --> c:\programdata\KBDEST32.exe [?]
S2 Browser32;Computer Browser ;c:\programdata\nlsdata081632.exe --> c:\programdata\NlsData081632.exe [?]
S2 Browser3232;Computer Browser ;c:\programdata\nlslexicons004532.exe --> c:\programdata\NlsLexicons004532.exe [?]
S2 Browser323232;Computer Browser ;c:\programdata\iconcodecservice32.exe --> c:\programdata\IconCodecService32.exe [?]
S2 CertPropSvc32;Certificate Propagation ;c:\programdata\iphlpapi32.exe --> c:\programdata\IPHLPAPI32.exe [?]
S2 clr_optimization_v2.0.50727_3232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\winmm32.exe --> c:\programdata\winmm32.exe [?]
S2 clr_optimization_v2.0.50727_323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\tcpmon32.exe --> c:\programdata\tcpmon32.exe [?]
S2 clr_optimization_v2.0.50727_32323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\dmband32.exe --> c:\programdata\dmband32.exe [?]
S2 clr_optimization_v2.0.50727_3232323232;Microsoft .NET Framework NGEN v2.0.50727_X86 ;c:\programdata\chxreadingstringime32.exe --> c:\programdata\CHxReadingStringIME32.exe [?]
S2 COMSysApp32;COM+ System Application ;c:\programdata\eventcls32.exe --> c:\programdata\eventcls32.exe [?]
S2 COMSysApp3232;COM+ System Application ;c:\programdata\admparse32.exe --> c:\programdata\admparse32.exe [?]
S2 CryptSvc32;Cryptographic Services ;c:\programdata\dps32.exe --> c:\programdata\dps32.exe [?]
S2 CryptSvc3232;Cryptographic Services ;c:\programdata\kbdfi32.exe --> c:\programdata\KBDFI32.exe [?]
S2 CryptSvc323232;Cryptographic Services ;c:\programdata\sbeio32.exe --> c:\programdata\sbeio32.exe [?]
S2 CryptSvc32323232;Cryptographic Services ;c:\programdata\fwremotesvr32.exe --> c:\programdata\FwRemoteSvr32.exe [?]
S2 CryptSvc3232323232;Cryptographic Services ;c:\programdata\kbdintel32.exe --> c:\programdata\KBDINTEL32.exe [?]
S2 DcomLaunch32;DCOM Server Process Launcher ;c:\programdata\tapisrv32.exe --> c:\programdata\tapisrv32.exe [?]
S2 DcomLaunch3232;DCOM Server Process Launcher ;c:\programdata\sxproxy32.exe --> c:\programdata\sxproxy32.exe [?]
S2 DcomLaunch323232;DCOM Server Process Launcher ;c:\programdata\uniplat32.exe --> c:\programdata\uniplat32.exe [?]
S2 DcomLaunch32323232;DCOM Server Process Launcher ;c:\programdata\kbdmac32.exe --> c:\programdata\KBDMAC32.exe [?]
S2 DFSR32;DFS Replication ;c:\programdata\wmp32.exe --> c:\programdata\wmp32.exe [?]
S2 DFSR3232;DFS Replication ;c:\programdata\nlslexicons004c32.exe --> c:\programdata\NlsLexicons004c32.exe [?]
S2 DFSR323232;DFS Replication ;c:\programdata\nlslexicons001d32.exe --> c:\programdata\NlsLexicons001d32.exe [?]
S2 Dhcp32;DHCP Client ;c:\programdata\bridgeres32.exe --> c:\programdata\bridgeres32.exe [?]
S2 Dhcp3232;DHCP Client ;c:\programdata\nlsdata001832.exe --> c:\programdata\NlsData001832.exe [?]
S2 Dhcp32323232;DHCP Client ;c:\programdata\msorc32r32.exe --> c:\programdata\msorc32r32.exe [?]
S2 Dhcp3232323232;DHCP Client ;c:\programdata\nlaapi32.exe --> c:\programdata\nlaapi32.exe [?]
S2 Dnscache32;DNS Client ;c:\programdata\apphelp32.exe --> c:\programdata\apphelp32.exe [?]
S2 dot3svc32;Wired AutoConfig ;c:\programdata\kbdic32.exe --> c:\programdata\KBDIC32.exe [?]
S2 dot3svc3232;Wired AutoConfig ;c:\programdata\wpdshserviceobj32.exe --> c:\programdata\WPDShServiceObj32.exe [?]
S2 ehRecvr32;Windows Media Center Receiver Service ;c:\programdata\tspkg32.exe --> c:\programdata\TSpkg32.exe [?]
S2 ehSched32;Windows Media Center Scheduler Service ;c:\programdata\kbdhu132.exe --> c:\programdata\KBDHU132.exe [?]
S2 ehSched3232;Windows Media Center Scheduler Service ;c:\programdata\shsvcs32.exe --> c:\programdata\shsvcs32.exe [?]
S2 ehSched323232;Windows Media Center Scheduler Service ;c:\programdata\qmgrprxy32.exe --> c:\programdata\qmgrprxy32.exe [?]
S2 ehSched32323232;Windows Media Center Scheduler Service ;c:\programdata\mf32.exe --> c:\programdata\mf32.exe [?]
S2 ehstart32;Windows Media Center Service Launcher ;c:\programdata\wshqos32.exe --> c:\programdata\wshqos32.exe [?]
S2 ehstart3232;Windows Media Center Service Launcher ;c:\programdata\mfwmaaec32.exe --> c:\programdata\MFWMAAEC32.exe [?]
S2 Eventlog32;Windows Event Log ;c:\programdata\accessibilitycpl32.exe --> c:\programdata\accessibilitycpl32.exe [?]
S2 Eventlog3232;Windows Event Log ;c:\programdata\tsgqec32.exe --> c:\programdata\tsgqec32.exe [?]
S2 Eventlog323232;Windows Event Log ;c:\programdata\adsldp32.exe --> c:\programdata\adsldp32.exe [?]
S2 EventSystem32;COM+ Event System ;c:\programdata\msxml432.exe --> c:\programdata\msxml432.exe [?]
S2 fdPHost32;Function Discovery Provider Host ;c:\programdata\portabledevicewiacompat32.exe --> c:\programdata\PortableDeviceWiaCompat32.exe [?]
S2 fdPHost3232;Function Discovery Provider Host ;c:\programdata\ir41_qc32.exe --> c:\programdata\ir41_qc32.exe [?]
S2 fdPHost32323232;Function Discovery Provider Host ;c:\programdata\faultrep32.exe --> c:\programdata\Faultrep32.exe [?]
S2 fdPHost3232323232;Function Discovery Provider Host ;c:\programdata\mssitlb32.exe --> c:\programdata\mssitlb32.exe [?]
S2 FDResPub32;Function Discovery Resource Publication ;c:\programdata\cfgmgr3232.exe --> c:\programdata\cfgmgr3232.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-9-6 136176]
S2 gupdate32;Google Update Service (gupdate) ;c:\programdata\regctrl32.exe --> c:\programdata\RegCtrl32.exe [?]
S2 gupdate3232;Google Update Service (gupdate) ;c:\programdata\drvstore32.exe --> c:\programdata\drvstore32.exe [?]
S2 gupdate323232;Google Update Service (gupdate) ;c:\programdata\l2nacp32.exe --> c:\programdata\l2nacp32.exe [?]
S2 gupdate32323232;Google Update Service (gupdate) ;c:\programdata\infocardapi32.exe --> c:\programdata\infocardapi32.exe [?]
S2 gupdate3232323232;Google Update Service (gupdate) ;c:\programdata\ctl3d3232.exe --> c:\programdata\ctl3d3232.exe [?]
S2 gupdatem32;Google Update Service (gupdatem) ;c:\programdata\cmipnpinstall32.exe --> c:\programdata\cmipnpinstall32.exe [?]
S2 gusvc32;Google Software Updater ;c:\programdata\rasdiag32.exe --> c:\programdata\rasdiag32.exe [?]
S2 gusvc3232;Google Software Updater ;c:\programdata\msrepl4032.exe --> c:\programdata\msrepl4032.exe [?]
S2 gusvc323232;Google Software Updater ;c:\programdata\dhcpcmonitor32.exe --> c:\programdata\dhcpcmonitor32.exe [?]
S2 gusvc32323232;Google Software Updater ;c:\programdata\kbddv32.exe --> c:\programdata\KBDDV32.exe [?]
S2 hidserv32;Human Interface Device Access ;c:\programdata\wpdbusenum32.exe --> c:\programdata\wpdbusenum32.exe [?]
S2 hidserv3232;Human Interface Device Access ;c:\programdata\dmutil32.exe --> c:\programdata\dmutil32.exe [?]
S2 hidserv323232;Human Interface Device Access ;c:\programdata\powercpl32.exe --> c:\programdata\powercpl32.exe [?]
S2 hidserv32323232;Human Interface Device Access ;c:\programdata\ntlanman32.exe --> c:\programdata\ntlanman32.exe [?]
S2 hkmsvc32;Health Key and Certificate Management ;c:\programdata\slcinst32.exe --> c:\programdata\slcinst32.exe [?]
S2 hkmsvc3232;Health Key and Certificate Management ;c:\programdata\wdigest32.exe --> c:\programdata\wdigest32.exe [?]
S2 hkmsvc323232;Health Key and Certificate Management ;c:\programdata\imgutil32.exe --> c:\programdata\imgutil32.exe [?]
S2 IAANTMON32;Intel(R) Matrix Storage Event Monitor ;c:\programdata\winrnr32.exe --> c:\programdata\winrnr32.exe [?]
S2 IAANTMON323232;Intel(R) Matrix Storage Event Monitor ;c:\programdata\nlslexicons004a32.exe --> c:\programdata\NlsLexicons004a32.exe [?]
S2 IAANTMON32323232;Intel(R) Matrix Storage Event Monitor ;c:\programdata\ufat32.exe --> c:\programdata\ufat32.exe [?]
S2 IAANTMON3232323232;Intel(R) Matrix Storage Event Monitor ;c:\programdata\muilanguagecleanup32.exe --> c:\programdata\MUILanguageCleanup32.exe [?]
S2 IAANTMON323232323232;Intel(R) Matrix Storage Event Monitor ;c:\programdata\mssign3232.exe --> c:\programdata\mssign3232.exe [?]
S2 IAANTMON32323232323232;Intel(R) Matrix Storage Event Monitor ;c:\programdata\nlslexicons000232.exe --> c:\programdata\NlsLexicons000232.exe [?]
S2 idsvc32;Windows CardSpace ;c:\programdata\basecsp32.exe --> c:\programdata\basecsp32.exe [?]
S2 IKEEXT32;IKE and AuthIP IPsec Keying Modules ;c:\programdata\mshtmler32.exe --> c:\programdata\mshtmler32.exe [?]
S2 IKEEXT3232;IKE and AuthIP IPsec Keying Modules ;c:\programdata\bidispl32.exe --> c:\programdata\bidispl32.exe [?]
S2 IKEEXT323232;IKE and AuthIP IPsec Keying Modules ;c:\programdata\mscories32.exe --> c:\programdata\mscories32.exe [?]
S2 IPBusEnum32;PnP-X IP Bus Enumerator ;c:\programdata\wudfcoinstaller32.exe --> c:\programdata\WUDFCoinstaller32.exe [?]
S2 iphlpsvc32;IP Helper ;c:\programdata\actxprxy32.exe --> c:\programdata\actxprxy32.exe [?]
S2 iphlpsvc323232;IP Helper ;c:\programdata\msac3enc32.exe --> c:\programdata\MSAC3ENC32.exe [?]
S2 KeyIso32;CNG Key Isolation ;c:\programdata\icaapi32.exe --> c:\programdata\icaapi32.exe [?]
S2 KeyIso3232;CNG Key Isolation ;c:\programdata\kbdsmsfi32.exe --> c:\programdata\KBDSMSFI32.exe [?]
S2 KtmRm32;KtmRm for Distributed Transaction Coordinator ;c:\programdata\wiascanprofiles32.exe --> c:\programdata\wiascanprofiles32.exe [?]
S2 KtmRm3232;KtmRm for Distributed Transaction Coordinator ;c:\programdata\credui32.exe --> c:\programdata\credui32.exe [?]
S2 LanmanWorkstation32;Workstation ;c:\programdata\kbdinori32.exe --> c:\programdata\KBDINORI32.exe [?]
S2 LanmanWorkstation3232;Workstation ;c:\programdata\mdminst32.exe --> c:\programdata\mdminst32.exe [?]
S2 lltdsvc32;Link-Layer Topology Discovery Mapper ;c:\programdata\ssshim32.exe --> c:\programdata\SSShim32.exe [?]
S2 lmhosts32;TCP/IP NetBIOS Helper ;c:\programdata\taskschdps32.exe --> c:\programdata\TaskSchdPS32.exe [?]
S2 lmhosts3232;TCP/IP NetBIOS Helper ;c:\programdata\wmphoto32.exe --> c:\programdata\WMPhoto32.exe [?]
S2 lmhosts323232;TCP/IP NetBIOS Helper ;c:\programdata\dmintf32.exe --> c:\programdata\dmintf32.exe [?]
S2 LVPrcSrv32;Process Monitor ;c:\programdata\olesvr32.exe --> c:\programdata\OLESVR32.exe [?]
S2 LVPrcSrv3232;Process Monitor ;c:\programdata\dispci32.exe --> c:\programdata\dispci32.exe [?]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]
S2 McAfee SiteAdvisor Service32;McAfee SiteAdvisor Service ;c:\programdata\rnr2032.exe --> c:\programdata\rnr2032.exe [?]
S2 McAfee SiteAdvisor Service3232;McAfee SiteAdvisor Service ;c:\programdata\rasmans32.exe --> c:\programdata\rasmans32.exe [?]
S2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]
S2 mcmscsvc32;McAfee Services ;c:\programdata\mmcndmgr32.exe --> c:\programdata\mmcndmgr32.exe [?]
S2 mcmscsvc3232;McAfee Services ;c:\programdata\msdart32.exe --> c:\programdata\msdart32.exe [?]
S2 mcmscsvc323232;McAfee Services ;c:\programdata\gdi3232.exe --> c:\programdata\gdi3232.exe [?]
S2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]
S2 McNaiAnn32;McAfee VirusScan Announcer ;c:\programdata\capisp32.exe --> c:\programdata\capisp32.exe [?]
S2 McNASvc32;McAfee Network Agent ;c:\programdata\milcore32.exe --> c:\programdata\milcore32.exe [?]
S2 McNASvc3232;McAfee Network Agent ;c:\programdata\bcmwlapi32.exe --> c:\programdata\bcmwlapi32.exe [?]
S2 McNASvc323232;McAfee Network Agent ;c:\programdata\stapi3232.exe --> c:\programdata\stapi3232.exe [?]
S2 McODS32;McAfee Scanner ;c:\programdata\mapistub32.exe --> c:\programdata\mapistub32.exe [?]
S2 McODS3232;McAfee Scanner ;c:\programdata\samsrv32.exe --> c:\programdata\samsrv32.exe [?]
S2 McProxy;McAfee Proxy Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]
S2 McProxy32;McAfee Proxy Service ;c:\programdata\tquery32.exe --> c:\programdata\tquery32.exe [?]
S2 McShield;McAfee McShield;"c:\program files\common files\mcafee\systemcore\\mcshield.exe" --> c:\program files\common files\mcafee\systemcore\\mcshield.exe [?]
S2 McShield32;McShield ;c:\programdata\wscisvif32.exe --> c:\programdata\wscisvif32.exe [?]
S2 McShield3232;McShield ;c:\programdata\corpol32.exe --> c:\programdata\corpol32.exe [?]
S2 McShield323232;McShield ;c:\programdata\chsbrkr32.exe --> c:\programdata\chsbrkr32.exe [?]
S2 McShield32323232;McShield ;c:\programdata\wmvencod32.exe --> c:\programdata\WMVENCOD32.exe [?]
S2 Mcx2Svc32;Windows Media Center Extender Service ;c:\programdata\kbdkaz32.exe --> c:\programdata\KBDKAZ32.exe [?]
S2 Mcx2Svc3232;Windows Media Center Extender Service ;c:\programdata\ieakeng32.exe --> c:\programdata\ieakeng32.exe [?]
S2 Mcx2Svc323232;Windows Media Center Extender Service ;c:\programdata\rdpencom32.exe --> c:\programdata\rdpencom32.exe [?]
S2 Mcx2Svc3232323232;Windows Media Center Extender Service ;c:\programdata\cdd32.exe --> c:\programdata\cdd32.exe [?]
S2 Mcx2Svc323232323232;Windows Media Center Extender Service ;c:\programdata\wsmplpxy32.exe --> c:\programdata\wsmplpxy32.exe [?]
S2 mfefire;McAfee Firewall Core Service;"c:\program files\common files\mcafee\systemcore\\mfefire.exe" --> c:\program files\common files\mcafee\systemcore\\mfefire.exe [?]
S2 mfefire3232;McAfee Firewall Core Service ;c:\programdata\oledlg32.exe --> c:\programdata\oledlg32.exe [?]
S2 mfevtp;McAfee Validation Trust Protection Service;"c:\windows\system32\mfevtps.exe" --> c:\windows\system32\mfevtps.exe [?]
S2 mfevtp32;McAfee Validation Trust Protection Service ;c:\programdata\kbdhe31932.exe --> c:\programdata\KBDHE31932.exe [?]
S2 mfevtp3232;McAfee Validation Trust Protection Service ;c:\programdata\ig4dev3232.exe --> c:\programdata\ig4dev3232.exe [?]
S2 MOBKbackup;McAfee Online Backup;c:\program files\mcafee online backup\MOBKbackup.exe [2010-4-13 229688]
S2 MOBKbackup32;McAfee Online Backup ;c:\programdata\kbdvntc32.exe --> c:\programdata\KBDVNTC32.exe [?]
S2 MOBKbackup3232;McAfee Online Backup ;c:\programdata\dmsynth32.exe --> c:\programdata\dmsynth32.exe [?]
S2 MOBKbackup323232;McAfee Online Backup ;c:\programdata\webclnt32.exe --> c:\programdata\WebClnt32.exe [?]
S2 MOBKbackup32323232;McAfee Online Backup ;c:\programdata\storage32.exe --> c:\programdata\storage32.exe [?]
S2 MpsSvc32;Windows Firewall ;c:\programdata\nlslexicons004932.exe --> c:\programdata\NlsLexicons004932.exe [?]
S2 MSDTC32;Distributed Transaction Coordinator ;c:\programdata\ipnathlp32.exe --> c:\programdata\ipnathlp32.exe [?]
S2 MSDTC3232;Distributed Transaction Coordinator ;c:\programdata\kbd10632.exe --> c:\programdata\kbd10632.exe [?]
S2 MSiSCSI32;Microsoft iSCSI Initiator Service ;c:\programdata\olepro3232.exe --> c:\programdata\olepro3232.exe [?]
S2 MSiSCSI3232;Microsoft iSCSI Initiator Service ;c:\programdata\msports32.exe --> c:\programdata\msports32.exe [?]
S2 MSiSCSI323232;Microsoft iSCSI Initiator Service ;c:\programdata\mciqtz3232.exe --> c:\programdata\mciqtz3232.exe [?]
S2 msiserver32;Windows Installer ;c:\programdata\apss32.exe --> c:\programdata\apss32.exe [?]
S2 MSK80Service32;McAfee Anti-Spam Service ;c:\programdata\kbdmlt4732.exe --> c:\programdata\KBDMLT4732.exe [?]
S2 napagent32;Network Access Protection Agent ;c:\programdata\remotepg32.exe --> c:\programdata\remotepg32.exe [?]
S2 Netman32;Network Connections ;c:\programdata\shsetup32.exe --> c:\programdata\shsetup32.exe [?]
S2 Netman3232;Network Connections ;c:\programdata\qmgr32.exe --> c:\programdata\qmgr32.exe [?]
S2 netprofm32;Network List Service ;c:\programdata\occache32.exe --> c:\programdata\occache32.exe [?]
S2 netprofm3232;Network List Service ;c:\programdata\eapsvc32.exe --> c:\programdata\eapsvc32.exe [?]
S2 netprofm323232;Network List Service ;c:\programdata\audiodev32.exe --> c:\programdata\audiodev32.exe [?]
S2 netprofm32323232;Network List Service ;c:\programdata\npmproxy32.exe --> c:\programdata\npmproxy32.exe [?]
S2 NetTcpPortSharing32;Net.Tcp Port Sharing Service ;c:\programdata\azsqlext32.exe --> c:\programdata\AzSqlExt32.exe [?]
S2 NetTcpPortSharing3232;Net.Tcp Port Sharing Service ;c:\programdata\msobjs32.exe --> c:\programdata\msobjs32.exe [?]
S2 NetTcpPortSharing323232;Net.Tcp Port Sharing Service ;c:\programdata\mfvdsp32.exe --> c:\programdata\mfvdsp32.exe [?]
S2 NetTcpPortSharing32323232;Net.Tcp Port Sharing Service ;c:\programdata\fdssdp32.exe --> c:\programdata\fdSSDP32.exe [?]
S2 NetTcpPortSharing3232323232;Net.Tcp Port Sharing Service ;c:\programdata\nlslexicons001b32.exe --> c:\programdata\NlsLexicons001b32.exe [?]
S2 NetTcpPortSharing323232323232;Net.Tcp Port Sharing Service ;c:\programdata\scecli32.exe --> c:\programdata\scecli32.exe [?]
S2 nsi32;Network Store Interface Service ;c:\programdata\dbnetlib32.exe --> c:\programdata\dbnetlib32.exe [?]
S2 nsi3232;Network Store Interface Service ;c:\programdata\msvidctl32.exe --> c:\programdata\MSVidCtl32.exe [?]
S2 p2psvc32;Peer Networking Grouping ;c:\programdata\atl32.exe --> c:\programdata\atl32.exe [?]
S2 p2psvc3232;Peer Networking Grouping ;c:\programdata\napdsnap32.exe --> c:\programdata\napdsnap32.exe [?]
S2 p2psvc323232;Peer Networking Grouping ;c:\programdata\iaspolcy32.exe --> c:\programdata\iaspolcy32.exe [?]
S2 PcaSvc32;Program Compatibility Assistant Service ;c:\programdata\cabinet32.exe --> c:\programdata\cabinet32.exe [?]
S2 PlugPlay32;Plug and Play ;c:\programdata\brcpl32.exe --> c:\programdata\brcpl32.exe [?]
S2 PlugPlay3232;Plug and Play ;c:\programdata\nlsdata002132.exe --> c:\programdata\NlsData002132.exe [?]
S2 PlugPlay323232;Plug and Play ;c:\programdata\activecontentwizard32.exe --> c:\programdata\ActiveContentWizard32.exe [?]
S2 PNRPAutoReg32;PNRP Machine Name Publication Service ;c:\programdata\pnpxassoc32.exe --> c:\programdata\PNPXAssoc32.exe [?]
S2 PNRPAutoReg3232;PNRP Machine Name Publication Service ;c:\programdata\dpx32.exe --> c:\programdata\dpx32.exe [?]
S2 PNRPAutoReg323232;PNRP Machine Name Publication Service ;c:\programdata\nlsdata004932.exe --> c:\programdata\NlsData004932.exe [?]
S2 PNRPAutoReg32323232;PNRP Machine Name Publication Service ;c:\programdata\cngaudit32.exe --> c:\programdata\cngaudit32.exe [?]
S2 PNRPsvc32;Peer Name Resolution Protocol ;c:\programdata\pdhui32.exe --> c:\programdata\pdhui32.exe [?]
S2 PNRPsvc3232;Peer Name Resolution Protocol ;c:\programdata\wsecedit32.exe --> c:\programdata\wsecedit32.exe [?]
S2 PNRPsvc323232;Peer Name Resolution Protocol ;c:\programdata\nlsdata002732.exe --> c:\programdata\NlsData002732.exe [?]
S2 PolicyAgent32;IPsec Policy Agent ;c:\programdata\colorui32.exe --> c:\programdata\colorui32.exe [?]
S2 ProtectedStorage32;Protected Storage ;c:\programdata\cnc250o32.exe --> c:\programdata\CNC250O32.exe [?]
S2 ProtexisLicensing32;ProtexisLicensing ;c:\programdata\miguiresource32.exe --> c:\programdata\miguiresource32.exe [?]
S2 QWAVE32;Quality Windows Audio Video Experience ;c:\programdata\pla32.exe --> c:\programdata\pla32.exe [?]
S2 QWAVE3232;Quality Windows Audio Video Experience ;c:\programdata\srwmi32.exe --> c:\programdata\srwmi32.exe [?]
S2 RasAuto3232;Remote Access Auto Connection Manager ;c:\programdata\vfwwdm3232.exe --> c:\programdata\vfwwdm3232.exe [?]
S2 RasMan32;Remote Access Connection Manager ;c:\programdata\mtxoci32.exe --> c:\programdata\mtxoci32.exe [?]
S2 RemoteAccess32;Routing and Remote Access ;c:\programdata\fdeploy32.exe --> c:\programdata\fdeploy32.exe [?]
S2 RemoteAccess3232;Routing and Remote Access ;c:\programdata\d3d10core32.exe --> c:\programdata\d3d10core32.exe [?]
S2 RemoteAccess323232;Routing and Remote Access ;c:\programdata\cryptdlg32.exe --> c:\programdata\cryptdlg32.exe [?]
S2 RemoteAccess32323232;Routing and Remote Access ;c:\programdata\mfc42u32.exe --> c:\programdata\mfc42u32.exe [?]
S2 RpcLocator32;Remote Procedure Call (RPC) Locator ;c:\programdata\inetppui32.exe --> c:\programdata\inetppui32.exe [?]
S2 RpcLocator3232;Remote Procedure Call (RPC) Locator ;c:\programdata\kbdlao32.exe --> c:\programdata\KBDLAO32.exe [?]
S2 RpcLocator323232;Remote Procedure Call (RPC) Locator ;c:\programdata\kbdbu32.exe --> c:\programdata\KBDBU32.exe [?]
S2 RpcSs32;Remote Procedure Call (RPC) ;c:\programdata\kbdmon32.exe --> c:\programdata\KBDMON32.exe [?]
S2 SamSs32;Security Accounts Manager ;c:\programdata\netman32.exe --> c:\programdata\netman32.exe [?]
S2 SCardSvr32;Smart Card ;c:\programdata\upnp32.exe --> c:\programdata\upnp32.exe [?]
S2 Schedule32;Task Scheduler ;c:\programdata\photometadatahandler32.exe --> c:\programdata\PhotoMetadataHandler32.exe [?]
S2 Schedule3232;Task Scheduler ;c:\programdata\netid32.exe --> c:\programdata\netid32.exe [?]
S2 SENS32;System Event Notification Service ;c:\programdata\tapiperf32.exe --> c:\programdata\tapiperf32.exe [?]
S2 SessionEnv32;Terminal Services Configuration ;c:\programdata\dskquoui32.exe --> c:\programdata\dskquoui32.exe [?]
S2 SharedAccess32;Internet Connection Sharing (ICS) ;c:\programdata\sisbkup32.exe --> c:\programdata\sisbkup32.exe [?]
S2 SharedAccess3232;Internet Connection Sharing (ICS) ;c:\programdata\mmcbase32.exe --> c:\programdata\mmcbase32.exe [?]
S2 SharedAccess323232;Internet Connection Sharing (ICS) ;c:\programdata\msvcp6032.exe --> c:\programdata\msvcp6032.exe [?]
S2 ShellHWDetection32;Shell Hardware Detection ;c:\programdata\rsaenh32.exe --> c:\programdata\rsaenh32.exe [?]
S2 ShellHWDetection3232;Shell Hardware Detection ;c:\programdata\werdiagcontroller32.exe --> c:\programdata\werdiagcontroller32.exe [?]
S2 slsvc32;Software Licensing ;c:\programdata\wlanhc32.exe --> c:\programdata\WLanHC32.exe [?]
S2 slsvc3232;Software Licensing ;c:\programdata\quartz32.exe --> c:\programdata\quartz32.exe [?]
S2 SLUINotify32;SL UI Notification Service ;c:\programdata\wscmisetup32.exe --> c:\programdata\wscmisetup32.exe [?]
S2 SNMPTRAP32;SNMP Trap ;c:\programdata\msscb32.exe --> c:\programdata\msscb32.exe [?]
S2 Spooler32;Print Spooler ;c:\programdata\kbdsl132.exe --> c:\programdata\KBDSL132.exe [?]
S2 SSDPSRV32;SSDP Discovery ;c:\programdata\icardres32.exe --> c:\programdata\icardres32.exe [?]
S2 SSDPSRV3232;SSDP Discovery ;c:\programdata\playsndsrv32.exe --> c:\programdata\PlaySndSrv32.exe [?]
S2 SSDPSRV323232;SSDP Discovery ;c:\programdata\tsbyuv32.exe --> c:\programdata\tsbyuv32.exe [?]
S2 STacSV32;Audio Service ;c:\programdata\ykx32coinst32.exe --> c:\programdata\ykx32coinst32.exe [?]
S2 STacSV3232;Audio Service ;c:\programdata\ntprint32.exe --> c:\programdata\ntprint32.exe [?]
S2 stisvc32;Windows Image Acquisition (WIA) ;c:\programdata\nlsdata000d32.exe --> c:\programdata\NlsData000d32.exe [?]
S2 swprv32;Microsoft Software Shadow Copy Provider ;c:\programdata\nlsdata000732.exe --> c:\programdata\NlsData000732.exe [?]
S2 swprv3232;Microsoft Software Shadow Copy Provider ;c:\programdata\wsmres32.exe --> c:\programdata\WsmRes32.exe [?]
S2 swprv323232;Microsoft Software Shadow Copy Provider ;c:\programdata\wpcao32.exe --> c:\programdata\wpcao32.exe [?]
S2 swprv32323232;Microsoft Software Shadow Copy Provider ;c:\programdata\mprapi32.exe --> c:\programdata\mprapi32.exe [?]
S2 SysMain32;Superfetch ;c:\programdata\ddaclsys32.exe --> c:\programdata\DDACLSys32.exe [?]
S2 SysMain3232;Superfetch ;c:\programdata\imapi2fs32.exe --> c:\programdata\imapi2fs32.exe [?]
S2 SysMain323232;Superfetch ;c:\programdata\lvci120127832.exe --> c:\programdata\lvci120127832.exe [?]
S2 SysMain32323232;Superfetch ;c:\programdata\dot3gpclnt32.exe --> c:\programdata\dot3gpclnt32.exe [?]
S2 TabletInputService32;Tablet PC Input Service ;c:\programdata\nlslexicons081a32.exe --> c:\programdata\NlsLexicons081a32.exe [?]
S2 TabletInputService323232;Tablet PC Input Service ;c:\programdata\networkitemfactory32.exe --> c:\programdata\networkitemfactory32.exe [?]
S2 TabletInputService32323232;Tablet PC Input Service ;c:\programdata\browser32.exe --> c:\programdata\browser32.exe [?]
S2 TapiSrv32;Telephony ;c:\programdata\usbaaplrc32.exe --> c:\programdata\usbaaplrc32.exe [?]
S2 TBS32;TPM Base Services ;c:\programdata\winsrpc32.exe --> c:\programdata\WINSRPC32.exe [?]
S2 TermService32;Terminal Services ;c:\programdata\crypt3232.exe --> c:\programdata\crypt3232.exe [?]
S2 TermService3232;Terminal Services ;c:\programdata\urlmon32.exe --> c:\programdata\urlmon32.exe [?]
S2 Themes32;Themes ;c:\programdata\netapi32.exe --> c:\programdata\netapi32.exe [?]
S2 THREADORDER32;Thread Ordering Server ;c:\programdata\iphlpsvc32.exe --> c:\programdata\iphlpsvc32.exe [?]
S2 THREADORDER3232;Thread Ordering Server ;c:\programdata\usbmon32.exe --> c:\programdata\usbmon32.exe [?]
S2 TrkWks32;Distributed Link Tracking Client ;c:\programdata\vss_ps32.exe --> c:\programdata\vss_ps32.exe [?]
S2 TrkWks3232;Distributed Link Tracking Client ;c:\programdata\rasman32.exe --> c:\programdata\rasman32.exe [?]
S2 TrkWks323232;Distributed Link Tracking Client ;c:\programdata\wmvxencd32.exe --> c:\programdata\WMVXENCD32.exe [?]
S2 TrkWks32323232;Distributed Link Tracking Client ;c:\programdata\wsdapi32.exe --> c:\programdata\WSDApi32.exe [?]
S2 TrkWks3232323232;Distributed Link Tracking Client ;c:\programdata\wlancfg32.exe --> c:\programdata\wlancfg32.exe [?]
S2 TrustedInstaller3232;Windows Modules Installer ;c:\programdata\vxdif32.exe --> c:\programdata\Vxdif32.exe [?]
S2 TrustedInstaller323232;Windows Modules Installer ;c:\programdata\pnpxassocprx32.exe --> c:\programdata\PNPXAssocPrx32.exe [?]
S2 UI0Detect32;Interactive Services Detection ;c:\programdata\catsrvps32.exe --> c:\programdata\catsrvps32.exe [?]
S2 UI0Detect3232;Interactive Services Detection ;c:\programdata\resampledmo32.exe --> c:\programdata\RESAMPLEDMO32.exe [?]
S2 upnphost32;UPnP Device Host ;c:\programdata\serwvdrv32.exe --> c:\programdata\serwvdrv32.exe [?]
S2 vds3232;Virtual Disk ;c:\programdata\mmcss32.exe --> c:\programdata\mmcss32.exe [?]
S2 vds323232;Virtual Disk ;c:\programdata\msutb32.exe --> c:\programdata\msutb32.exe [?]
S2 vds32323232;Virtual Disk ;c:\programdata\c_is202232.exe --> c:\programdata\C_IS202232.exe [?]
S2 VSS32;Volume Shadow Copy ;c:\programdata\usbui32.exe --> c:\programdata\usbui32.exe [?]
S2 VSS3232;Volume Shadow Copy ;c:\programdata\cnc250l32.exe --> c:\programdata\CNC250L32.exe [?]
S2 VSS323232;Volume Shadow Copy ;c:\programdata\kd139432.exe --> c:\programdata\kd139432.exe [?]
S2 VSS32323232;Volume Shadow Copy ;c:\programdata\hnetcfg32.exe --> c:\programdata\hnetcfg32.exe [?]
S2 VSS3232323232;Volume Shadow Copy ;c:\programdata\wuwebv32.exe --> c:\programdata\wuwebv32.exe [?]
S2 wcncsvc3232;Windows Connect Now - Config Registrar ;c:\programdata\montr_ci32.exe --> c:\programdata\montr_ci32.exe [?]
S2 wcncsvc323232;Windows Connect Now - Config Registrar ;c:\programdata\bitsperf32.exe --> c:\programdata\bitsperf32.exe [?]
S2 WcsPlugInService32;Windows Color System ;c:\programdata\ndfapi32.exe --> c:\programdata\ndfapi32.exe [?]
S2 WcsPlugInService3232;Windows Color System ;c:\programdata\msvidc3232.exe --> c:\programdata\msvidc3232.exe [?]
S2 WcsPlugInService323232;Windows Color System ;c:\programdata\neth32.exe --> c:\programdata\neth32.exe [?]
S2 WcsPlugInService32323232;Windows Color System ;c:\programdata\olethk3232.exe --> c:\programdata\olethk3232.exe [?]
S2 WdiServiceHost32;Diagnostic Service Host ;c:\programdata\usercpl32.exe --> c:\programdata\usercpl32.exe [?]
S2 WdiSystemHost32;Diagnostic System Host ;c:\programdata\kbdnec9532.exe --> c:\programdata\kbdnec9532.exe [?]
S2 WdiSystemHost3232;Diagnostic System Host ;c:\programdata\mmdevapi32.exe --> c:\programdata\MMDevAPI32.exe [?]
S2 WdiSystemHost323232;Diagnostic System Host ;c:\programdata\stapo32.exe --> c:\programdata\stapo32.exe [?]
S2 WdiSystemHost32323232;Diagnostic System Host ;c:\programdata\lz3232.exe --> c:\programdata\lz3232.exe [?]
S2 WebClient32;WebClient ;c:\programdata\nlslexicons002a32.exe --> c:\programdata\NlsLexicons002a32.exe [?]
S2 WebClient3232;WebClient ;c:\programdata\wdc32.exe --> c:\programdata\wdc32.exe [?]
S2 Wecsvc32;Windows Event Collector ;c:\programdata\ntdsapi32.exe --> c:\programdata\ntdsapi32.exe [?]
S2 wercplsupport32;Problem Reports and Solutions Control Panel Support ;c:\programdata\msafd32.exe --> c:\programdata\msafd32.exe [?]
S2 wercplsupport3232;Problem Reports and Solutions Control Panel Support ;c:\programdata\mciavi3232.exe --> c:\programdata\mciavi3232.exe [?]
S2 wercplsupport323232;Problem Reports and Solutions Control Panel Support ;c:\programdata\mfc8032.exe --> c:\programdata\mfc8032.exe [?]
S2 WerSvc32;Windows Error Reporting Service ;c:\programdata\msi32.exe --> c:\programdata\msi32.exe [?]
S2 WerSvc3232;Windows Error Reporting Service ;c:\programdata\kbdblr32.exe --> c:\programdata\KBDBLR32.exe [?]
S2 WerSvc323232;Windows Error Reporting Service ;c:\programdata\vdsutil32.exe --> c:\programdata\vdsutil32.exe [?]
S2 WinDefend3232;Windows Defender ;c:\programdata\wsmanmigrationplugin32.exe --> c:\programdata\WSManMigrationPlugin32.exe [?]
S2 Winmgmt32;Windows Management Instrumentation ;c:\programdata\nlsdata002032.exe --> c:\programdata\NlsData002032.exe [?]
S2 Winmgmt3232;Windows Management Instrumentation ;c:\programdata\dxtmsft32.exe --> c:\programdata\dxtmsft32.exe [?]
S2 Winmgmt323232;Windows Management Instrumentation ;c:\programdata\pnidui32.exe --> c:\programdata\pnidui32.exe [?]
S2 Winmgmt32323232;Windows Management Instrumentation ;c:\programdata\igdumdx3232.exe --> c:\programdata\igdumdx3232.exe [?]
S2 Winmgmt3232323232;Windows Management Instrumentation ;c:\programdata\tbssvc32.exe --> c:\programdata\tbssvc32.exe [?]
S2 WinRM32;Windows Remote Management (WS-Management) ;c:\programdata\kbdsw0932.exe --> c:\programdata\KBDSW0932.exe [?]
S2 WinRM3232;Windows Remote Management (WS-Management) ;c:\programdata\kbdcz232.exe --> c:\programdata\KBDCZ232.exe [?]
S2 Wlansvc3232;WLAN AutoConfig ;c:\programdata\msidle32.exe --> c:\programdata\msidle32.exe [?]
S2 wltrysvc32;Dell Wireless WLAN Tray Service ;c:\programdata\wsdchngr32.exe --> c:\programdata\wsdchngr32.exe [?]
S2 wltrysvc323232;Dell Wireless WLAN Tray Service ;c:\programdata\d3d8thk32.exe --> c:\programdata\d3d8thk32.exe [?]
S2 wltrysvc32323232;Dell Wireless WLAN Tray Service ;c:\programdata\activeds32.exe --> c:\programdata\activeds32.exe [?]
S2 wmiApSrv3232;WMI Performance Adapter ;c:\programdata\dhcpcsvc32.exe --> c:\programdata\dhcpcsvc32.exe [?]
S2 wmiApSrv323232;WMI Performance Adapter ;c:\programdata\mcupdate_genuineintel32.exe --> c:\programdata\mcupdate_GenuineIntel32.exe [?]
S2 wmiApSrv32323232;WMI Performance Adapter ;c:\programdata\streamci32.exe --> c:\programdata\streamci32.exe [?]
S2 WMPNetworkSvc32;Windows Media Player Network Sharing Service ;c:\programdata\xwtpw3232.exe --> c:\programdata\xwtpw3232.exe [?]
S2 WPCSvc32;Parental Controls ;c:\programdata\cnc250i32.exe --> c:\programdata\CNC250I32.exe [?]
S2 WPCSvc323232;Parental Controls ;c:\programdata\cic32.exe --> c:\programdata\cic32.exe [?]
S2 WPCSvc32323232;Parental Controls ;c:\programdata\msfeeds32.exe --> c:\programdata\msfeeds32.exe [?]
S2 WPDBusEnum32;Portable Device Enumerator Service ;c:\programdata\naphlpr32.exe --> c:\programdata\NAPHLPR32.exe [?]
S2 WPDBusEnum3232;Portable Device Enumerator Service ;c:\programdata\certmgr32.exe --> c:\programdata\certmgr32.exe [?]
S2 wscsvc32;Security Center ;c:\programdata\d3dim32.exe --> c:\programdata\d3dim32.exe [?]
S2 WSearch32;Windows Search ;c:\programdata\deployjava132.exe --> c:\programdata\deployJava132.exe [?]
S2 wuauserv32;Windows Update ;c:\programdata\ncryptui32.exe --> c:\programdata\ncryptui32.exe [?]
S2 wuauserv3232;Windows Update ;c:\programdata\cmstplua32.exe --> c:\programdata\cmstplua32.exe [?]
S2 wuauserv323232;Windows Update ;c:\programdata\cmcfg3232.exe --> c:\programdata\cmcfg3232.exe [?]
S2 wuauserv32323232;Windows Update ;c:\programdata\hidserv32.exe --> c:\programdata\hidserv32.exe [?]
S2 wudfsvc32;Windows Driver Foundation - User-mode Driver Framework ;c:\programdata\httpapi32.exe --> c:\programdata\httpapi32.exe [?]
S2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc --> RUNDLL32.EXE ykx32coinst,serviceStartProc [?]
S2 yksvc32;Marvell Yukon Service ;c:\programdata\moricons32.exe --> c:\programdata\moricons32.exe [?]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-9-6 136176]
S4 McOobeSv;McAfee OOBE Service;"c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe" /mccoresvc --> c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [?]
.
=============== Created Last 30 ================
.
2011-08-11 06:54:50 -------- d-----w- C:\MGtools
2011-08-11 05:47:49 -------- d-----w- c:\users\melissa\appdata\local\temp
2011-08-11 05:41:49 -------- d-s---w- C:\ComboFix
2011-08-11 01:40:33 -------- d-----w- c:\programdata\Malwarebytes
2011-08-11 01:40:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-10 23:38:56 54016 ----a-w- c:\windows\system32\drivers\ltnjbmr.sys
2011-08-10 23:27:29 -------- d-----w- c:\program files\CCleaner
2011-08-10 22:46:41 -------- d-----w- c:\program files\Trend Micro
2011-08-10 22:46:24 812344 ----a-w- C:\HJTInstall.exe
2011-08-10 20:07:59 98816 ----a-w- c:\windows\sed.exe
2011-08-10 20:07:59 518144 ----a-w- c:\windows\SWREG.exe
2011-08-10 20:07:59 256000 ----a-w- c:\windows\PEV.exe
2011-08-10 20:07:59 208896 ----a-w- c:\windows\MBR.exe
2011-08-10 20:01:33 54016 ----a-w- c:\windows\system32\drivers\srjt.sys
2011-08-10 19:21:47 54016 ----a-w- c:\windows\system32\drivers\pllk.sys
2011-08-10 08:50:00 -------- d-----w- c:\users\melissa\appdata\roaming\SUPERAntiSpyware.com
2011-08-10 08:49:41 -------- d-----w- c:\programdata\!SASCORE
2011-08-10 08:49:39 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-08-10 08:49:39 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-08-10 08:44:05 2419140 ----a-w- C:\MGtools.exe
2011-08-10 08:40:44 12410448 ----a-w- C:\SUPERAntiSpywarefree.exe
2011-08-10 08:23:54 54016 ----a-w- c:\windows\system32\drivers\umvyp.sys
2011-08-10 07:26:03 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-08-10 07:26:03 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-08-10 07:25:58 40112 ----a-w- c:\windows\avastSS.scr
2011-08-10 07:25:50 -------- d-----w- c:\programdata\AVAST Software
2011-08-10 07:25:50 -------- d-----w- c:\program files\AVAST Software
2011-08-10 06:45:15 54016 ----a-w- c:\windows\system32\drivers\bunmv.sys
2011-08-10 06:03:42 -------- d-----w- c:\users\melissa\appdata\roaming\Malwarebytes
2011-08-10 06:03:38 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-10 06:03:34 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-10 00:37:27 -------- d-----w- c:\users\melissa\appdata\roaming\McAfee
2011-07-23 17:50:54 -------- d-----w- c:\program files\Dogpile Bundle Toolbar
2011-07-23 17:49:52 -------- d-----w- c:\users\melissa\appdata\local\Conduit
2011-07-23 17:49:51 -------- d-----w- c:\program files\CasualGaming
.
==================== Find3M ====================
.
2011-06-20 21:55:31 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys
2011-06-20 21:55:21 88 --sha-r- c:\windows\system32\E417A06D14.sys
.
============= FINISH: 10:28:25.08 ===============

Blade81
2011-08-16, 11:19
Hi,


for some reason I can't seem to attach the .zip file
Copy-paste contents of attach.txt.

JKstang
2011-08-16, 15:56
Lost the originals somehow, so ran DDS again..
Below is the DDS.txt followed by the Attach.txt

.
DDS (Ver_2011-06-23.01) - NTFSx86 NETWORK
Internet Explorer: 7.0.6001.18000
Run by Melissa at 8:43:39 on 2011-08-16
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3034.2636 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mDefault_Page_URL = hxxp://www.dell.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mURLSearchHooks: Elf 1.15 Toolbar: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - c:\program files\elf_1.15\tbElf0.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll
BHO: ooVoo Toolbar: {574be437-25ae-4010-a53e-8c63b6ae02ff} - c:\program files\oovootoolbar\vmntemplateX.dll
BHO: Window Shopper: {74f475fa-6c75-43bd-aab9-ecda6184f600} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110624202007.dll
BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: 2433b577: {b9321238-d1a4-662c-02c5-699ece457bf9} - c:\programdata\atl32.dll
BHO: Elf 1.15 Toolbar: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - c:\program files\elf_1.15\tbElf0.dll
BHO: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Elf 1.15 Toolbar: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - c:\program files\elf_1.15\tbElf0.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: ooVoo Toolbar: {574be437-25ae-4010-a53e-8c63b6ae02ff} - c:\program files\oovootoolbar\vmntemplateX.dll
TB: {B9B97401-98E1-4942-930D-C36652DAB7F2} - No File
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [QuickSet] c:\program files\dell\quickset\QuickSet.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Corel Photo Downloader] "c:\program files\common files\corel\corel photodownloader\Corel PhotoDownloader.exe" -startup
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [<NO NAME>]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [cleanddm] c:\windows\system32\config\systemprofile\appdata\local\cleanddm.exe
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-explorer: HideSCAHealth = 1 (0x1)
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll
Trusted Zone: internet
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.5.150
TCP: Interfaces\{B7A8E1A5-C963-4259-9FD8-CF519D660D67} : DhcpNameServer = 192.168.5.150
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\programdata\atl32.dll
.
============= SERVICES / DRIVERS ===============
.
S1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2011-2-3 54776]
S2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc --> RUNDLL32.EXE ykx32coinst,serviceStartProc [?]
.
=============== Created Last 30 ================
.
2011-08-16 11:07:45 -------- d-----w- c:\users\melissa\appdata\local\Temp
2011-08-16 07:18:45 574 ----a-w- C:\cleanup.bat
2011-08-16 07:18:45 19286 ----a-w- C:\cleanup.exe
2011-08-16 07:18:45 135168 ----a-w- C:\zip.exe
2011-08-16 07:13:13 -------- d-----w- c:\windows\pss
2011-08-11 06:54:50 -------- d-----w- C:\MGtools
2011-08-11 01:40:33 -------- d-----w- c:\programdata\Malwarebytes
2011-08-11 01:40:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-10 23:38:56 54016 ----a-w- c:\windows\system32\drivers\ltnjbmr.sys
2011-08-10 23:27:29 -------- d-----w- c:\program files\CCleaner
2011-08-10 22:46:41 -------- d-----w- c:\program files\Trend Micro
2011-08-10 22:46:24 812344 ----a-w- C:\HJTInstall.exe
2011-08-10 20:01:33 54016 ----a-w- c:\windows\system32\drivers\srjt.sys
2011-08-10 19:21:47 54016 ----a-w- c:\windows\system32\drivers\pllk.sys
2011-08-10 08:50:00 -------- d-----w- c:\users\melissa\appdata\roaming\SUPERAntiSpyware.com
2011-08-10 08:49:41 -------- d-----w- c:\programdata\!SASCORE
2011-08-10 08:49:39 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-08-10 08:49:39 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-08-10 08:40:44 12410448 ----a-w- C:\SUPERAntiSpywarefree.exe
2011-08-10 08:23:54 54016 ----a-w- c:\windows\system32\drivers\umvyp.sys
2011-08-10 07:26:03 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-08-10 07:26:03 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-08-10 07:25:58 40112 ----a-w- c:\windows\avastSS.scr
2011-08-10 07:25:50 -------- d-----w- c:\programdata\AVAST Software
2011-08-10 07:25:50 -------- d-----w- c:\program files\AVAST Software
2011-08-10 06:45:15 54016 ----a-w- c:\windows\system32\drivers\bunmv.sys
2011-08-10 06:03:42 -------- d-----w- c:\users\melissa\appdata\roaming\Malwarebytes
2011-08-10 06:03:38 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-10 06:03:34 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-10 00:37:27 -------- d-----w- c:\users\melissa\appdata\roaming\McAfee
2011-07-23 17:50:54 -------- d-----w- c:\program files\Dogpile Bundle Toolbar
2011-07-23 17:49:52 -------- d-----w- c:\users\melissa\appdata\local\Conduit
2011-07-23 17:49:51 -------- d-----w- c:\program files\CasualGaming
.
==================== Find3M ====================
.
2011-06-20 21:55:31 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys
2011-06-20 21:55:21 88 --sha-r- c:\windows\system32\E417A06D14.sys
.
============= FINISH: 8:45:03.30 ===============



Attach.txt starts here:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 9/6/2010 12:46:02 PM
System Uptime: 8/16/2011 8:41:22 AM (0 hours ago)
.
Motherboard: Dell Inc. | | 0G848F
Processor: Celeron(R) Dual-Core CPU T3000 @ 1.80GHz | Microprocessor | 1795/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 218 GiB total, 157.903 GiB free.
E: is FIXED (NTFS) - 15 GiB total, 9.564 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.4
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Bonjour
Canon MP250 series MP Drivers
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Conduit Engine
Corel Paint Shop Pro Photo X2
Dell Edoc Viewer
Dell Touchpad
Dell Wireless WLAN Card Utility
Elf 1.15 Toolbar
FrostWire 4.21.8
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Intel(R) TV Wizard
Intel® Matrix Storage Manager
iTunes
Java Auto Updater
Java(TM) 6 Update 20
Logitech Vid
Logitech Webcam Software
McAfee Internet Security
McAfee Online Backup
Microsoft .NET Framework 3.5 SP1
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
ooVoo
ooVoo Toolbar
QuickSet
QuickTime
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Skype Toolbars
Skype™ 5.3
The Sims™ 2 Deluxe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Window Shopper
.
==== End Of File ===========================


For the record, I've tried without success to disable or remove the McAfee Internet Security. I even followed advice on McAfee's site to remove all references from the Registry. Upon reboot into Safemode, it all came back.

Blade81
2011-08-16, 20:20
Hi,

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

Frostwire


I'd like you to read this thread (http://forums.spybot.info/showthread.php?t=282).

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red). Post fresh dds logs when done.


Please do NOT run 'FIXES' (ComboFix etc) without being asked (http://forums.spybot.info/showthread.php?t=16806). Post contents of existing c:\ComboFix.txt file.


For the record, I've tried without success to disable or remove the McAfee Internet Security. I even followed advice on McAfee's site to remove all references from the Registry. Upon reboot into Safemode, it all came back.
We'll see that a bit later.

JKstang
2011-08-16, 20:33
I tried to remove frostwire and any toolbar programs initally which I didn't recognize.
But as per instructions I tried again. When I tried I get:

"An error occured while trying to uninstall FrostWire 4.21.8. It may have already been uninstalled. Would you like to remove FrostWire 4.21.8 from the Programs and Features list?"

Whether I click yes or no it remains in the Add/Remove Programs list.

Blade81
2011-08-16, 20:36
Please give Revo Uninstaller (http://www.revouninstaller.com) a try.

JKstang
2011-08-16, 20:37
Also, there is not an existing ComboFix.txt

JKstang
2011-08-16, 20:51
Revo seemed to work. DDS.txt and Attach.txt follow..

.
DDS (Ver_2011-06-23.01) - NTFSx86 NETWORK
Internet Explorer: 7.0.6001.18000
Run by Melissa at 13:47:20 on 2011-08-16
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.3034.2574 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mDefault_Page_URL = hxxp://www.dell.com
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mURLSearchHooks: Elf 1.15 Toolbar: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - c:\program files\elf_1.15\tbElf0.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll
BHO: ooVoo Toolbar: {574be437-25ae-4010-a53e-8c63b6ae02ff} - c:\program files\oovootoolbar\vmntemplateX.dll
BHO: Window Shopper: {74f475fa-6c75-43bd-aab9-ecda6184f600} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20110624202007.dll
BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.6406.1642\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: 2433b577: {b9321238-d1a4-662c-02c5-699ece457bf9} - c:\programdata\atl32.dll
BHO: Elf 1.15 Toolbar: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - c:\program files\elf_1.15\tbElf0.dll
BHO: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: FrostWire Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Elf 1.15 Toolbar: {b9d63c58-90cc-428b-8d3b-cbb88eb07e7e} - c:\program files\elf_1.15\tbElf0.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngin0.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: ooVoo Toolbar: {574be437-25ae-4010-a53e-8c63b6ae02ff} - c:\program files\oovootoolbar\vmntemplateX.dll
TB: {B9B97401-98E1-4942-930D-C36652DAB7F2} - No File
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [QuickSet] c:\program files\dell\quickset\QuickSet.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Corel Photo Downloader] "c:\program files\common files\corel\corel photodownloader\Corel PhotoDownloader.exe" -startup
mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [<NO NAME>]
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [cleanddm] c:\windows\system32\config\systemprofile\appdata\local\cleanddm.exe
mRunOnce: [GrpConv] grpconv -o
dRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
dPolicies-explorer: HideSCAHealth = 1 (0x1)
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - c:\program files\superfish\window shopper\SuperfishIEAddon.dll
Trusted Zone: internet
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.5.150
TCP: Interfaces\{B7A8E1A5-C963-4259-9FD8-CF519D660D67} : DhcpNameServer = 192.168.5.150
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Notify: igfxcui - igfxdev.dll
AppInit_DLLs: c:\programdata\atl32.dll
.
============= SERVICES / DRIVERS ===============
.
S1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2011-2-3 54776]
S2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx32coinst,serviceStartProc --> RUNDLL32.EXE ykx32coinst,serviceStartProc [?]
S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys [2011-8-16 27192]
.
=============== Created Last 30 ================
.
2011-08-16 17:40:49 -------- d-----w- c:\users\melissa\appdata\local\VS Revo Group
2011-08-16 17:40:47 27192 ----a-w- c:\windows\system32\drivers\revoflt.sys
2011-08-16 17:40:45 -------- d-----w- c:\program files\VS Revo Group
2011-08-16 17:39:01 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-08-16 11:07:45 -------- d-----w- c:\users\melissa\appdata\local\Temp
2011-08-16 07:18:45 574 ----a-w- C:\cleanup.bat
2011-08-16 07:18:45 19286 ----a-w- C:\cleanup.exe
2011-08-16 07:18:45 135168 ----a-w- C:\zip.exe
2011-08-16 07:13:13 -------- d-----w- c:\windows\pss
2011-08-11 06:54:50 -------- d-----w- C:\MGtools
2011-08-11 01:40:33 -------- d-----w- c:\programdata\Malwarebytes
2011-08-11 01:40:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-10 23:38:56 54016 ----a-w- c:\windows\system32\drivers\ltnjbmr.sys
2011-08-10 23:27:29 -------- d-----w- c:\program files\CCleaner
2011-08-10 22:46:41 -------- d-----w- c:\program files\Trend Micro
2011-08-10 22:46:24 812344 ----a-w- C:\HJTInstall.exe
2011-08-10 20:01:33 54016 ----a-w- c:\windows\system32\drivers\srjt.sys
2011-08-10 19:21:47 54016 ----a-w- c:\windows\system32\drivers\pllk.sys
2011-08-10 08:50:00 -------- d-----w- c:\users\melissa\appdata\roaming\SUPERAntiSpyware.com
2011-08-10 08:49:41 -------- d-----w- c:\programdata\!SASCORE
2011-08-10 08:49:39 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2011-08-10 08:49:39 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-08-10 08:40:44 12410448 ----a-w- C:\SUPERAntiSpywarefree.exe
2011-08-10 08:23:54 54016 ----a-w- c:\windows\system32\drivers\umvyp.sys
2011-08-10 07:26:03 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-08-10 07:26:03 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-08-10 07:25:58 40112 ----a-w- c:\windows\avastSS.scr
2011-08-10 07:25:50 -------- d-----w- c:\programdata\AVAST Software
2011-08-10 07:25:50 -------- d-----w- c:\program files\AVAST Software
2011-08-10 06:45:15 54016 ----a-w- c:\windows\system32\drivers\bunmv.sys
2011-08-10 06:03:42 -------- d-----w- c:\users\melissa\appdata\roaming\Malwarebytes
2011-08-10 06:03:38 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-10 06:03:34 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-10 00:37:27 -------- d-----w- c:\users\melissa\appdata\roaming\McAfee
2011-07-23 17:50:54 -------- d-----w- c:\program files\Dogpile Bundle Toolbar
2011-07-23 17:49:52 -------- d-----w- c:\users\melissa\appdata\local\Conduit
2011-07-23 17:49:51 -------- d-----w- c:\program files\CasualGaming
.
==================== Find3M ====================
.
2011-06-20 21:55:31 2828 --sha-w- c:\windows\system32\KGyGaAvL.sys
2011-06-20 21:55:21 88 --sha-r- c:\windows\system32\E417A06D14.sys
.
============= FINISH: 13:47:43.65 ===============


Attach.txt begins here.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 9/6/2010 12:46:02 PM
System Uptime: 8/16/2011 8:41:22 AM (5 hours ago)
.
Motherboard: Dell Inc. | | 0G848F
Processor: Celeron(R) Dual-Core CPU T3000 @ 1.80GHz | Microprocessor | 1795/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 218 GiB total, 157.881 GiB free.
E: is FIXED (NTFS) - 15 GiB total, 9.564 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP67: 4/22/2011 7:00:13 AM - Scheduled Checkpoint
RP68: 5/12/2011 4:23:46 PM - Windows Update
RP69: 5/21/2011 12:23:43 PM - Scheduled Checkpoint
RP70: 6/2/2011 8:43:28 PM - Scheduled Checkpoint
RP71: 6/16/2011 8:56:49 PM - Windows Update
RP72: 6/17/2011 8:00:01 PM - Scheduled Checkpoint
RP73: 6/18/2011 8:50:45 PM - Scheduled Checkpoint
RP74: 6/21/2011 3:10:37 PM - Scheduled Checkpoint
RP75: 6/24/2011 1:59:57 PM - Removed ASPCA Tri Reminder by We-Care.com v4.0.7.5
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3.4
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
Bonjour
Canon MP250 series MP Drivers
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Compatibility Pack for the 2007 Office system
Conduit Engine
Corel Paint Shop Pro Photo X2
Dell Edoc Viewer
Dell Touchpad
Dell Wireless WLAN Card Utility
Elf 1.15 Toolbar
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Intel(R) Graphics Media Accelerator Driver
Intel(R) TV Wizard
Intel® Matrix Storage Manager
iTunes
Java Auto Updater
Java(TM) 6 Update 20
Logitech Vid
Logitech Webcam Software
McAfee Internet Security
McAfee Online Backup
Microsoft .NET Framework 3.5 SP1
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
ooVoo
ooVoo Toolbar
QuickSet
QuickTime
Revo Uninstaller Pro 2.5.3
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Skype Toolbars
Skype™ 5.3
The Sims™ 2 Deluxe
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Window Shopper
.
==== End Of File ===========================

JKstang
2011-08-16, 22:54
Upon reboot Frostwire and Ask Toolbar returned. It's as if the Registry is not keeping the changes.

Blade81
2011-08-17, 07:28
It's possible McAfee has registry locked. Since you planned to uninstall it let's see if we can do it at this point. Download & run Appremover (http://www.appremover.com/).

JKstang
2011-08-17, 09:11
The AppRemover.exe crashes when started..can't even get as far as running a scan. As much as I hate to admit defeat, at this point I've been trying to clean this out for over 2 weeks and really no longer have the time to track down the problem. I'm going to wipe / restore the OS and hope that resolves the issue. If it doesn't then at least I'll return with a fresh system and less garbage to sort through. Thank you for your assistance.

Blade81
2011-08-17, 13:59
Ok. Thanks for the heads up. Gonna archive this topic then.