1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

NGINX white screen on startup

Discussion in 'Virus & Other Malware Removal' started by flatlander31, Jul 14, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. flatlander31

    flatlander31 Thread Starter

    Joined:
    Apr 21, 2012
    Messages:
    49
    Hey,

    I've had virus issues in the past that got solved here... but, now I have another.

    System starts normally, and I can see my desktop for about 5 seconds... then the screen goes pale blue, and then white, and then I get a

    404 Not Found
    nginx

    at the top of this white screen.

    If there was a way I could run the normal diagnostic tools, I would do so and then post them.

    Any ideas anyone?
     
  2. flatlander31

    flatlander31 Thread Starter

    Joined:
    Apr 21, 2012
    Messages:
    49
    An update.

    The last time it started, I started Windows Essentials, IE, and Firefox, and got WE to run a scan before the nginx screen appeared. Quick scan found nothing.

    So now I have my PC with those programs open, but my taskbar and desktop are blank (aside from my regular wallpaper).

    Any ideas?
     
  3. flatlander31

    flatlander31 Thread Starter

    Joined:
    Apr 21, 2012
    Messages:
    49
    Update #2.

    The taskbar is back... and random audio ads are playing now.
     
  4. flatlander31

    flatlander31 Thread Starter

    Joined:
    Apr 21, 2012
    Messages:
    49
    HiJackThis log:

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 5:13:04 PM, on 14/07/2012
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v8.00 (8.00.6001.18702)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\arservice.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\ARPWRMSG.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\DISC\DISCover.exe
    C:\Program Files\DISC\DiscUpdMgr.exe
    C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
    C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
    C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\HP\HP Deskjet 3050A J611 series\bin\HPNetworkCommunicator.exe
    C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\DISC\DiscStreamHub.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    c:\windows\system\hpsysdrv.exe
    C:\WINDOWS\Explorer.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Documents and Settings\HP_Administrator\Desktop\HijackThis.exe
    C:\Program Files\DISC\myFTP.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.canoe.ca/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/sb/*http://www.yahoo.com/search/ie.html
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=63&bd=PAVILION&pf=desktop
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/su/*http://www.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=63&bd=PAVILION&pf=desktop
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
    O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [DISCover] C:\Program Files\DISC\DISCover.exe
    O4 - HKLM\..\Run: [DiscUpdateManager] C:\Program Files\DISC\DiscUpdMgr.exe
    O4 - HKLM\..\Run: [DMAScheduler] "c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe"
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1AA442K605PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
    O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
    O4 - S-1-5-18 Startup: Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk = ? (User 'SYSTEM')
    O4 - .DEFAULT Startup: Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk = ? (User 'Default user')
    O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
    O4 - Startup: Monitor Ink Alerts - HP Deskjet 3050A J611 series (Network).lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: WDDMStatus.lnk = C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
    O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
    O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
    O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238539017015
    O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} (Photo Upload Plugin Class) - http://costco.pnimedia.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
    O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712....akamai.com/6712/player/install/installer.exe
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://kindermusikevents.webex.com/client/T27L/nbr/ieatgpc.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Protocol: vsharechrome - {3F3A4B8A-86FC-43A4-BB00-6D7EBE9D4484} - (no file)
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    O23 - Service: WDDMService - WDC - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
    O23 - Service: WD File Management Engine (WDFME) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
    O23 - Service: WD File Management Shadow Engine (WDSC) - Unknown owner - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
    --
    End of file - 16892 bytes
     
  5. flatlander31

    flatlander31 Thread Starter

    Joined:
    Apr 21, 2012
    Messages:
    49
    DDS log:

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 8.0.6001.18702
    Run by HP_Administrator at 17:20:49 on 2012-07-14
    Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.958.150 [GMT -6:00]
    .
    AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    svchost.exe
    c:\Program Files\Microsoft Security Client\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\arservice.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\ARPWRMSG.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\DISC\DISCover.exe
    C:\Program Files\DISC\DiscUpdMgr.exe
    C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    svchost.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Microsoft Security Client\msseces.exe
    C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
    C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
    C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
    C:\WINDOWS\system32\RunDll32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\HP\HP Deskjet 3050A J611 series\bin\HPNetworkCommunicator.exe
    C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\DISC\DiscStreamHub.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    c:\windows\system\hpsysdrv.exe
    C:\WINDOWS\Explorer.exe
    C:\WINDOWS\ARPWRMSG.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.canoe.ca/
    uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
    mSearch Bar = hxxp://ca.red.clientapps.yahoo.com/customize/rogers/defaults/sb/*http://www.yahoo.com/search/ie.html
    uInternet Connection Wizard,ShellNext = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=63&bd=PAVILION&pf=desktop
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://ca.red.clientapps.yahoo.com/customize/rogers/defaults/su/*http://www.yahoo.com
    mSearchAssistant = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=63&bd=PAVILION&pf=desktop
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
    BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
    BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
    BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
    uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [HP Deskjet 3050A J611 series (NET)] "c:\program files\hp\hp deskjet 3050a j611 series\bin\ScanToPCActivationApp.exe" -deviceID "CN1AA442K605PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
    mRun: [ehTray] c:\windows\ehome\ehtray.exe
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
    mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
    mRun: [nwiz] nwiz.exe /install
    mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe
    mRun: [DISCover] c:\program files\disc\DISCover.exe
    mRun: [DiscUpdateManager] c:\program files\disc\DiscUpdMgr.exe
    mRun: [DMAScheduler] "c:\program files\hp digitalmedia archive\DMAScheduler.exe"
    mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
    mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [KBD] c:\hp\kbd\KBD.EXE
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [Adobe Photo Downloader] "c:\program files\adobe\photoshop album starter edition\3.2\apps\apdproxy.exe"
    mRun: [LogitechCommunicationsManager] "c:\program files\common files\logishrd\lcommgr\Communications_Helper.exe"
    mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\quickcam\Quickcam.exe" /hide
    mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
    mRun: [IntelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe"
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
    mRun: [<NO NAME>]
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
    StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\monito~1.lnk - c:\windows\system32\RunDll32.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe
    IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
    IE: {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D}
    IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}
    IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {F4430FE8-2638-42e5-B849-800749B94EED}
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
    DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
    DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
    DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab
    DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader.cab
    DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1238539017015
    DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
    DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} - hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab
    DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://costco.pnimedia.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
    DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install/installer.exe
    DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://kindermusikevents.webex.com/client/T27L/nbr/ieatgpc.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 172.16.1.254
    TCP: Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D} : DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243
    TCP: Interfaces\{EE57DE21-888A-44A8-9DBB-775F1613169C} : DhcpNameServer = 172.16.1.254
    Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
    Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\jdq7qgiy.default\
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: c:\documents and settings\hp_administrator\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
    FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
    FF - plugin: c:\program files\musicnotes\npmusicn.dll
    FF - plugin: c:\program files\musicnotes\NPSibelius.dll
    FF - plugin: c:\windows\npMSDM.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 171064]
    R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
    R2 WDDMService;WDDMService;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2010-11-8 237568]
    R2 WDFME;WD File Management Engine;c:\program files\western digital\wd smartware\front parlor\wdfme\WDFME.exe [2010-11-8 1060352]
    R2 WDSC;WD File Management Shadow Engine;c:\program files\western digital\wd smartware\front parlor\WDSC.exe [2010-11-8 484352]
    RUnknown MpKsla236200f;MpKsla236200f; [x]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-5-6 136176]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-5-6 136176]
    S3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\drivers\ivusb.sys --> c:\windows\system32\drivers\ivusb.sys [?]
    S3 MBAMSwissArmy;MBAMSwissArmy;\??\c:\windows\system32\drivers\mbamswissarmy.sys --> c:\windows\system32\drivers\mbamswissarmy.sys [?]
    S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-29 129976]
    S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2010-12-18 11520]
    .
    =============== Created Last 30 ================
    .
    2012-07-14 22:33:37 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{51e6cb10-907a-4c04-abce-5fb8da508ef8}\offreg.dll
    2012-07-14 22:23:06 6762896 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{51e6cb10-907a-4c04-abce-5fb8da508ef8}\mpengine.dll
    2012-07-08 19:26:42 6762896 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
    2012-06-17 16:09:20 521728 ------w- c:\windows\system32\dllcache\jsdbgui.dll
    .
    ==================== Find3M ====================
    .
    2012-06-17 16:07:54 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-06-17 16:07:53 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-06-02 21:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
    2012-06-02 21:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
    2012-06-02 21:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
    2012-06-02 21:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
    2012-06-02 21:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
    2012-06-02 21:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
    2012-06-02 21:18:58 214256 ----a-w- c:\windows\system32\muweb.dll
    2012-06-02 21:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
    2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
    2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll
    2012-05-15 13:20:33 1863168 ----a-w- c:\windows\system32\win32k.sys
    2012-05-11 14:42:33 43520 ------w- c:\windows\system32\licmgr10.dll
    2012-05-11 14:42:33 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2012-05-11 11:38:02 385024 ------w- c:\windows\system32\html.iec
    2012-05-02 13:46:36 139656 ------w- c:\windows\system32\drivers\rdpwd.sys
    2012-04-27 02:07:59 73728 ----a-w- c:\windows\system32\javacpl.cpl
    2012-04-27 02:07:58 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2012-04-23 18:00:00 79360 ----a-w- c:\windows\system32\ff_vfw.dll
    .
    ============= FINISH: 17:23:03.53 ===============
     
  6. flatlander31

    flatlander31 Thread Starter

    Joined:
    Apr 21, 2012
    Messages:
    49
    and the attach.txt file:

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Professional
    Boot Device: \Device\HarddiskVolume1
    Install Date: 26/01/2007 2:41:15 PM
    System Uptime: 14/07/2012 4:11:49 PM (1 hours ago)
    .
    Motherboard: ASUSTek Computer INC. | | NAGAMI2
    Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ | Socket 939 | 1803/199mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 224 GiB total, 174.811 GiB free.
    D: is FIXED (FAT32) - 9 GiB total, 0.479 GiB free.
    E: is CDROM ()
    F: is Removable
    G: is Removable
    H: is Removable
    I: is Removable
    L: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    No restore point in system.
    .
    ==== Installed Programs ======================
    .
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.3)
    Adobe Shockwave Player 11.5
    Adobe® Photoshop® Album Starter Edition 3.2
    Agere Systems PCI-SV92PP Soft Modem
    AiO_Scan_CDA
    AiOSoftwareNPI
    Alien Outbreak 2
    Ancient Sudoku
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Bejeweled 2 Deluxe
    Big Kahuna Reef
    Blackhawk Striker 2
    Blasterball 2 Remix
    Blasterball 2 Revolution
    Bonjour
    Bookworm Deluxe
    Bounce Symphony
    BufferChm
    CameraDrivers
    CameraUserGuides
    Chuzzle Deluxe
    Compatibility Pack for the 2007 Office system
    CP_AtenaShokunin1Config
    CP_CalendarTemplates1
    cp_LightScribeConfig
    cp_OnlineProjectsConfig
    CP_Package_Basic1
    CP_Package_Variety1
    CP_Package_Variety2
    CP_Package_Variety3
    CP_Panorama1Config
    cp_PosterPrintConfig
    cp_UpdateProjectsConfig
    CueTour
    Customer Experience Enhancement
    CustomerResearchQFolder
    Deal or No Deal
    Destinations
    Diner Dash
    DISCover
    DocProc
    DocumentViewer
    DVD Shrink 3.2
    Easy Internet Sign-up
    Enhanced Multimedia Keyboard Solution
    ESET Online Scanner v3
    eSupportQFolder
    F300
    F300_Help
    Fairies
    Family Feud
    FATE
    Fax_CDA
    Flip Words
    Full Tilt Poker
    GemMaster Mystic
    Google Toolbar for Internet Explorer
    Google Update Helper
    High Definition Audio Driver Package - KB888111
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Hotfix for Windows Internet Explorer 7 (KB947864)
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows Media Player 10 (KB910393)
    Hotfix for Windows XP (KB2158563)
    Hotfix for Windows XP (KB2443685)
    Hotfix for Windows XP (KB2570791)
    Hotfix for Windows XP (KB2633952)
    Hotfix for Windows XP (KB952287)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB961118)
    Hotfix for Windows XP (KB970653-v3)
    Hotfix for Windows XP (KB976098-v2)
    Hotfix for Windows XP (KB979306)
    Hotfix for Windows XP (KB981793)
    HP Boot Optimizer
    HP Customer Participation Program 7.0
    HP Deskjet 3050A J611 series Basic Device Software
    HP Deskjet 3050A J611 series Help
    HP Deskjet 3050A J611 series Product Improvement Study
    HP Deskjet Printer Preload
    HP DigitalMedia Archive
    HP Document Viewer 6.1
    HP DVD Play 2.1
    HP Game Console
    HP Imaging Device Functions 7.0
    HP Photosmart 330,380,420,470,7800,8000,8200 Series
    HP Photosmart Cameras 6.0
    HP Photosmart Essential
    HP Photosmart for Media Center PC
    HP Photosmart Premier Software 6.5
    HP Photosmart, Officejet and Deskjet 7.0.A
    HP Print Diagnostic Utility
    HP Product Assistant
    HP Product Detection
    HP Rhapsody
    HP Solution Center 7.0
    HP Update
    HP Web Helper
    hpiCamDrvQFolder
    HPPhotoSmartExpress
    HPProductAssistant
    HpSdpAppCoreApp
    HPSSupply
    Insaniquarium Deluxe
    InstantShareAlert
    InstantShareDevices
    InstantShareDevicesMFC
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 31
    Jewel Quest
    K-Lite Mega Codec Pack 8.7.0
    Keyboarding Pro
    Legacy 6.0
    LightScribe 1.4.84.1
    Logitech Desktop Messenger
    Logitech QuickCam
    Logitech QuickCam Driver Package
    Mah Jong Quest
    MarketResearch
    Microsoft .NET Framework 1.0 Hotfix (KB2572066)
    Microsoft .NET Framework 1.0 Hotfix (KB2604042)
    Microsoft .NET Framework 1.0 Hotfix (KB2656378)
    Microsoft .NET Framework 1.0 Hotfix (KB953295)
    Microsoft .NET Framework 1.0 Hotfix (KB979904)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656353)
    Microsoft .NET Framework 1.1 Security Update (KB2656370)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Away Mode
    Microsoft Download Manager
    Microsoft IntelliPoint 7.0
    Microsoft IntelliType Pro 7.0
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
    Microsoft National Language Support Downlevel APIs
    Microsoft Office 2000 Premium
    Microsoft Security Client
    Microsoft Security Essentials
    Microsoft Silverlight
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Works
    MobileMe Control Panel
    Mozilla Firefox 12.0 (x86 en-US)
    Mozilla Maintenance Service
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML4SP2
    Musicnotes Software Suite 1.5.3
    muvee autoProducer 5.0
    muvee autoProducer unPlugged 2.0
    Mystery Case Files
    NewCopy_CDA
    NVIDIA Drivers
    Nvu 1.0PR
    Octoshape add-in for Adobe Flash Player
    OpenOffice.org Installer 1.0
    OptionalContentQFolder
    PanoStandAlone
    PC-Doctor 5 for Windows
    PhotoGallery
    Poker Superstars
    PokerStars
    Polar Bowler
    Polar Golfer
    ProductContextNPI
    PSPrinters08
    PSTAPlugin
    Python 2.2 pywin32 extensions (build 203)
    Python 2.2.3
    QuickTime
    RandMap
    Readme
    RealPlayer
    Realtek High Definition Audio Driver
    Ricochet Lost Worlds
    Safari
    Scan
    ScannerCopy
    SCRABBLE
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Step By Step Interactive Training (KB898458)
    Security Update for Step By Step Interactive Training (KB923723)
    Security Update for Windows Internet Explorer 7 (KB928090)
    Security Update for Windows Internet Explorer 7 (KB929969)
    Security Update for Windows Internet Explorer 7 (KB931768)
    Security Update for Windows Internet Explorer 7 (KB933566)
    Security Update for Windows Internet Explorer 7 (KB937143)
    Security Update for Windows Internet Explorer 7 (KB938127)
    Security Update for Windows Internet Explorer 7 (KB939653)
    Security Update for Windows Internet Explorer 7 (KB942615)
    Security Update for Windows Internet Explorer 7 (KB944533)
    Security Update for Windows Internet Explorer 7 (KB950759)
    Security Update for Windows Internet Explorer 7 (KB953838)
    Security Update for Windows Internet Explorer 7 (KB956390)
    Security Update for Windows Internet Explorer 7 (KB958215)
    Security Update for Windows Internet Explorer 7 (KB960714)
    Security Update for Windows Internet Explorer 7 (KB961260)
    Security Update for Windows Internet Explorer 7 (KB963027)
    Security Update for Windows Internet Explorer 7 (KB969897)
    Security Update for Windows Internet Explorer 7 (KB972260)
    Security Update for Windows Internet Explorer 8 (KB2510531)
    Security Update for Windows Internet Explorer 8 (KB2544521)
    Security Update for Windows Internet Explorer 8 (KB2618444)
    Security Update for Windows Internet Explorer 8 (KB2647516)
    Security Update for Windows Internet Explorer 8 (KB2675157)
    Security Update for Windows Internet Explorer 8 (KB2699988)
    Security Update for Windows Internet Explorer 8 (KB982381)
    Security Update for Windows Media Player (KB2378111)
    Security Update for Windows Media Player (KB952069)
    Security Update for Windows Media Player (KB954155)
    Security Update for Windows Media Player (KB968816)
    Security Update for Windows Media Player (KB973540)
    Security Update for Windows Media Player (KB975558)
    Security Update for Windows Media Player (KB978695)
    Security Update for Windows Media Player 10 (KB911565)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB2079403)
    Security Update for Windows XP (KB2115168)
    Security Update for Windows XP (KB2121546)
    Security Update for Windows XP (KB2160329)
    Security Update for Windows XP (KB2229593)
    Security Update for Windows XP (KB2259922)
    Security Update for Windows XP (KB2279986)
    Security Update for Windows XP (KB2286198)
    Security Update for Windows XP (KB2296011)
    Security Update for Windows XP (KB2296199)
    Security Update for Windows XP (KB2347290)
    Security Update for Windows XP (KB2360937)
    Security Update for Windows XP (KB2387149)
    Security Update for Windows XP (KB2393802)
    Security Update for Windows XP (KB2412687)
    Security Update for Windows XP (KB2419632)
    Security Update for Windows XP (KB2423089)
    Security Update for Windows XP (KB2436673)
    Security Update for Windows XP (KB2440591)
    Security Update for Windows XP (KB2443105)
    Security Update for Windows XP (KB2476490)
    Security Update for Windows XP (KB2476687)
    Security Update for Windows XP (KB2478960)
    Security Update for Windows XP (KB2478971)
    Security Update for Windows XP (KB2479628)
    Security Update for Windows XP (KB2481109)
    Security Update for Windows XP (KB2483185)
    Security Update for Windows XP (KB2485376)
    Security Update for Windows XP (KB2485663)
    Security Update for Windows XP (KB2491683)
    Security Update for Windows XP (KB2503658)
    Security Update for Windows XP (KB2503665)
    Security Update for Windows XP (KB2506212)
    Security Update for Windows XP (KB2506223)
    Security Update for Windows XP (KB2507618)
    Security Update for Windows XP (KB2507938)
    Security Update for Windows XP (KB2508272)
    Security Update for Windows XP (KB2508429)
    Security Update for Windows XP (KB2509553)
    Security Update for Windows XP (KB2511455)
    Security Update for Windows XP (KB2524375)
    Security Update for Windows XP (KB2535512)
    Security Update for Windows XP (KB2536276-v2)
    Security Update for Windows XP (KB2536276)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2544893)
    Security Update for Windows XP (KB2555917)
    Security Update for Windows XP (KB2562937)
    Security Update for Windows XP (KB2566454)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2567680)
    Security Update for Windows XP (KB2570222)
    Security Update for Windows XP (KB2570947)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB923561)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB938464)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB946648)
    Security Update for Windows XP (KB950760)
    Security Update for Windows XP (KB950762)
    Security Update for Windows XP (KB950974)
    Security Update for Windows XP (KB951066)
    Security Update for Windows XP (KB951376-v2)
    Security Update for Windows XP (KB951376)
    Security Update for Windows XP (KB951698)
    Security Update for Windows XP (KB951748)
    Security Update for Windows XP (KB952004)
    Security Update for Windows XP (KB952954)
    Security Update for Windows XP (KB953839)
    Security Update for Windows XP (KB954211)
    Security Update for Windows XP (KB954459)
    Security Update for Windows XP (KB954600)
    Security Update for Windows XP (KB955069)
    Security Update for Windows XP (KB956391)
    Security Update for Windows XP (KB956572)
    Security Update for Windows XP (KB956744)
    Security Update for Windows XP (KB956802)
    Security Update for Windows XP (KB956803)
    Security Update for Windows XP (KB956841)
    Security Update for Windows XP (KB956844)
    Security Update for Windows XP (KB957095)
    Security Update for Windows XP (KB957097)
    Security Update for Windows XP (KB958644)
    Security Update for Windows XP (KB958687)
    Security Update for Windows XP (KB958690)
    Security Update for Windows XP (KB958869)
    Security Update for Windows XP (KB959426)
    Security Update for Windows XP (KB960225)
    Security Update for Windows XP (KB960715)
    Security Update for Windows XP (KB960803)
    Security Update for Windows XP (KB960859)
    Security Update for Windows XP (KB961371)
    Security Update for Windows XP (KB961373)
    Security Update for Windows XP (KB961501)
    Security Update for Windows XP (KB968537)
    Security Update for Windows XP (KB969059)
    Security Update for Windows XP (KB969898)
    Security Update for Windows XP (KB969947)
    Security Update for Windows XP (KB970238)
    Security Update for Windows XP (KB970430)
    Security Update for Windows XP (KB971468)
    Security Update for Windows XP (KB971486)
    Security Update for Windows XP (KB971557)
    Security Update for Windows XP (KB971633)
    Security Update for Windows XP (KB971657)
    Security Update for Windows XP (KB972270)
    Security Update for Windows XP (KB973346)
    Security Update for Windows XP (KB973354)
    Security Update for Windows XP (KB973507)
    Security Update for Windows XP (KB973525)
    Security Update for Windows XP (KB973869)
    Security Update for Windows XP (KB973904)
    Security Update for Windows XP (KB974112)
    Security Update for Windows XP (KB974318)
    Security Update for Windows XP (KB974392)
    Security Update for Windows XP (KB974571)
    Security Update for Windows XP (KB975025)
    Security Update for Windows XP (KB975467)
    Security Update for Windows XP (KB975560)
    Security Update for Windows XP (KB975561)
    Security Update for Windows XP (KB975562)
    Security Update for Windows XP (KB975713)
    Security Update for Windows XP (KB977165)
    Security Update for Windows XP (KB977816)
    Security Update for Windows XP (KB977914)
    Security Update for Windows XP (KB978037)
    Security Update for Windows XP (KB978251)
    Security Update for Windows XP (KB978262)
    Security Update for Windows XP (KB978338)
    Security Update for Windows XP (KB978542)
    Security Update for Windows XP (KB978601)
    Security Update for Windows XP (KB978706)
    Security Update for Windows XP (KB979309)
    Security Update for Windows XP (KB979482)
    Security Update for Windows XP (KB979559)
    Security Update for Windows XP (KB979683)
    Security Update for Windows XP (KB979687)
    Security Update for Windows XP (KB980195)
    Security Update for Windows XP (KB980218)
    Security Update for Windows XP (KB980232)
    Security Update for Windows XP (KB980436)
    Security Update for Windows XP (KB981322)
    Security Update for Windows XP (KB981852)
    Security Update for Windows XP (KB981957)
    Security Update for Windows XP (KB981997)
    Security Update for Windows XP (KB982132)
    Security Update for Windows XP (KB982214)
    Security Update for Windows XP (KB982665)
    Security Update for Windows XP (KB982802)
    Shop for HP Supplies
    SkinsHP1
    Skype Toolbars
    Skype&#8482; 4.2
    SlideShow
    SlideShowMusic
    Slingo Deluxe
    Snowy The Bears Adventure
    Soap 3.0 Toolkit
    SolutionCenter
    Sonic Express Labeler
    Sonic MyDVD Plus
    Sonic RecordNow Audio
    Sonic RecordNow Copy
    Sonic RecordNow Data
    Sonic Update Manager
    Sonic_PrimoSDK
    Status
    Super Granny
    Tennis Titans
    Toolbox
    Tornado Jockey
    Tradewinds
    TrayApp
    Trojan Killer 2.0
    UFile 2006
    UFile 2007
    UFile 2008
    UFile 2009
    UFile 2010
    UFile 2011
    UFile Updater 2006
    UFile Updater 2007
    UFile Updater 2008
    UFile Updater 2009
    UFile Updater 2010
    UFile Updater 2011
    Unity Web Player
    Unload
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Windows Internet Explorer 8 (KB2598845)
    Update for Windows Media Player 10 (KB913800)
    Update for Windows Media Player 10 (KB926251)
    Update for Windows XP (KB2141007)
    Update for Windows XP (KB2345886)
    Update for Windows XP (KB2467659)
    Update for Windows XP (KB2541763)
    Update for Windows XP (KB2607712)
    Update for Windows XP (KB2616676)
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2718704)
    Update for Windows XP (KB951072-v2)
    Update for Windows XP (KB951978)
    Update for Windows XP (KB953356)
    Update for Windows XP (KB955759)
    Update for Windows XP (KB955839)
    Update for Windows XP (KB961503)
    Update for Windows XP (KB967715)
    Update for Windows XP (KB968389)
    Update for Windows XP (KB971029)
    Update for Windows XP (KB971737)
    Update for Windows XP (KB973687)
    Update for Windows XP (KB973815)
    Update Rollup 2 for Windows XP Media Center Edition 2005
    Updates from HP (remove only)
    Virtools 3D Life Player
    vShare Plugin
    WD SmartWare
    WebEx
    WebFldrs XP
    WebReg
    WildTangent Web Driver
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Internet Explorer 7
    Windows Internet Explorer 8
    Windows Live Sign-in Assistant
    Windows Live Upload Tool
    Windows Media Format Runtime
    Windows XP Media Center Edition 2005 KB2502898
    Windows XP Media Center Edition 2005 KB2619340
    Windows XP Media Center Edition 2005 KB2628259
    Windows XP Media Center Edition 2005 KB908246
    Windows XP Media Center Edition 2005 KB912067
    Windows XP Media Center Edition 2005 KB973768
    Windows XP Service Pack 3
    WinZip 14.0
    .
    ==== Event Viewer Messages From Past Week ========
    .
    14/07/2012 3:53:57 PM, error: NtServicePack [4373] - Windows XP KB2707511 installation failed.
    An internal error occurred.
    14/07/2012 3:53:46 PM, error: NtServicePack [4373] - Windows XP KB2676562 installation failed.
    An internal error occurred.
    09/07/2012 9:37:06 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1224.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    09/07/2012 9:37:06 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1224.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    09/07/2012 3:00:56 AM, error: NtServicePack [4373] - Windows XP KB2707511 installation failed.
    An internal error occurred.
    09/07/2012 3:00:52 AM, error: NtServicePack [4373] - Windows XP KB2676562 installation failed.
    An internal error occurred.
    09/07/2012 2:22:43 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1224.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    09/07/2012 2:22:43 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1224.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    08/07/2012 8:20:21 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1154.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    08/07/2012 8:20:21 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1154.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    08/07/2012 3:01:30 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8007054f: Security Update for Windows XP (KB2707511).
    08/07/2012 3:01:30 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8007054f: Security Update for Windows XP (KB2676562).
    08/07/2012 3:00:53 AM, error: NtServicePack [4373] - Windows XP KB2707511 installation failed.
    An internal error occurred.
    08/07/2012 3:00:50 AM, error: NtServicePack [4373] - Windows XP KB2676562 installation failed.
    An internal error occurred.
    08/07/2012 2:20:10 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. .
    08/07/2012 2:20:10 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL. Reference error message: The operation completed successfully. .
    08/07/2012 2:20:10 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
    08/07/2012 2:16:34 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1154.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    08/07/2012 2:16:34 AM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1154.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    08/07/2012 1:15:12 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2
    08/07/2012 1:15:07 PM, error: Service Control Manager [7023] - The HID Input Service service terminated with the following error: The specified module could not be found.
    07/07/2012 6:42:44 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1154.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    07/07/2012 6:42:44 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.129.1154.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8502.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
    07/07/2012 3:00:42 AM, error: NtServicePack [4373] - Windows XP KB2707511 installation failed.
    An internal error occurred.
    07/07/2012 3:00:39 AM, error: NtServicePack [4373] - Windows XP KB2676562 installation failed.
    An internal error occurred.
    .
    ==== End Of File ===========================
     
  7. flatlander31

    flatlander31 Thread Starter

    Joined:
    Apr 21, 2012
    Messages:
    49
    Bump to the top... any ideas?
     
  8. flatlander31

    flatlander31 Thread Starter

    Joined:
    Apr 21, 2012
    Messages:
    49
    Day 12 bump... is TDSSkiller the next thing I should run?
     
  9. Conspire

    Conspire Malware Specialist

    Joined:
    Feb 3, 2011
    Messages:
    448
    Hello there, flatlander31

    Welcome to TSG

    I'm Conspire, I'll be glad to help you with your computer problems.

    Please observe these rules while we work:
    • Read the entire procedure
    • It is important to perform ALL actions in sequence.
    • If you don't know, stop and ask! Don't keep going on.
    • Please reply to this thread. Do not start a new topic.
    • Stick with me till you're given the all clear.
    • Remember, absence of symptoms does not mean the infection is all gone.
    • Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.


    IMPORTANT NOTE : Please do not delete anything unless instructed to. Remember to backup all your important data(if possible) before moving on.

    ---------------------------------------------------------------------------------------------------

    First of all, we sincerely apologize for such a long wait.

    Also note that I will not respond to this thread if I don't receive your reply for 3 days.

    ---------------------------------------------------------------------------------------------------

    Now what I'd like to do is to get rootkit scans for your machine.

    [​IMG]
    • Please download GMER from one of the following locations, and save it to your desktop:
      • Main Mirror
        This version will download a randomly named file (Recommended)
      • Zip Mirror
        This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
    • Extract the contents of the zipped file to desktop (applicable only to Zip mirror) .
    • Double click [​IMG] or [​IMG] on your desktop.
    • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
      [​IMG]

      [​IMG]
      Click the image to enlarge it
    • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
      • IAT/EAT
      • Drives/Partition other than Systemdrive (typically C:\)
      • Show All (don't miss this one)
    • Then click the Scan button & wait for it to finish.
    • Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
    • Save it where you can easily find it, such as your desktop, and attach it in your reply.
    **Caution**
    Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries


    ===================================================

    Please download aswMBR.exe and save it to your desktop.
    • Double click aswMBR.exe to start the tool. (Vista/Windows 7 users - right click to run as administrator)
    • Allow it to update where necessary
    • Click Scan
      • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
      • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.
    ===================================================

    Download TDSSKiller.exe and save it to your desktop

    Execute TDSSKiller.exe by doubleclicking on it.
    Press Start Scan
    If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
    Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

    ===================================================

    On your next reply please post :
    GMER log
    aswMBR log
    MBR.dat (attachment)
    TDSS Killer log


    Please STOP and let me know if you have any problems in performing with the steps above or any questions you may have.

    Good Day!
     
  10. flatlander31

    flatlander31 Thread Starter

    Joined:
    Apr 21, 2012
    Messages:
    49
    working on GMER now... taking a LONG time.

    Should I post all the logs in separate posts or as attachments to a single post?
     
  11. Conspire

    Conspire Malware Specialist

    Joined:
    Feb 3, 2011
    Messages:
    448
    You may separate the posts if it's too long. :)
     
  12. flatlander31

    flatlander31 Thread Starter

    Joined:
    Apr 21, 2012
    Messages:
    49
    The GMER scan is taking HOURS... and if I'm not there when it finishes, my computer reboots. That normal?

    I've run the other 2 scans and generated logs for them. Want them all together, or can I post the TDSS and asw logs?
     
  13. Conspire

    Conspire Malware Specialist

    Joined:
    Feb 3, 2011
    Messages:
    448
    Skip the GMER log and post the rest. Thanks :)
     
  14. flatlander31

    flatlander31 Thread Starter

    Joined:
    Apr 21, 2012
    Messages:
    49
    asw Log below, and the MBR zip file attached:

    aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-07-28 20:54:01
    -----------------------------
    20:54:01.765 OS Version: Windows 5.1.2600 Service Pack 3
    20:54:01.765 Number of processors: 2 586 0x2B01
    20:54:01.765 ComputerName: ROBERTS UserName:
    20:54:02.437 Initialize success
    20:56:58.250 AVAST engine defs: 12072801
    21:08:29.281 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5
    21:08:29.281 Disk 0 Vendor: WDC_WD2500JS-60NCB1 10.02E02 Size: 238475MB BusType: 3
    21:08:29.296 Disk 0 MBR read successfully
    21:08:29.296 Disk 0 MBR scan
    21:08:29.562 Disk 0 unknown MBR code
    21:08:29.593 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 229457 MB offset 63
    21:08:29.640 Disk 0 Partition 2 00 0C FAT32 LBA RECOVERY 9007 MB offset 469944720
    21:08:31.046 Disk 0 scanning sectors +488391120
    21:08:31.125 Disk 0 scanning C:\WINDOWS\system32\drivers
    21:08:58.031 File: C:\WINDOWS\system32\drivers\volsnap.sys **SUSPICIOUS**
    21:08:59.687 Disk 0 trace - called modules:
    21:08:59.703 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x860351ed]<<
    21:08:59.703 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86139ab8]
    21:08:59.734 3 CLASSPNP.SYS[f7650fd7] -> nt!IofCallDriver -> \Device\0000006f[0x8613df18]
    21:08:59.734 5 ACPI.sys[f74c7620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-5[0x86170d98]
    21:08:59.734 \Driver\atapi[0x86172f38] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0x860351ed
    21:09:01.015 AVAST engine scan C:\WINDOWS
    21:09:45.640 AVAST engine scan C:\WINDOWS\system32
    21:15:54.718 AVAST engine scan C:\WINDOWS\system32\drivers
    21:16:22.500 File: C:\WINDOWS\system32\drivers\volsnap.sys **SUSPICIOUS**
    21:16:32.921 AVAST engine scan C:\Documents and Settings\HP_Administrator
    21:40:25.062 File: C:\Documents and Settings\HP_Administrator\Local Settings\temp\gnquggbnst.exe **INFECTED** Win32:Kryptik-JKP [Trj]
    21:40:28.953 File: C:\Documents and Settings\HP_Administrator\Local Settings\temp\kecmkjekfxzuskwkhgqhrcr.exe **INFECTED** Win32:Kryptik-JKP [Trj]
    21:40:32.468 File: C:\Documents and Settings\HP_Administrator\Local Settings\temp\mzyitcylscgyexywtgtocu.exe **INFECTED** Win32:Kryptik-JKP [Trj]
    21:41:05.187 File: C:\Documents and Settings\HP_Administrator\Local Settings\temp\vohigzkbcn.exe **INFECTED** Win32:Kryptik-JKP [Trj]
    21:52:41.000 AVAST engine scan C:\Documents and Settings\All Users
    21:59:18.359 Scan finished successfully
    22:24:25.890 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\HP_Administrator\Desktop\MBR.dat"
    22:24:25.984 The log file has been saved successfully to "C:\Documents and Settings\HP_Administrator\Desktop\aswMBR.txt"
     

    Attached Files:

    • MBR.zip
      File size:
      563 bytes
      Views:
      0
  15. flatlander31

    flatlander31 Thread Starter

    Joined:
    Apr 21, 2012
    Messages:
    49
    TDSSkiller log:

    20:50:36.0718 3044 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
    20:50:37.0078 3044 ============================================================
    20:50:37.0078 3044 Current date / time: 2012/07/28 20:50:37.0078
    20:50:37.0078 3044 SystemInfo:
    20:50:37.0078 3044
    20:50:37.0078 3044 OS Version: 5.1.2600 ServicePack: 3.0
    20:50:37.0078 3044 Product type: Workstation
    20:50:37.0078 3044 ComputerName: ROBERTS
    20:50:37.0078 3044 UserName: HP_Administrator
    20:50:37.0078 3044 Windows directory: C:\WINDOWS
    20:50:37.0078 3044 System windows directory: C:\WINDOWS
    20:50:37.0078 3044 Processor architecture: Intel x86
    20:50:37.0078 3044 Number of processors: 2
    20:50:37.0078 3044 Page size: 0x1000
    20:50:37.0078 3044 Boot type: Normal boot
    20:50:37.0078 3044 ============================================================
    20:50:38.0890 3044 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x7E2D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054
    20:50:39.0015 3044 ============================================================
    20:50:39.0015 3044 \Device\Harddisk0\DR0:
    20:50:39.0437 3044 MBR partitions:
    20:50:39.0437 3044 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1C028E41
    20:50:39.0437 3044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x1C02C990, BlocksNum 0x1197840
    20:50:39.0437 3044 ============================================================
    20:50:39.0484 3044 C: <-> \Device\Harddisk0\DR0\Partition0
    20:50:39.0500 3044 D: <-> \Device\Harddisk0\DR0\Partition1
    20:50:39.0500 3044 ============================================================
    20:50:39.0500 3044 Initialize success
    20:50:39.0500 3044 ============================================================
    20:50:43.0093 4436 ============================================================
    20:50:43.0093 4436 Scan started
    20:50:43.0093 4436 Mode: Manual;
    20:50:43.0093 4436 ============================================================
    20:50:44.0093 4436 Abiosdsk - ok
    20:50:44.0093 4436 abp480n5 - ok
    20:50:44.0156 4436 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
    20:50:44.0187 4436 ACPI - ok
    20:50:44.0203 4436 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
    20:50:44.0203 4436 ACPIEC - ok
    20:50:44.0296 4436 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    20:50:44.0312 4436 AdobeFlashPlayerUpdateSvc - ok
    20:50:44.0312 4436 adpu160m - ok
    20:50:44.0359 4436 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
    20:50:44.0390 4436 aec - ok
    20:50:44.0437 4436 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
    20:50:44.0437 4436 AFD - ok
    20:50:44.0546 4436 AgereSoftModem (994a42d273c35b43ee9d1e8a5d8bc639) C:\WINDOWS\system32\DRIVERS\AGRSM.sys
    20:50:44.0609 4436 AgereSoftModem - ok
    20:50:44.0625 4436 Aha154x - ok
    20:50:44.0640 4436 aic78u2 - ok
    20:50:44.0640 4436 aic78xx - ok
    20:50:44.0687 4436 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
    20:50:44.0687 4436 Alerter - ok
    20:50:44.0718 4436 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
    20:50:44.0718 4436 ALG - ok
    20:50:44.0718 4436 AliIde - ok
    20:50:44.0765 4436 AmdK8 (59301936898ae62245a6f09c0aba9475) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
    20:50:44.0781 4436 AmdK8 - ok
    20:50:44.0781 4436 amsint - ok
    20:50:44.0890 4436 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    20:50:44.0890 4436 Apple Mobile Device - ok
    20:50:44.0937 4436 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
    20:50:44.0953 4436 AppMgmt - ok
    20:50:44.0968 4436 aracpi (00523019e3579c8f8a94457fe25f0f24) C:\WINDOWS\system32\DRIVERS\aracpi.sys
    20:50:44.0968 4436 aracpi - ok
    20:50:45.0000 4436 arhidfltr (9fedaa46eb1a572ac4d9ee6b5f123cf2) C:\WINDOWS\system32\DRIVERS\arhidfltr.sys
    20:50:45.0000 4436 arhidfltr - ok
    20:50:45.0015 4436 arkbcfltr (82969576093cd983dd559f5a86f382b4) C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys
    20:50:45.0015 4436 arkbcfltr - ok
    20:50:45.0031 4436 armoucfltr (9b21791d8a78faece999fadbebda6c22) C:\WINDOWS\system32\DRIVERS\armoucfltr.sys
    20:50:45.0031 4436 armoucfltr - ok
    20:50:45.0046 4436 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
    20:50:45.0062 4436 Arp1394 - ok
    20:50:45.0062 4436 ARPolicy (7a2da7c7b0c524ef26a79f17a5c69fde) C:\WINDOWS\system32\DRIVERS\arpolicy.sys
    20:50:45.0062 4436 ARPolicy - ok
    20:50:45.0093 4436 ARSVC (9a0d9b2e263bede80fb79ddbad240ec1) C:\WINDOWS\arservice.exe
    20:50:47.0875 4436 ARSVC - ok
    20:50:47.0890 4436 asc - ok
    20:50:47.0890 4436 asc3350p - ok
    20:50:47.0906 4436 asc3550 - ok
    20:50:48.0031 4436 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
    20:50:48.0093 4436 aspnet_state - ok
    20:50:48.0109 4436 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    20:50:48.0109 4436 AsyncMac - ok
    20:50:48.0140 4436 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
    20:50:48.0140 4436 atapi - ok
    20:50:48.0140 4436 Atdisk - ok
    20:50:48.0171 4436 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    20:50:48.0171 4436 Atmarpc - ok
    20:50:48.0218 4436 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
    20:50:48.0234 4436 AudioSrv - ok
    20:50:48.0281 4436 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
    20:50:48.0281 4436 audstub - ok
    20:50:48.0328 4436 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
    20:50:48.0328 4436 Beep - ok
    20:50:48.0375 4436 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
    20:50:48.0437 4436 BITS - ok
    20:50:48.0578 4436 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
    20:50:48.0609 4436 Bonjour Service - ok
    20:50:48.0656 4436 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
    20:50:48.0656 4436 Browser - ok
    20:50:48.0796 4436 catchme - ok
    20:50:48.0828 4436 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
    20:50:48.0828 4436 cbidf2k - ok
    20:50:48.0859 4436 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
    20:50:48.0859 4436 CCDECODE - ok
    20:50:48.0859 4436 cd20xrnt - ok
    20:50:48.0890 4436 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
    20:50:48.0890 4436 Cdaudio - ok
    20:50:48.0937 4436 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
    20:50:48.0937 4436 Cdfs - ok
    20:50:48.0953 4436 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
    20:50:48.0953 4436 Cdrom - ok
    20:50:48.0968 4436 Changer - ok
    20:50:49.0000 4436 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
    20:50:49.0000 4436 CiSvc - ok
    20:50:49.0046 4436 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
    20:50:49.0046 4436 ClipSrv - ok
    20:50:49.0187 4436 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    20:50:49.0296 4436 clr_optimization_v2.0.50727_32 - ok
    20:50:49.0312 4436 CmdIde - ok
    20:50:49.0312 4436 COMSysApp - ok
    20:50:49.0343 4436 Cpqarray - ok
    20:50:49.0375 4436 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
    20:50:49.0375 4436 CryptSvc - ok
    20:50:49.0375 4436 dac2w2k - ok
    20:50:49.0390 4436 dac960nt - ok
    20:50:49.0453 4436 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
    20:50:49.0468 4436 DcomLaunch - ok
    20:50:49.0515 4436 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
    20:50:49.0515 4436 Dhcp - ok
    20:50:49.0562 4436 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
    20:50:49.0562 4436 Disk - ok
    20:50:49.0562 4436 dmadmin - ok
    20:50:49.0656 4436 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
    20:50:49.0703 4436 dmboot - ok
    20:50:49.0750 4436 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
    20:50:49.0750 4436 dmio - ok
    20:50:49.0781 4436 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
    20:50:49.0781 4436 dmload - ok
    20:50:49.0828 4436 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
    20:50:49.0828 4436 dmserver - ok
    20:50:49.0843 4436 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
    20:50:49.0843 4436 DMusic - ok
    20:50:49.0890 4436 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
    20:50:49.0890 4436 Dnscache - ok
    20:50:49.0921 4436 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
    20:50:49.0937 4436 Dot3svc - ok
    20:50:49.0953 4436 dpti2o - ok
    20:50:49.0984 4436 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
    20:50:49.0984 4436 drmkaud - ok
    20:50:50.0015 4436 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
    20:50:50.0015 4436 EapHost - ok
    20:50:50.0093 4436 ehRecvr (d039a0c347632622934906bd59a4e1ea) C:\WINDOWS\eHome\ehRecvr.exe
    20:50:50.0109 4436 ehRecvr - ok
    20:50:50.0125 4436 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe
    20:50:50.0125 4436 ehSched - ok
    20:50:50.0156 4436 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
    20:50:50.0156 4436 ERSvc - ok
    20:50:50.0203 4436 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
    20:50:50.0250 4436 Eventlog - ok
    20:50:50.0312 4436 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
    20:50:50.0312 4436 EventSystem - ok
    20:50:50.0328 4436 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
    20:50:50.0343 4436 Fastfat - ok
    20:50:50.0390 4436 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    20:50:50.0406 4436 FastUserSwitchingCompatibility - ok
    20:50:50.0468 4436 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe
    20:50:50.0515 4436 Fax - ok
    20:50:50.0531 4436 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
    20:50:50.0531 4436 Fdc - ok
    20:50:50.0562 4436 FilterService (f83c0fd028dd37be4a337b138eba6b7b) C:\WINDOWS\system32\DRIVERS\lvuvcflt.sys
    20:50:50.0562 4436 FilterService - ok
    20:50:50.0609 4436 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
    20:50:50.0609 4436 Fips - ok
    20:50:50.0625 4436 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
    20:50:50.0625 4436 Flpydisk - ok
    20:50:50.0640 4436 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
    20:50:50.0656 4436 FltMgr - ok
    20:50:50.0765 4436 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
    20:50:50.0765 4436 FontCache3.0.0.0 - ok
    20:50:50.0765 4436 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
    20:50:50.0781 4436 Fs_Rec - ok
    20:50:50.0796 4436 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    20:50:50.0812 4436 Ftdisk - ok
    20:50:50.0812 4436 ftsata2 - ok
    20:50:50.0859 4436 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
    20:50:50.0859 4436 GEARAspiWDM - ok
    20:50:50.0906 4436 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
    20:50:50.0906 4436 Gpc - ok
    20:50:51.0031 4436 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
    20:50:51.0031 4436 gupdate - ok
    20:50:51.0046 4436 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
    20:50:51.0046 4436 gupdatem - ok
    20:50:51.0062 4436 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
    20:50:51.0093 4436 HDAudBus - ok
    20:50:51.0156 4436 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    20:50:51.0156 4436 helpsvc - ok
    20:50:51.0171 4436 HidServ - ok
    20:50:51.0187 4436 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
    20:50:51.0187 4436 HidUsb - ok
    20:50:51.0234 4436 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
    20:50:51.0234 4436 hkmsvc - ok
    20:50:51.0250 4436 hpn - ok
    20:50:51.0296 4436 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
    20:50:51.0296 4436 HPZid412 - ok
    20:50:51.0312 4436 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
    20:50:51.0312 4436 HPZipr12 - ok
    20:50:51.0343 4436 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
    20:50:51.0359 4436 HPZius12 - ok
    20:50:51.0421 4436 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
    20:50:51.0468 4436 HTTP - ok
    20:50:51.0515 4436 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
    20:50:51.0515 4436 HTTPFilter - ok
    20:50:51.0531 4436 i2omgmt - ok
    20:50:51.0531 4436 i2omp - ok
    20:50:51.0578 4436 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    20:50:51.0578 4436 i8042prt - ok
    20:50:51.0656 4436 iaStor (9a65e42664d1534b68512caad0efe963) C:\WINDOWS\system32\DRIVERS\iaStor.sys
    20:50:51.0703 4436 iaStor - ok
    20:50:51.0781 4436 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    20:50:51.0796 4436 IDriverT - ok
    20:50:51.0953 4436 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    20:50:52.0015 4436 idsvc - ok
    20:50:52.0125 4436 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
    20:50:52.0125 4436 Imapi - ok
    20:50:52.0171 4436 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
    20:50:52.0187 4436 ImapiService - ok
    20:50:52.0203 4436 ini910u - ok
    20:50:52.0484 4436 IntcAzAudAddService (64be56b8858ca0153c725c720ffd194f) C:\WINDOWS\system32\drivers\RtkHDAud.sys
    20:50:52.0640 4436 IntcAzAudAddService - ok
    20:50:52.0750 4436 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
    20:50:52.0750 4436 IntelIde - ok
    20:50:52.0796 4436 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
    20:50:52.0796 4436 intelppm - ok
    20:50:52.0812 4436 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
    20:50:52.0812 4436 Ip6Fw - ok
    20:50:52.0859 4436 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
    20:50:52.0859 4436 IpInIp - ok
    20:50:52.0890 4436 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
    20:50:52.0906 4436 IpNat - ok
    20:50:53.0031 4436 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe
    20:50:53.0093 4436 iPod Service - ok
    20:50:53.0125 4436 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
    20:50:53.0140 4436 IPSec - ok
    20:50:53.0156 4436 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
    20:50:53.0156 4436 IRENUM - ok
    20:50:53.0203 4436 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
    20:50:53.0203 4436 isapnp - ok
    20:50:53.0218 4436 ivusb - ok
    20:50:53.0343 4436 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
    20:50:53.0359 4436 JavaQuickStarterService - ok
    20:50:53.0375 4436 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    20:50:53.0375 4436 Kbdclass - ok
    20:50:53.0421 4436 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    20:50:53.0421 4436 kbdhid - ok
    20:50:53.0453 4436 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
    20:50:53.0484 4436 kmixer - ok
    20:50:53.0515 4436 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
    20:50:53.0515 4436 KSecDD - ok
    20:50:53.0562 4436 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
    20:50:53.0562 4436 lanmanserver - ok
    20:50:53.0625 4436 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
    20:50:53.0640 4436 lanmanworkstation - ok
    20:50:53.0640 4436 lbrtfdc - ok
    20:50:53.0718 4436 LightScribeService (e4973b3229e0015345afbe43a8a8eb3b) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    20:50:53.0812 4436 LightScribeService - ok
    20:50:53.0843 4436 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
    20:50:53.0843 4436 LmHosts - ok
    20:50:53.0921 4436 LVcKap (9ce361764c5dd5fa5506510fe5d2297b) C:\WINDOWS\system32\DRIVERS\LVcKap.sys
    20:50:54.0078 4436 LVcKap - ok
    20:50:54.0125 4436 LVCOMSer (1d28b53c50cc57062692862b8e083020) C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    20:50:54.0171 4436 LVCOMSer - ok
    20:50:54.0187 4436 LVPr2Mon (94d03b31f36bb362fa5713470fcf1c79) C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
    20:50:54.0234 4436 LVPr2Mon - ok
    20:50:54.0265 4436 LVPrcSrv (5a9679d184a408982d5f0bd79874b44f) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    20:50:54.0312 4436 LVPrcSrv - ok
    20:50:54.0390 4436 LVRS (a198cd8a1c813d9ceba29a29d45fc94c) C:\WINDOWS\system32\DRIVERS\lvrs.sys
    20:50:54.0453 4436 LVRS - ok
    20:50:54.0500 4436 LVSrvLauncher (a87baa316538e526760353ff52742756) C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    20:50:54.0500 4436 LVSrvLauncher - ok
    20:50:54.0531 4436 LVUSBSta (8b79a50360fc31df6b7b979b686b4aa2) C:\WINDOWS\system32\drivers\LVUSBSta.sys
    20:50:54.0531 4436 LVUSBSta - ok
    20:50:54.0843 4436 LVUVC (5c20c4be679842cbee729b0cff5928bd) C:\WINDOWS\system32\DRIVERS\lvuvc.sys
    20:50:55.0015 4436 LVUVC - ok
    20:50:55.0140 4436 MBAMSwissArmy - ok
    20:50:55.0234 4436 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe
    20:50:55.0250 4436 McrdSvc - ok
    20:50:55.0328 4436 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    20:50:55.0359 4436 MDM - ok
    20:50:55.0406 4436 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
    20:50:55.0421 4436 Messenger - ok
    20:50:55.0453 4436 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll
    20:50:55.0453 4436 MHN - ok
    20:50:55.0484 4436 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
    20:50:55.0484 4436 MHNDRV - ok
    20:50:55.0515 4436 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
    20:50:55.0515 4436 mnmdd - ok
    20:50:55.0546 4436 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
    20:50:55.0562 4436 mnmsrvc - ok
    20:50:55.0593 4436 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
    20:50:55.0593 4436 Modem - ok
    20:50:55.0656 4436 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
    20:50:55.0656 4436 Mouclass - ok
    20:50:55.0687 4436 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
    20:50:55.0687 4436 mouhid - ok
    20:50:55.0734 4436 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
    20:50:55.0734 4436 MountMgr - ok
    20:50:55.0796 4436 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    20:50:55.0796 4436 MozillaMaintenance - ok
    20:50:55.0859 4436 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
    20:50:55.0859 4436 MpFilter - ok
    20:50:55.0984 4436 MpKsl8dcea3e2 (a69630d039c38018689190234f866d77) c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{04C32C27-2789-45DE-8DE8-EA4B21B1A290}\MpKsl8dcea3e2.sys
    20:50:56.0000 4436 MpKsl8dcea3e2 - ok
    20:50:56.0000 4436 mraid35x - ok
    20:50:56.0046 4436 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    20:50:56.0046 4436 MRxDAV - ok
    20:50:56.0109 4436 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    20:50:56.0125 4436 MRxSmb - ok
    20:50:56.0140 4436 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
    20:50:56.0140 4436 Msfs - ok
    20:50:56.0140 4436 MSIServer - ok
    20:50:56.0187 4436 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
    20:50:56.0187 4436 MSKSSRV - ok
    20:50:56.0265 4436 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe
    20:50:56.0265 4436 MsMpSvc - ok
    20:50:56.0296 4436 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    20:50:56.0296 4436 MSPCLOCK - ok
    20:50:56.0312 4436 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
    20:50:56.0312 4436 MSPQM - ok
    20:50:56.0343 4436 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    20:50:56.0343 4436 mssmbios - ok
    20:50:56.0390 4436 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
    20:50:56.0390 4436 MSTEE - ok
    20:50:56.0421 4436 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
    20:50:56.0437 4436 Mup - ok
    20:50:56.0484 4436 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
    20:50:56.0484 4436 NABTSFEC - ok
    20:50:56.0562 4436 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
    20:50:56.0593 4436 napagent - ok
    20:50:56.0625 4436 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
    20:50:56.0625 4436 NDIS - ok
    20:50:56.0656 4436 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
    20:50:56.0656 4436 NdisIP - ok
    20:50:56.0687 4436 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    20:50:56.0687 4436 NdisTapi - ok
    20:50:56.0703 4436 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    20:50:56.0703 4436 Ndisuio - ok
    20:50:56.0734 4436 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    20:50:56.0734 4436 NdisWan - ok
    20:50:56.0765 4436 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
    20:50:56.0765 4436 NDProxy - ok
    20:50:56.0765 4436 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
    20:50:56.0765 4436 NetBIOS - ok
    20:50:56.0812 4436 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\drivers\netbt.sys
    20:50:56.0828 4436 NetBT - ok
    20:50:56.0875 4436 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
    20:50:56.0921 4436 NetDDE - ok
    20:50:56.0937 4436 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
    20:50:56.0937 4436 NetDDEdsdm - ok
    20:50:56.0968 4436 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    20:50:56.0968 4436 Netlogon - ok
    20:50:57.0015 4436 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
    20:50:57.0031 4436 Netman - ok
    20:50:57.0171 4436 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
    20:50:57.0187 4436 NetTcpPortSharing - ok
    20:50:57.0234 4436 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
    20:50:57.0234 4436 NIC1394 - ok
    20:50:57.0296 4436 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
    20:50:57.0296 4436 Nla - ok
    20:50:57.0343 4436 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
    20:50:57.0343 4436 Npfs - ok
    20:50:57.0390 4436 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
    20:50:57.0437 4436 Ntfs - ok
    20:50:57.0437 4436 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    20:50:57.0453 4436 NtLmSsp - ok
    20:50:57.0500 4436 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
    20:50:57.0531 4436 NtmsSvc - ok
    20:50:57.0578 4436 NuidFltr (cf7e041663119e09d2e118521ada9300) C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
    20:50:57.0578 4436 NuidFltr - ok
    20:50:57.0625 4436 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
    20:50:57.0625 4436 Null - ok
    20:50:57.0875 4436 nv (ce58f42b11be20a47c3d8d2f38da254e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    20:50:57.0984 4436 nv - ok
    20:50:58.0125 4436 NVENETFD (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
    20:50:58.0125 4436 NVENETFD - ok
    20:50:58.0140 4436 nvnetbus (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
    20:50:58.0140 4436 nvnetbus - ok
    20:50:58.0171 4436 NVSvc (95caec95d6777ce7d6b7091bc4d91ceb) C:\WINDOWS\system32\nvsvc32.exe
    20:50:58.0187 4436 NVSvc - ok
    20:50:58.0203 4436 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    20:50:58.0203 4436 NwlnkFlt - ok
    20:50:58.0218 4436 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    20:50:58.0218 4436 NwlnkFwd - ok
    20:50:58.0250 4436 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
    20:50:58.0250 4436 ohci1394 - ok
    20:50:58.0281 4436 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
    20:50:58.0296 4436 Parport - ok
    20:50:58.0312 4436 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
    20:50:58.0312 4436 PartMgr - ok
    20:50:58.0343 4436 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
    20:50:58.0343 4436 ParVdm - ok
    20:50:58.0359 4436 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
    20:50:58.0359 4436 PCI - ok
    20:50:58.0375 4436 PCIDump - ok
    20:50:58.0390 4436 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
    20:50:58.0390 4436 PCIIde - ok
    20:50:58.0437 4436 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
    20:50:58.0484 4436 Pcmcia - ok
    20:50:58.0484 4436 PDCOMP - ok
    20:50:58.0500 4436 PDFRAME - ok
    20:50:58.0500 4436 PDRELI - ok
    20:50:58.0515 4436 PDRFRAME - ok
    20:50:58.0531 4436 perc2 - ok
    20:50:58.0546 4436 perc2hib - ok
    20:50:58.0609 4436 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
    20:50:58.0609 4436 PlugPlay - ok
    20:50:58.0687 4436 Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE
    20:50:58.0687 4436 Pml Driver HPZ12 - ok
    20:50:58.0734 4436 Point32 (e5582e43e167cf367757d81e9727da2a) C:\WINDOWS\system32\DRIVERS\point32.sys
    20:50:58.0734 4436 Point32 - ok
    20:50:58.0750 4436 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    20:50:58.0750 4436 PolicyAgent - ok
    20:50:58.0781 4436 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
    20:50:58.0781 4436 PptpMiniport - ok
    20:50:58.0781 4436 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
    20:50:58.0781 4436 Processor - ok
    20:50:58.0796 4436 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    20:50:58.0796 4436 ProtectedStorage - ok
    20:50:58.0828 4436 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys
    20:50:58.0828 4436 Ps2 - ok
    20:50:58.0843 4436 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
    20:50:58.0859 4436 PSched - ok
    20:50:58.0859 4436 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
    20:50:58.0859 4436 Ptilink - ok
    20:50:58.0906 4436 PxHelp20 (0457e25bb122b854e267cf552dcdc370) C:\WINDOWS\system32\Drivers\PxHelp20.sys
    20:50:58.0906 4436 PxHelp20 - ok
    20:50:58.0906 4436 ql1080 - ok
    20:50:58.0921 4436 Ql10wnt - ok
    20:50:58.0921 4436 ql12160 - ok
    20:50:58.0937 4436 ql1240 - ok
    20:50:58.0937 4436 ql1280 - ok
    20:50:58.0953 4436 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
    20:50:58.0953 4436 RasAcd - ok
    20:50:59.0000 4436 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
    20:50:59.0000 4436 RasAuto - ok
    20:50:59.0031 4436 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    20:50:59.0031 4436 Rasl2tp - ok
    20:50:59.0078 4436 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
    20:50:59.0109 4436 RasMan - ok
    20:50:59.0140 4436 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    20:50:59.0140 4436 RasPppoe - ok
    20:50:59.0171 4436 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
    20:50:59.0171 4436 Raspti - ok
    20:50:59.0187 4436 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
    20:50:59.0203 4436 Rdbss - ok
    20:50:59.0203 4436 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    20:50:59.0203 4436 RDPCDD - ok
    20:50:59.0218 4436 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    20:50:59.0234 4436 rdpdr - ok
    20:50:59.0281 4436 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
    20:50:59.0281 4436 RDPWD - ok
    20:50:59.0328 4436 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
    20:50:59.0343 4436 RDSessMgr - ok
    20:50:59.0375 4436 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
    20:50:59.0375 4436 redbook - ok
    20:50:59.0406 4436 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
    20:50:59.0406 4436 RemoteAccess - ok
    20:50:59.0453 4436 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
    20:50:59.0468 4436 RemoteRegistry - ok
    20:50:59.0500 4436 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
    20:50:59.0500 4436 RpcLocator - ok
    20:50:59.0562 4436 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
    20:50:59.0562 4436 RpcSs - ok
    20:50:59.0609 4436 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
    20:50:59.0625 4436 RSVP - ok
    20:50:59.0640 4436 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
    20:50:59.0640 4436 rtl8139 - ok
    20:50:59.0671 4436 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
    20:50:59.0671 4436 SamSs - ok
    20:50:59.0687 4436 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
    20:50:59.0703 4436 SCardSvr - ok
    20:50:59.0750 4436 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
    20:50:59.0781 4436 Schedule - ok
    20:50:59.0812 4436 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
    20:50:59.0828 4436 Secdrv - ok
    20:50:59.0828 4436 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
    20:50:59.0828 4436 seclogon - ok
    20:50:59.0843 4436 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
    20:50:59.0843 4436 SENS - ok
    20:50:59.0875 4436 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys
    20:50:59.0890 4436 Serial - ok
    20:50:59.0937 4436 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
    20:50:59.0953 4436 Sfloppy - ok
    20:50:59.0984 4436 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
    20:51:00.0031 4436 SharedAccess - ok
    20:51:00.0078 4436 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    20:51:00.0093 4436 ShellHWDetection - ok
    20:51:00.0093 4436 Simbad - ok
    20:51:00.0125 4436 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
    20:51:00.0140 4436 SLIP - ok
    20:51:00.0140 4436 Sparrow - ok
    20:51:00.0171 4436 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
    20:51:00.0171 4436 splitter - ok
    20:51:00.0203 4436 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
    20:51:00.0203 4436 Spooler - ok
    20:51:00.0234 4436 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
    20:51:00.0234 4436 sr - ok
    20:51:00.0250 4436 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
    20:51:00.0250 4436 srservice - ok
    20:51:00.0296 4436 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
    20:51:00.0343 4436 Srv - ok
    20:51:00.0343 4436 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
    20:51:00.0359 4436 SSDPSRV - ok
    20:51:00.0390 4436 StillCam (a9573045baa16eab9b1085205b82f1ed) C:\WINDOWS\system32\DRIVERS\serscan.sys
    20:51:00.0406 4436 StillCam - ok
    20:51:00.0421 4436 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
    20:51:00.0437 4436 stisvc - ok
    20:51:00.0468 4436 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
    20:51:00.0468 4436 streamip - ok
    20:51:00.0484 4436 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
    20:51:00.0484 4436 swenum - ok
    20:51:00.0531 4436 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
    20:51:00.0531 4436 swmidi - ok
    20:51:00.0531 4436 SwPrv - ok
    20:51:00.0546 4436 symc810 - ok
    20:51:00.0546 4436 symc8xx - ok
    20:51:00.0562 4436 sym_hi - ok
    20:51:00.0578 4436 sym_u3 - ok
    20:51:00.0593 4436 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
    20:51:00.0609 4436 sysaudio - ok
    20:51:00.0640 4436 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
    20:51:00.0640 4436 SysmonLog - ok
    20:51:00.0687 4436 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
    20:51:00.0734 4436 TapiSrv - ok
    20:51:00.0750 4436 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
    20:51:00.0812 4436 Tcpip - ok
    20:51:00.0828 4436 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
    20:51:00.0828 4436 TDPIPE - ok
    20:51:00.0843 4436 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
    20:51:00.0843 4436 TDTCP - ok
    20:51:00.0875 4436 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
    20:51:00.0875 4436 TermDD - ok
    20:51:00.0921 4436 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
    20:51:00.0921 4436 TermService - ok
    20:51:00.0937 4436 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
    20:51:00.0937 4436 Themes - ok
    20:51:00.0984 4436 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
    20:51:00.0984 4436 TlntSvr - ok
    20:51:01.0000 4436 TosIde - ok
    20:51:01.0031 4436 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
    20:51:01.0046 4436 TrkWks - ok
    20:51:01.0062 4436 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
    20:51:01.0062 4436 Udfs - ok
    20:51:01.0078 4436 ultra - ok
    20:51:01.0109 4436 UMWdf (9651e5d850b6f6bd7c77c70aa06f02bf) C:\WINDOWS\system32\wdfmgr.exe
    20:51:01.0109 4436 UMWdf - ok
    20:51:01.0171 4436 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
    20:51:01.0171 4436 Update - ok
    20:51:01.0203 4436 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
    20:51:01.0250 4436 upnphost - ok
    20:51:01.0265 4436 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
    20:51:01.0265 4436 UPS - ok
    20:51:01.0312 4436 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\WINDOWS\system32\Drivers\usbaapl.sys
    20:51:01.0343 4436 USBAAPL - ok
    20:51:01.0375 4436 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
    20:51:01.0375 4436 usbaudio - ok
    20:51:01.0390 4436 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    20:51:01.0390 4436 usbccgp - ok
    20:51:01.0406 4436 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
    20:51:01.0406 4436 usbehci - ok
    20:51:01.0421 4436 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
    20:51:01.0421 4436 usbhub - ok
    20:51:01.0468 4436 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
    20:51:01.0468 4436 usbohci - ok
    20:51:01.0500 4436 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
    20:51:01.0515 4436 usbprint - ok
    20:51:01.0531 4436 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
    20:51:01.0531 4436 usbscan - ok
    20:51:01.0546 4436 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    20:51:01.0562 4436 usbstor - ok
    20:51:01.0562 4436 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    20:51:01.0578 4436 usbuhci - ok
    20:51:01.0593 4436 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
    20:51:01.0593 4436 VgaSave - ok
    20:51:01.0609 4436 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
    20:51:01.0609 4436 ViaIde - ok
    20:51:01.0640 4436 VolSnap (7c38f81f40d61d1607ddb62fe5817bb9) C:\WINDOWS\system32\drivers\VolSnap.sys
    20:51:01.0640 4436 Suspicious file (Forged): C:\WINDOWS\system32\drivers\VolSnap.sys. Real md5: 7c38f81f40d61d1607ddb62fe5817bb9, Fake md5: 4c8fcb5cc53aab716d810740fe59d025
    20:51:01.0640 4436 VolSnap ( Rootkit.Win32.TDSS.tdl3 ) - infected
    20:51:01.0640 4436 VolSnap - detected Rootkit.Win32.TDSS.tdl3 (0)
    20:51:01.0703 4436 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
    20:51:01.0750 4436 VSS - ok
    20:51:01.0796 4436 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
    20:51:01.0812 4436 W32Time - ok
    20:51:01.0859 4436 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
    20:51:01.0859 4436 Wanarp - ok
    20:51:01.0890 4436 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\WINDOWS\system32\DRIVERS\wdcsam.sys
    20:51:01.0906 4436 WDC_SAM - ok
    20:51:02.0000 4436 WDDMService (90c0fe55328fb79292a2dc3b3cbeb12a) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
    20:51:02.0000 4436 WDDMService - ok
    20:51:02.0046 4436 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
    20:51:02.0062 4436 Wdf01000 - ok
    20:51:02.0125 4436 WDFME (dd017deb8a60085559e94089801bccb1) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
    20:51:02.0281 4436 WDFME - ok
    20:51:02.0421 4436 WDICA - ok
    20:51:02.0437 4436 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
    20:51:02.0437 4436 wdmaud - ok
    20:51:02.0468 4436 WDSC (796a652180acbab0771e206043c1f628) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
    20:51:02.0515 4436 WDSC - ok
    20:51:02.0546 4436 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
    20:51:02.0562 4436 WebClient - ok
    20:51:02.0640 4436 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
    20:51:02.0640 4436 winmgmt - ok
    20:51:02.0703 4436 WmdmPmSN (b9715b9c18bc6c8f4b66733d208cc9f7) C:\WINDOWS\system32\MsPMSNSv.dll
    20:51:02.0703 4436 WmdmPmSN - ok
    20:51:02.0781 4436 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
    20:51:02.0828 4436 Wmi - ok
    20:51:02.0859 4436 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
    20:51:02.0875 4436 WmiApSrv - ok
    20:51:02.0906 4436 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
    20:51:02.0921 4436 WS2IFSL - ok
    20:51:02.0953 4436 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
    20:51:02.0968 4436 wscsvc - ok
    20:51:03.0000 4436 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
    20:51:03.0000 4436 WSTCODEC - ok
    20:51:03.0031 4436 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
    20:51:03.0062 4436 wuauserv - ok
    20:51:03.0125 4436 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
    20:51:03.0187 4436 WZCSVC - ok
    20:51:03.0203 4436 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
    20:51:03.0234 4436 xmlprov - ok
    20:51:03.0281 4436 MBR (0x1B8) (ed18b096bc416bfb306882a7c2eba877) \Device\Harddisk0\DR0
    20:51:03.0328 4436 \Device\Harddisk0\DR0 - ok
    20:51:03.0343 4436 Boot (0x1200) (bf5d351de5601199f7c40e72922ec2da) \Device\Harddisk0\DR0\Partition0
    20:51:03.0343 4436 \Device\Harddisk0\DR0\Partition0 - ok
    20:51:03.0343 4436 Boot (0x1200) (dbcc0712b8dfef760fd9e5a9be5dbb88) \Device\Harddisk0\DR0\Partition1
    20:51:03.0343 4436 \Device\Harddisk0\DR0\Partition1 - ok
    20:51:03.0359 4436 ============================================================
    20:51:03.0359 4436 Scan finished
    20:51:03.0359 4436 ============================================================
    20:51:03.0375 0768 Detected object count: 1
    20:51:03.0375 0768 Actual detected object count: 1
    20:52:45.0234 0768 VolSnap ( Rootkit.Win32.TDSS.tdl3 ) - skipped by user
    20:52:45.0234 0768 VolSnap ( Rootkit.Win32.TDSS.tdl3 ) - User select action: Skip
    20:53:05.0875 2404 Deinitialize success
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1061040