caught a bug

zeroth · April 4, 2012

Hello, I'm getting redirects on any browser I use. Mbam found some trojans which were deleted and comes up clean now. Here are the DDS reports and thanks very much for any help!

XP pro SP3

DDS (Ver_10-11-10.01) - NTFSx86

Run by HP_Administrator at 13:49:36.76 on Wed 04/04/2012

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_31

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3574.2608 [GMT -4:00]

AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\Program Files\Emsisoft Anti-Malware\a2service.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Comodo\Dragon\dragon_updater.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\system32\svchost.exe -k HPService

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

svchost.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe

C:\WINDOWS\system32\dllhost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\AVAST Software\Avast\avastUI.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe

C:\Documents and Settings\HP_Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/

uDefault_Search_URL =

mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=64&bd=PAVILION&pf=desktop

uInternet Settings,ProxyServer = socks=

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll

BHO: Inbox Toolbar: {d3d233d5-9f6d-436c-b6c7-e63f77503b30} - c:\progra~1\inboxt~1\Inbox.dll

BHO: ooVoo toolbar, powered by Ask.com: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: &Inbox Toolbar: {d7e97865-918f-41e4-9cd0-25ab1c574ce8} - c:\progra~1\inboxt~1\Inbox.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll

TB: ooVoo toolbar, powered by Ask.com: {d4027c7f-154a-4066-a1ad-4243d8127440} - c:\program files\ask.com\GenericAskToolbar.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui

IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000

IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office12\REFIEBAR.DLL

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll

Trusted Zone: trymedia.com

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1221364816500

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {9E065E4A-BD9D-4547-8F90-985DC62A5591} - hxxp://192.168.1.181/PlayerPT.cab

DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} - hxxp://office.microsoft.com/officeupdate/content/opuc4.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll

Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - c:\progra~1\inboxt~1\Inbox.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: igfxcui - igfxdev.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hp_adm~1\applic~1\mozilla\firefox\profiles\1s6yz1oh.default\

FF - plugin: c:\documents and settings\hp_administrator\local settings\application data\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdjvu.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\emsisoft anti-malware\a2ddax86.sys [2012-3-29 17904]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-3-21 612184]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-3-21 337880]

R2 a2AntiMalware;Emsisoft Anti-Malware 6.0 - Service;c:\program files\emsisoft anti-malware\a2service.exe [2012-3-29 3025112]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-3-21 20696]

R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-3-21 44768]

R2 DragonUpdater;COMODO Dragon Update Service;c:\program files\comodo\dragon\dragon_updater.exe [2012-3-28 407288]

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

R2 NetProbe;NetProbe Packet Driver;c:\windows\system32\drivers\NetProbe.sys [2009-3-24 5365]

S2 gupdate1c98572486c5d2f;Google Update Service (gupdate1c98572486c5d2f);c:\program files\google\update\GoogleUpdate.exe [2009-2-2 133104]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-29 158856]

S3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2012-3-29 51632]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-4 253600]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-2-2 133104]

S3 USBBULK;USB Bulk device driver;c:\windows\system32\drivers\USBBulk.sys [2008-12-24 20992]

S3 VX6000;Microsoft LifeCam VX-6000;c:\windows\system32\drivers\VX6000Xp.sys [2010-1-29 2074480]

=============== Created Last 30 ================

2012-04-04 14:05:19 4139168 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

2012-04-04 13:55:23 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-04-04 10:29:06 -------- d-----w- c:\docume~1\hp_adm~1\applic~1\EurekaLog

2012-04-02 16:39:18 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-03-28 20:01:49 -------- d-----w- c:\docume~1\hp_adm~1\applic~1\ooVoo Details

2012-03-28 20:00:43 -------- d-----w- c:\program files\Ask.com

2012-03-28 20:00:41 -------- d-----w- c:\docume~1\hp_adm~1\locals~1\applic~1\AskToolbar

2012-03-28 20:00:28 -------- d-----w- c:\program files\ooVoo

2012-03-28 17:31:38 -------- d-----r- c:\program files\Skype

2012-03-27 09:31:08 -------- d-----w- c:\program files\Emsisoft Anti-Malware

2012-03-21 17:07:19 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-03-21 17:06:34 41184 ----a-w- c:\windows\avastSS.scr

2012-03-21 17:06:11 -------- d-----w- c:\program files\AVAST Software

2012-03-21 17:06:11 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVAST Software

2012-03-19 17:28:00 78336 ----a-w- c:\windows\system32\ieencode.dll

2012-03-19 17:28:00 78336 ----a-w- c:\windows\system32\dllcache\ieencode.dll

2012-03-19 17:22:57 6144 ------w- c:\windows\system32\dllcache\iecompat.dll

2012-03-19 08:21:59 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-19 01:07:07 -------- d-----w- C:\found.000

==================== Find3M ====================

2012-04-04 14:05:20 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-04-02 16:39:04 472808 ----a-w- c:\windows\system32\deployJava1.dll

2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys

2012-01-21 13:36:21 256 ----a-w- c:\windows\system32\pool.bin

2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll

============= FINISH: 13:58:42.10 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-10.01)

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 9/11/2008 8:48:57 PM

System Uptime: 4/4/2012 9:50:47 AM (4 hours ago)

Motherboard: ASUSTek Computer INC. | | Buckeye

Processor: Intel® Core2 CPU 6300 @ 1.86GHz | Socket 775 | 1866/266mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 224 GiB total, 143.553 GiB free.

D: is FIXED (FAT32) - 9 GiB total, 0.399 GiB free.

E: is CDROM ()

F: is Removable

G: is Removable

H: is Removable

I: is Removable

J: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP1233: 1/6/2012 4:24:55 AM - System Checkpoint

RP1234: 1/7/2012 4:38:25 AM - System Checkpoint

RP1235: 1/8/2012 5:38:27 AM - System Checkpoint

RP1236: 1/9/2012 5:38:30 AM - System Checkpoint

RP1237: 1/10/2012 5:50:46 AM - System Checkpoint

RP1238: 1/11/2012 3:00:23 AM - Software Distribution Service 3.0

RP1239: 1/12/2012 3:41:40 AM - System Checkpoint

RP1240: 1/13/2012 3:58:14 AM - System Checkpoint

RP1241: 1/14/2012 3:58:19 AM - System Checkpoint

RP1242: 1/15/2012 4:10:33 AM - System Checkpoint

RP1243: 1/16/2012 5:10:44 AM - System Checkpoint

RP1244: 1/17/2012 5:10:58 AM - System Checkpoint

RP1245: 1/18/2012 6:01:36 AM - System Checkpoint

RP1246: 1/19/2012 3:00:14 AM - Software Distribution Service 3.0

RP1247: 1/20/2012 3:22:03 AM - System Checkpoint

RP1248: 1/21/2012 3:22:15 AM - System Checkpoint

RP1249: 1/22/2012 3:22:23 AM - System Checkpoint

RP1250: 1/23/2012 3:34:14 AM - System Checkpoint

RP1251: 1/24/2012 4:22:28 AM - System Checkpoint

RP1252: 1/25/2012 4:22:38 AM - System Checkpoint

RP1253: 1/26/2012 4:34:45 AM - System Checkpoint

RP1254: 1/27/2012 5:26:07 AM - System Checkpoint

RP1255: 1/27/2012 7:22:56 PM - Removed Adobe Reader X (10.1.2).

RP1256: 1/27/2012 8:20:34 PM - Printer Driver HP Officejet Pro L7600 Series fax Installed

RP1257: 1/27/2012 8:44:44 PM - Installed Adobe Reader X (10.1.2).

RP1258: 1/28/2012 3:00:15 AM - Software Distribution Service 3.0

RP1259: 1/29/2012 3:56:52 AM - System Checkpoint

RP1260: 1/30/2012 6:40:17 AM - System Checkpoint

RP1261: 1/31/2012 7:22:21 AM - System Checkpoint

RP1262: 2/1/2012 8:08:45 AM - System Checkpoint

RP1263: 2/2/2012 9:01:43 AM - System Checkpoint

RP1264: 2/3/2012 9:30:47 AM - System Checkpoint

RP1265: 2/4/2012 10:23:03 AM - System Checkpoint

RP1266: 2/5/2012 10:56:54 AM - System Checkpoint

RP1267: 2/6/2012 12:12:48 PM - System Checkpoint

RP1268: 2/7/2012 12:21:21 PM - System Checkpoint

RP1269: 2/8/2012 1:23:44 PM - System Checkpoint

RP1270: 2/9/2012 1:57:18 PM - System Checkpoint

RP1271: 2/10/2012 1:58:32 PM - System Checkpoint

RP1272: 2/11/2012 2:07:37 PM - System Checkpoint

RP1273: 2/12/2012 3:25:36 PM - System Checkpoint

RP1274: 2/13/2012 3:44:58 PM - System Checkpoint

RP1275: 2/14/2012 4:44:59 PM - System Checkpoint

RP1276: 2/15/2012 4:54:32 PM - System Checkpoint

RP1277: 2/16/2012 3:00:23 AM - Software Distribution Service 3.0

RP1278: 2/17/2012 3:30:55 AM - System Checkpoint

RP1279: 2/18/2012 3:47:47 AM - System Checkpoint

RP1280: 2/19/2012 4:47:48 AM - System Checkpoint

RP1281: 2/20/2012 4:47:57 AM - System Checkpoint

RP1282: 2/21/2012 5:47:57 AM - System Checkpoint

RP1283: 2/22/2012 5:49:13 AM - System Checkpoint

RP1284: 2/23/2012 6:03:11 AM - System Checkpoint

RP1285: 2/24/2012 6:48:07 AM - System Checkpoint

RP1286: 2/25/2012 7:01:45 AM - System Checkpoint

RP1287: 2/26/2012 7:40:20 AM - System Checkpoint

RP1288: 2/27/2012 7:59:59 AM - System Checkpoint

RP1289: 2/28/2012 9:22:09 AM - System Checkpoint

RP1290: 2/29/2012 9:49:58 AM - System Checkpoint

RP1291: 3/1/2012 9:59:28 AM - System Checkpoint

RP1292: 3/2/2012 10:30:43 AM - System Checkpoint

RP1293: 3/3/2012 10:49:20 AM - System Checkpoint

RP1294: 3/4/2012 11:01:51 AM - System Checkpoint

RP1295: 3/5/2012 11:26:51 AM - System Checkpoint

RP1296: 3/6/2012 12:45:34 PM - System Checkpoint

RP1297: 3/7/2012 2:44:47 PM - System Checkpoint

RP1298: 3/8/2012 3:01:37 PM - System Checkpoint

RP1299: 3/9/2012 4:27:02 PM - System Checkpoint

RP1300: 3/10/2012 4:57:22 PM - System Checkpoint

RP1301: 3/11/2012 6:18:47 PM - System Checkpoint

RP1302: 3/12/2012 6:51:07 PM - System Checkpoint

RP1303: 3/13/2012 7:02:11 PM - System Checkpoint

RP1304: 3/14/2012 3:00:17 AM - Software Distribution Service 3.0

RP1305: 3/15/2012 3:26:54 AM - System Checkpoint

RP1306: 3/16/2012 3:27:02 AM - System Checkpoint

RP1307: 3/17/2012 3:39:06 AM - System Checkpoint

RP1308: 3/18/2012 3:40:20 AM - System Checkpoint

RP1309: 3/18/2012 3:42:58 PM - Removed Skype™ 5.5

RP1310: 3/18/2012 3:43:44 PM - Removed Skype web features

RP1311: 3/18/2012 4:06:14 PM - Removed Skype™ 5.8

RP1312: 3/18/2012 8:58:08 PM - Removed Skype™ 5.8

RP1313: 3/19/2012 1:28:36 PM - Installed Windows Internet Explorer 8.

RP1314: 3/19/2012 1:29:47 PM - Software Distribution Service 3.0

RP1315: 3/20/2012 3:00:15 AM - Software Distribution Service 3.0

RP1316: 3/21/2012 3:00:15 AM - Software Distribution Service 3.0

RP1317: 3/21/2012 1:06:11 PM - avast! Free Antivirus Setup

RP1318: 3/22/2012 1:24:46 PM - System Checkpoint

RP1319: 3/22/2012 2:35:11 PM - Removed Microsoft SQL Server Desktop Engine

RP1320: 3/22/2012 2:35:36 PM - Removed Microsoft SQL Server Native Client

RP1321: 3/23/2012 3:17:54 PM - System Checkpoint

RP1322: 3/24/2012 7:49:00 AM - Removed Java 6 Update 22

RP1323: 3/24/2012 11:04:15 AM - Removed Skype™ 5.8

RP1324: 3/25/2012 11:15:02 AM - System Checkpoint

RP1325: 3/26/2012 12:10:56 PM - System Checkpoint

RP1326: 3/27/2012 4:11:56 PM - System Checkpoint

RP1327: 3/28/2012 10:54:33 AM - Removed Google Earth.

RP1328: 3/28/2012 10:54:58 AM - Removed Google Earth Plug-in.

RP1329: 3/28/2012 10:55:17 AM - Removed Google Talk Plugin

RP1330: 3/29/2012 3:00:19 AM - Software Distribution Service 3.0

RP1331: 3/29/2012 7:06:30 AM - Installed Windows XP KB915865.

RP1332: 3/29/2012 7:07:09 AM - Installed Windows NLSDownlevelMapping.

RP1333: 3/29/2012 7:07:35 AM - Installed Windows IDNMitigationAPIs.

RP1334: 3/29/2012 7:07:56 AM - Installed Windows Internet Explorer 7.

RP1335: 3/29/2012 7:08:17 AM - Software Distribution Service 3.0

RP1336: 3/29/2012 8:03:53 AM - Software Distribution Service 3.0

RP1337: 3/29/2012 9:29:59 AM - Software Distribution Service 3.0

RP1338: 4/2/2012 12:38:56 PM - Installed Java 6 Update 31

RP1339: 4/3/2012 3:01:05 PM - System Checkpoint

==== Installed Programs ======================

32 Bit HP CIO Components Installer

7500_7600_7700_Help1

Acrobat.com

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.2)

Adobe Shockwave Player 11.5

AllyCAD 2010 Home Release 5

Apple Application Support

Apple Software Update

Ask Toolbar

AutoUpdate

Avanquest update

avast! Free Antivirus

Belarc Advisor 7.2

Beta Brite Prism Messaging Software

BlackBerry Desktop Software 4.3

bpd_scan_Carrier

BPDSoftware

BPDSoftware_Ini

BufferChm

Comodo Dragon

CP_AtenaShokunin1Config

CP_CalendarTemplates1

cp_LightScribeConfig

cp_OnlineProjectsConfig

CP_Package_Basic1

CP_Package_Variety1

CP_Package_Variety2

CP_Package_Variety3

CP_Panorama1Config

cp_PosterPrintConfig

cp_UpdateProjectsConfig

Critical Update for Windows Media Player 11 (KB959772)

CueTour

Customer Experience Enhancement

DARPA ACTUV Game

Data Fax SoftModem with SmartCP

DBPix20

Destinations

DeviceDiscovery

DeviceManagementQFolder

DISCover

DivX

DocProc

EA SPORTS online 2006

Easy Internet Sign-up

EasyBits GO

Emsisoft Anti-Malware

Enhanced Multimedia Keyboard Solution

EZ A&D Firearms Records

Fax

Federal 2010 Ammunition

FullDPAppQFolder

GemMaster Mystic

GIMP 2.6.3

GnuCash 2.2.9

Google Earth Plug-in

Google Update Helper

GPBaseService2

Hewlett-Packard ACLM.NET v1.1.0.0

High Definition Audio Driver Package - KB888111

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 10 (KB910393)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB915800-v4)

Hotfix for Windows XP (KB915865)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Boot Optimizer

HP Customer Participation Program 14.0

HP DigitalMedia Archive

HP DVD Play 2.1

HP Imaging Device Functions 14.0

HP OfficeJet L7300/L7500/7600/7700

HP Photosmart for Media Center PC

HP Photosmart Premier Software 6.5

HP Product Detection

HP Smart Web Printing 4.60

HP Solution Center 14.0

HP Update

HP Web Helper

HPPhotoSmartExpress

HPProductAssistant

HpSdpAppCoreApp

HPSSupply

Inbox Toolbar

InstantShareAlert

InstantShareDevices

Intel® Graphics Media Accelerator Driver

Intel® Matrix Storage Manager

Intel® PRO Network Connections Drivers

Intel® Quick Resume Technology Drivers

Intel® Viiv™ Software

Java Auto Updater

Java 6 Update 31

L7600

LightScribe 1.4.105.1

LizardTech DjVu Control

Load From A Disk Version 5.0

Magic ISO Maker v5.5 (build 0281)

Malwarebytes Anti-Malware version 1.60.1.1000

MarketResearch

Microsoft .NET Framework 1.0 Hotfix (KB2572066)

Microsoft .NET Framework 1.0 Hotfix (KB953295)

Microsoft .NET Framework 1.0 Hotfix (KB979904)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Money 2006

Microsoft National Language Support Downlevel APIs

Microsoft Office 2000 SR-1 Professional

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access Runtime (English) 2007

Microsoft Office Accounting 2009

Microsoft Office Accounting 2009 Equifax Addin

Microsoft Office Accounting 2009 Fixed Asset Manager

Microsoft Office Accounting 2009 PayPal Addin

Microsoft Office Accounting 2009 Tax Integration Add-in

Microsoft Office Accounting ADP Payroll Addin

Microsoft Office Excel MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Small Business 2007

Microsoft Office Small Business Connectivity Components

Microsoft Office Standard Edition 2003 60 days trial

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual Basic PowerPacks 10.0

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

Mozilla Firefox 11.0 (x86 en-US)

MPM

MSVCRT

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6.0 Parser

muvee autoProducer 5.0

muvee autoProducer unPlugged 2.0

My HP Games

Netscape Browser (remove only)

Network

OCR Software by I.R.I.S. 14.0

Octoshape add-in for Adobe Flash Player

ooVoo

ooVoo toolbar, powered by Ask.com Updater

OptionalContentQFolder

Otto

PC-Doctor 5 for Windows

PhotoGallery

ProductContext

Python 2.2 pywin32 extensions (build 203)

Python 2.2.3

QuickDESIGN (C:\Program Files\QuickDESIGN\)

Quicken 2006

QuickLOAD

QuickTime

RandMap

RealPlayer

Realtek High Definition Audio Driver

Reloaders Reference v9.3x74r

Remove WeatherBug Installer

Rhapsody

Roxio Media Manager

SAMSUNG Android USB Modem Software

Scan

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Windows (KB2564958)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 7 (KB2183461)

Security Update for Windows Internet Explorer 7 (KB2618444)

Security Update for Windows Internet Explorer 7 (KB2647516)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 7 (KB969897)

Security Update for Windows Internet Explorer 7 (KB972260)

Security Update for Windows Internet Explorer 7 (KB974455)

Security Update for Windows Internet Explorer 7 (KB976325)

Security Update for Windows Internet Explorer 7 (KB978207)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 10 (KB936782)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Search 4 - KB963093

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2510581)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923689)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953838)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Segoe UI

Shop for HP Supplies

SkinsHP1

Skype™ 5.8

SlideShow

SlideShowMusic

SmartDraw 2008

SmartDraw 2009

SmartDraw PDF Filter

SmartWebPrinting

SolutionCenter

Sonic Express Labeler

Sonic MyDVD Plus

Sonic RecordNow Audio

Sonic RecordNow Copy

Sonic RecordNow Data

Sonic Update Manager

Sonic_PrimoSDK

Sony Picture Utility

Sony USB Driver

Spybot - Search & Destroy

Status

Tiger Woods PGA TOUR 06

Toolbox

TOPO! Explorer

TrayApp

Unity Web Player

Unload

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2597970) 32-Bit Edition

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Windows Internet Explorer 7 (KB976749)

Update for Windows Internet Explorer 7 (KB980182)

Update for Windows Media Player 10 (KB913800)

Update for Windows Media Player 10 (KB926251)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB961503)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update Rollup 2 for Windows XP Media Center Edition 2005

Updates from HP (remove only)

Web Easy Professional

Web Easy Professional 7

WebFldrs XP

WebReg

WiMood plugins

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 7

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Messenger

Windows Live Upload Tool

Windows Media Format 11 runtime

Windows Media Player 11

Windows PowerShell 1.0

Windows Search 4.0

Windows XP Media Center Edition 2005 KB2502898

Windows XP Media Center Edition 2005 KB2619340

Windows XP Media Center Edition 2005 KB2628259

Windows XP Media Center Edition 2005 KB908246

Windows XP Media Center Edition 2005 KB925766

Windows XP Media Center Edition 2005 KB973768

Windows XP Service Pack 3

==== Event Viewer Messages From Past Week ========

4/4/2012 1:58:39 PM, error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.

3/29/2012 3:01:33 AM, error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

3/29/2012 3:00:41 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft Office Access Runtime and Data Connectivity 2007 Service Pack 3 (SP3).

3/28/2012 9:32:00 PM, error: Schedule [7901] - The At46.job command failed to start due to the following error: General access denied error

3/28/2012 9:32:00 AM, error: Schedule [7901] - The At34.job command failed to start due to the following error: General access denied error

3/28/2012 9:29:00 PM, error: Schedule [7901] - The At23.job command failed to start due to the following error: General access denied error

3/28/2012 9:29:00 AM, error: Schedule [7901] - The At10.job command failed to start due to the following error: General access denied error

3/28/2012 8:32:00 PM, error: Schedule [7901] - The At44.job command failed to start due to the following error: General access denied error

3/28/2012 8:32:00 AM, error: Schedule [7901] - The At33.job command failed to start due to the following error: General access denied error

3/28/2012 8:29:00 PM, error: Schedule [7901] - The At21.job command failed to start due to the following error: General access denied error

3/28/2012 8:29:00 AM, error: Schedule [7901] - The At9.job command failed to start due to the following error: General access denied error

3/28/2012 7:32:00 PM, error: Schedule [7901] - The At45.job command failed to start due to the following error: General access denied error

3/28/2012 7:32:00 AM, error: Schedule [7901] - The At32.job command failed to start due to the following error: General access denied error

3/28/2012 7:29:00 PM, error: Schedule [7901] - The At20.job command failed to start due to the following error: General access denied error

3/28/2012 7:29:00 AM, error: Schedule [7901] - The At8.job command failed to start due to the following error: General access denied error

3/28/2012 6:32:00 PM, error: Schedule [7901] - The At42.job command failed to start due to the following error: General access denied error

3/28/2012 6:32:00 AM, error: Schedule [7901] - The At31.job command failed to start due to the following error: General access denied error

3/28/2012 6:29:00 PM, error: Schedule [7901] - The At19.job command failed to start due to the following error: General access denied error

3/28/2012 6:29:00 AM, error: Schedule [7901] - The At6.job command failed to start due to the following error: General access denied error

3/28/2012 5:32:00 PM, error: Schedule [7901] - The At43.job command failed to start due to the following error: General access denied error

3/28/2012 5:32:00 AM, error: Schedule [7901] - The At27.job command failed to start due to the following error: General access denied error

3/28/2012 5:29:00 PM, error: Schedule [7901] - The At16.job command failed to start due to the following error: General access denied error

3/28/2012 5:29:00 AM, error: Schedule [7901] - The At7.job command failed to start due to the following error: General access denied error

3/28/2012 4:53:29 PM, error: DCOM [10000] - Unable to start a DCOM Server: {0002DF01-0000-0000-C000-000000000046}. The error: "%2" Happened while starting this command: "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -Embedding

3/28/2012 4:32:00 PM, error: Schedule [7901] - The At40.job command failed to start due to the following error: General access denied error

3/28/2012 4:32:00 AM, error: Schedule [7901] - The At29.job command failed to start due to the following error: General access denied error

3/28/2012 4:29:00 PM, error: Schedule [7901] - The At18.job command failed to start due to the following error: General access denied error

3/28/2012 4:29:00 AM, error: Schedule [7901] - The At5.job command failed to start due to the following error: General access denied error

3/28/2012 3:32:00 PM, error: Schedule [7901] - The At41.job command failed to start due to the following error: General access denied error

3/28/2012 3:32:00 AM, error: Schedule [7901] - The At26.job command failed to start due to the following error: General access denied error

3/28/2012 3:29:00 PM, error: Schedule [7901] - The At17.job command failed to start due to the following error: General access denied error

3/28/2012 3:29:00 AM, error: Schedule [7901] - The At4.job command failed to start due to the following error: General access denied error

3/28/2012 2:32:00 PM, error: Schedule [7901] - The At38.job command failed to start due to the following error: General access denied error

3/28/2012 2:32:00 AM, error: Schedule [7901] - The At30.job command failed to start due to the following error: General access denied error

3/28/2012 2:29:00 PM, error: Schedule [7901] - The At14.job command failed to start due to the following error: General access denied error

3/28/2012 2:29:00 AM, error: Schedule [7901] - The At1.job command failed to start due to the following error: General access denied error

3/28/2012 12:32:00 PM, error: Schedule [7901] - The At36.job command failed to start due to the following error: General access denied error

3/28/2012 12:32:00 AM, error: Schedule [7901] - The At28.job command failed to start due to the following error: General access denied error

3/28/2012 12:29:00 PM, error: Schedule [7901] - The At12.job command failed to start due to the following error: General access denied error

3/28/2012 12:29:00 AM, error: Schedule [7901] - The At3.job command failed to start due to the following error: General access denied error

3/28/2012 11:32:00 PM, error: Schedule [7901] - The At48.job command failed to start due to the following error: General access denied error

3/28/2012 11:32:00 AM, error: Schedule [7901] - The At37.job command failed to start due to the following error: General access denied error

3/28/2012 11:29:00 PM, error: Schedule [7901] - The At24.job command failed to start due to the following error: General access denied error

3/28/2012 11:29:00 AM, error: Schedule [7901] - The At13.job command failed to start due to the following error: General access denied error

3/28/2012 10:32:00 PM, error: Schedule [7901] - The At47.job command failed to start due to the following error: General access denied error

3/28/2012 10:32:00 AM, error: Schedule [7901] - The At35.job command failed to start due to the following error: General access denied error

3/28/2012 10:29:00 PM, error: Schedule [7901] - The At22.job command failed to start due to the following error: General access denied error

3/28/2012 10:29:00 AM, error: Schedule [7901] - The At11.job command failed to start due to the following error: General access denied error

3/28/2012 1:32:00 PM, error: Schedule [7901] - The At39.job command failed to start due to the following error: General access denied error

3/28/2012 1:32:00 AM, error: Schedule [7901] - The At25.job command failed to start due to the following error: General access denied error

3/28/2012 1:29:00 PM, error: Schedule [7901] - The At15.job command failed to start due to the following error: General access denied error

3/28/2012 1:29:00 AM, error: Schedule [7901] - The At2.job command failed to start due to the following error: General access denied error

3/28/2012 1:17:48 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2

==== End Of File ===========================

Maniac · April 4, 2012

Hello zeroth and :welcome: ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Please uninstall the following applications:

Ask Toolbar - Bundled with many third party applications - also see this note.

Inbox Toolbar - Features pre-checked home page and search settings change, and offers to install a variety of third party software/foistware.

ooVoo toolbar, powered by Ask.com Updater - VMN Toolbar variant by Visicom Media, detected by some as AdWare.Win32.MegaSearch or Adware.VMN hailing from zugo.com, bundled with various third party software.

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 3

Launch Malwarebytes' Anti-Malware
Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
Go to Scanner tab and select Perform Quick Scan, then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

TDSSKiller log
Malwarebytes' Anti-Malware log
a new fresh DDS log file

zeroth · April 5, 2012

Many thanks, Maniac, for your time!

Here are the new files, split into some few posts since one post was too large...:

21:44:01.0843 2936 TDSS rootkit removing tool 2.7.25.0 Apr 3 2012 13:42:32

21:44:02.0437 2936 ============================================================

21:44:02.0437 2936 Current date / time: 2012/04/04 21:44:02.0437

21:44:02.0437 2936 SystemInfo:

21:44:02.0437 2936

21:44:02.0437 2936 OS Version: 5.1.2600 ServicePack: 3.0

21:44:02.0437 2936 Product type: Workstation

21:44:02.0437 2936 ComputerName: MEKSIKATSI

21:44:02.0437 2936 UserName: HP_Administrator

21:44:02.0437 2936 Windows directory: C:\WINDOWS

21:44:02.0437 2936 System windows directory: C:\WINDOWS

21:44:02.0437 2936 Processor architecture: Intel x86

21:44:02.0437 2936 Number of processors: 2

21:44:02.0437 2936 Page size: 0x1000

21:44:02.0437 2936 Boot type: Normal boot

21:44:02.0437 2936 ============================================================

21:44:02.0749 2936 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

21:44:02.0765 2936 \Device\Harddisk0\DR0:

21:44:02.0765 2936 MBR used

21:44:02.0765 2936 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1C078419

21:44:02.0765 2936 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x1C07C319, BlocksNum 0x1148268

21:44:02.0812 2936 Initialize success

21:44:02.0812 2936 ============================================================

21:45:18.0499 1640 ============================================================

21:45:18.0499 1640 Scan started

21:45:18.0499 1640 Mode: Manual; SigCheck; TDLFS;

21:45:18.0499 1640 ============================================================

21:45:19.0531 1640 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys

21:45:19.0859 1640 61883 - ok

21:45:19.0952 1640 a2acc (05dac43a484272de87eac038814a7840) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys

21:45:19.0984 1640 a2acc - ok

21:45:20.0077 1640 a2AntiMalware (5a65a77f7a4a091e896c21db4ef18e1f) C:\Program Files\Emsisoft Anti-Malware\a2service.exe

21:45:20.0202 1640 a2AntiMalware - ok

21:45:20.0296 1640 A2DDA (f7eabca8375ea2dc6f35c4bca4757515) C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys

21:45:20.0296 1640 A2DDA - ok

21:45:20.0437 1640 Aavmker4 (473f97edc5a5312f3665ab2921196c0c) C:\WINDOWS\system32\drivers\Aavmker4.sys

21:45:20.0452 1640 Aavmker4 - ok

21:45:20.0468 1640 Abiosdsk - ok

21:45:20.0468 1640 abp480n5 - ok

21:45:20.0546 1640 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

21:45:20.0687 1640 ACPI - ok

21:45:20.0734 1640 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

21:45:20.0859 1640 ACPIEC - ok

21:45:20.0921 1640 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

21:45:20.0937 1640 AdobeFlashPlayerUpdateSvc - ok

21:45:20.0952 1640 adpu160m - ok

21:45:20.0968 1640 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

21:45:21.0093 1640 aec - ok

21:45:21.0124 1640 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

21:45:21.0171 1640 AFD - ok

21:45:21.0187 1640 Aha154x - ok

21:45:21.0187 1640 aic78u2 - ok

21:45:21.0202 1640 aic78xx - ok

21:45:21.0234 1640 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

21:45:21.0359 1640 Alerter - ok

21:45:21.0390 1640 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

21:45:21.0515 1640 ALG - ok

21:45:21.0531 1640 AliIde - ok

21:45:21.0531 1640 amsint - ok

21:45:21.0577 1640 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

21:45:21.0687 1640 AppMgmt - ok

21:45:21.0702 1640 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

21:45:21.0796 1640 Arp1394 - ok

21:45:21.0812 1640 asc - ok

21:45:21.0827 1640 asc3350p - ok

21:45:21.0827 1640 asc3550 - ok

21:45:21.0921 1640 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

21:45:21.0937 1640 aspnet_state - ok

21:45:21.0968 1640 aswFsBlk (0ae43c6c411254049279c2ee55630f95) C:\WINDOWS\system32\drivers\aswFsBlk.sys

21:45:21.0984 1640 aswFsBlk - ok

21:45:21.0999 1640 aswMon2 (8c30b7ddd2f1d8d138ebe40345af2b11) C:\WINDOWS\system32\drivers\aswMon2.sys

21:45:22.0015 1640 aswMon2 - ok

21:45:22.0031 1640 AswRdr (da12626fd9a67f4e917e2f2fbe1e1764) C:\WINDOWS\system32\drivers\AswRdr.sys

21:45:22.0046 1640 AswRdr - ok

21:45:22.0077 1640 aswSnx (dcb199b967375753b5019ec15f008f53) C:\WINDOWS\system32\drivers\aswSnx.sys

21:45:22.0109 1640 aswSnx - ok

21:45:22.0140 1640 aswSP (b32873e5a1443c0a1e322266e203bf10) C:\WINDOWS\system32\drivers\aswSP.sys

21:45:22.0156 1640 aswSP - ok

21:45:22.0187 1640 aswTdi (6ff544175a9180c5d88534d3d9c9a9f7) C:\WINDOWS\system32\drivers\aswTdi.sys

21:45:22.0187 1640 aswTdi - ok

21:45:22.0234 1640 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

21:45:22.0359 1640 AsyncMac - ok

21:45:22.0359 1640 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

21:45:22.0484 1640 atapi - ok

21:45:22.0499 1640 Atdisk - ok

21:45:22.0515 1640 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

21:45:22.0624 1640 Atmarpc - ok

21:45:22.0656 1640 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

21:45:22.0749 1640 AudioSrv - ok

21:45:22.0781 1640 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

21:45:22.0890 1640 audstub - ok

21:45:22.0952 1640 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

21:45:22.0968 1640 avast! Antivirus - ok

21:45:22.0999 1640 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys

21:45:23.0109 1640 Avc - ok

21:45:23.0140 1640 BANTExt (5d7be7b19e827125e016325334e58ff1) C:\WINDOWS\System32\Drivers\BANTExt.sys

21:45:23.0156 1640 BANTExt ( UnsignedFile.Multi.Generic ) - warning

21:45:23.0156 1640 BANTExt - detected UnsignedFile.Multi.Generic (1)

21:45:23.0171 1640 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

21:45:23.0312 1640 Beep - ok

21:45:23.0374 1640 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

21:45:23.0484 1640 BITS - ok

21:45:23.0515 1640 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

21:45:23.0640 1640 Browser - ok

21:45:23.0640 1640 catchme - ok

21:45:23.0656 1640 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

21:45:23.0781 1640 cbidf2k - ok

21:45:23.0796 1640 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

21:45:23.0890 1640 CCDECODE - ok

21:45:23.0906 1640 cd20xrnt - ok

21:45:23.0921 1640 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

21:45:24.0015 1640 Cdaudio - ok

21:45:24.0046 1640 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

21:45:24.0140 1640 Cdfs - ok

21:45:24.0156 1640 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

21:45:24.0265 1640 Cdrom - ok

21:45:24.0265 1640 Changer - ok

21:45:24.0296 1640 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

21:45:24.0406 1640 CiSvc - ok

21:45:24.0437 1640 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

21:45:24.0546 1640 ClipSrv - ok

21:45:24.0640 1640 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:45:24.0640 1640 clr_optimization_v2.0.50727_32 - ok

21:45:24.0656 1640 CmdIde - ok

21:45:24.0656 1640 COMSysApp - ok

21:45:24.0671 1640 Cpqarray - ok

21:45:24.0718 1640 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

21:45:24.0843 1640 CryptSvc - ok

21:45:24.0843 1640 dac2w2k - ok

21:45:24.0859 1640 dac960nt - ok

21:45:24.0906 1640 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

21:45:24.0968 1640 DcomLaunch - ok

21:45:25.0046 1640 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

21:45:25.0156 1640 Dhcp - ok

21:45:25.0187 1640 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

21:45:25.0296 1640 Disk - ok

21:45:25.0312 1640 dmadmin - ok

21:45:25.0343 1640 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

21:45:25.0484 1640 dmboot - ok

21:45:25.0499 1640 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

21:45:25.0609 1640 dmio - ok

21:45:25.0624 1640 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

21:45:25.0749 1640 dmload - ok

21:45:25.0765 1640 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

21:45:25.0874 1640 dmserver - ok

21:45:25.0906 1640 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

21:45:25.0999 1640 DMusic - ok

21:45:26.0031 1640 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

21:45:26.0109 1640 Dnscache - ok

21:45:26.0140 1640 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

21:45:26.0265 1640 Dot3svc - ok

21:45:26.0265 1640 dpti2o - ok

21:45:26.0359 1640 DragonUpdater (af4634542c818a8b4182d41e7f00e363) C:\Program Files\Comodo\Dragon\dragon_updater.exe

21:45:26.0390 1640 DragonUpdater - ok

21:45:26.0421 1640 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

21:45:26.0531 1640 drmkaud - ok

21:45:26.0562 1640 e1express (b0ababbbe2e61fc916a21182ac2ceff1) C:\WINDOWS\system32\DRIVERS\e1e5132.sys

21:45:26.0624 1640 e1express - ok

21:45:26.0656 1640 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

21:45:26.0796 1640 EapHost - ok

21:45:26.0843 1640 ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe

21:45:26.0906 1640 ehRecvr - ok

21:45:26.0937 1640 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe

21:45:26.0968 1640 ehSched - ok

21:45:26.0984 1640 ELacpi (0923aec043f5d355b4ef0c2b29a362de) C:\WINDOWS\system32\DRIVERS\ELacpi.sys

21:45:27.0015 1640 ELacpi - ok

21:45:27.0031 1640 ELhid (cbd71e7772f92bfb85ccc302b2deefba) C:\WINDOWS\System32\Drivers\Elhid.sys

21:45:27.0046 1640 ELhid ( UnsignedFile.Multi.Generic ) - warning

21:45:27.0046 1640 ELhid - detected UnsignedFile.Multi.Generic (1)

21:45:27.0062 1640 ELkbd (ac75b576c45d144e146fd1f0576a1f53) C:\WINDOWS\System32\Drivers\Elkbd.sys

21:45:27.0077 1640 ELkbd ( UnsignedFile.Multi.Generic ) - warning

21:45:27.0077 1640 ELkbd - detected UnsignedFile.Multi.Generic (1)

21:45:27.0109 1640 ELmon (483cce5e40137d4e437f4def55c80007) C:\WINDOWS\System32\Drivers\Elmon.sys

21:45:27.0109 1640 ELmon ( UnsignedFile.Multi.Generic ) - warning

21:45:27.0109 1640 ELmon - detected UnsignedFile.Multi.Generic (1)

21:45:27.0124 1640 ELmou (8e88cafeac0812bf2d15beeedfcce8bd) C:\WINDOWS\System32\Drivers\Elmou.sys

21:45:27.0140 1640 ELmou ( UnsignedFile.Multi.Generic ) - warning

21:45:27.0140 1640 ELmou - detected UnsignedFile.Multi.Generic (1)

21:45:27.0187 1640 ELService (47fcf6628e1a221c41f3f0130fbf258e) C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe

21:45:27.0218 1640 ELService ( UnsignedFile.Multi.Generic ) - warning

21:45:27.0218 1640 ELService - detected UnsignedFile.Multi.Generic (1)

21:45:27.0249 1640 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

21:45:27.0359 1640 ERSvc - ok

21:45:27.0390 1640 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

21:45:27.0437 1640 Eventlog - ok

21:45:27.0468 1640 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

21:45:27.0484 1640 EventSystem - ok

21:45:27.0515 1640 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

21:45:27.0640 1640 Fastfat - ok

21:45:27.0671 1640 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

21:45:27.0718 1640 FastUserSwitchingCompatibility - ok

21:45:27.0765 1640 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe

21:45:27.0874 1640 Fax - ok

21:45:27.0890 1640 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

21:45:27.0999 1640 Fdc - ok

21:45:28.0015 1640 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

21:45:28.0124 1640 Fips - ok

21:45:28.0124 1640 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

21:45:28.0234 1640 Flpydisk - ok

21:45:28.0265 1640 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

21:45:28.0374 1640 FltMgr - ok

21:45:28.0468 1640 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

21:45:28.0484 1640 FontCache3.0.0.0 - ok

21:45:28.0499 1640 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

21:45:28.0609 1640 Fs_Rec - ok

21:45:28.0624 1640 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

21:45:28.0749 1640 Ftdisk - ok

21:45:28.0749 1640 ftsata2 - ok

21:45:28.0781 1640 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

21:45:28.0874 1640 Gpc - ok

21:45:28.0968 1640 gupdate1c98572486c5d2f (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe

21:45:28.0984 1640 gupdate1c98572486c5d2f - ok

21:45:28.0984 1640 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe

21:45:28.0999 1640 gupdatem - ok

21:45:29.0015 1640 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

21:45:29.0124 1640 HDAudBus - ok

21:45:29.0187 1640 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

21:45:29.0296 1640 helpsvc - ok

21:45:29.0327 1640 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll

21:45:29.0421 1640 HidServ - ok

21:45:29.0452 1640 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

21:45:29.0562 1640 HidUsb - ok

21:45:29.0609 1640 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

21:45:29.0718 1640 hkmsvc - ok

21:45:29.0734 1640 hpn - ok

21:45:29.0827 1640 hpqcxs08 (97aac45a375168c6a2297beeb9692e31) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

21:45:29.0874 1640 hpqcxs08 - ok

21:45:29.0890 1640 hpqddsvc (19a4fb67b1c97ea18edff44340973cd9) C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

21:45:29.0906 1640 hpqddsvc - ok

21:45:29.0937 1640 HPSLPSVC (56fc98f1014ea8dc51b92839c32759ec) C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL

21:45:29.0968 1640 HPSLPSVC - ok

21:45:30.0062 1640 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

21:45:30.0140 1640 HPZid412 - ok

21:45:30.0156 1640 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

21:45:30.0171 1640 HPZipr12 - ok

21:45:30.0187 1640 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

21:45:30.0218 1640 HPZius12 - ok

21:45:30.0265 1640 HSXHWBS2 (1f5c64b0c6b2e2f48735a77ae714ccb8) C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys

21:45:30.0312 1640 HSXHWBS2 - ok

21:45:30.0343 1640 HSX_DP (a7f8c9228898a1e871d2ae7082f50ac3) C:\WINDOWS\system32\DRIVERS\HSX_DP.sys

21:45:30.0406 1640 HSX_DP - ok

21:45:30.0437 1640 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

21:45:30.0499 1640 HTTP - ok

21:45:30.0531 1640 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

21:45:30.0656 1640 HTTPFilter - ok

21:45:30.0656 1640 i2omgmt - ok

21:45:30.0671 1640 i2omp - ok

21:45:30.0702 1640 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

21:45:30.0827 1640 i8042prt - ok

21:45:30.0890 1640 IAANTMON (b122be74e283a2bc7febc180bfd2efd5) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

21:45:30.0906 1640 IAANTMON ( UnsignedFile.Multi.Generic ) - warning

21:45:30.0906 1640 IAANTMON - detected UnsignedFile.Multi.Generic (1)

21:45:30.0952 1640 ialm (88164ba0e3fc4172ff3a1bd82b756454) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

21:45:31.0046 1640 ialm - ok

21:45:31.0077 1640 iaStor (019cf5f31c67030841233c545a0e217a) C:\WINDOWS\system32\DRIVERS\iastor.sys

21:45:31.0124 1640 iaStor - ok

21:45:31.0218 1640 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

21:45:31.0234 1640 IDriverT ( UnsignedFile.Multi.Generic ) - warning

21:45:31.0234 1640 IDriverT - detected UnsignedFile.Multi.Generic (1)

21:45:31.0406 1640 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

21:45:31.0437 1640 idsvc - ok

21:45:31.0577 1640 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

21:45:31.0702 1640 Imapi - ok

21:45:31.0734 1640 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

21:45:31.0859 1640 ImapiService - ok

21:45:31.0859 1640 ini910u - ok

21:45:31.0999 1640 IntcAzAudAddService (12f4d2aa29745dc2a403ff42e75cf7fa) C:\WINDOWS\system32\drivers\RtkHDAud.sys

21:45:32.0187 1640 IntcAzAudAddService - ok

21:45:32.0296 1640 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

21:45:32.0406 1640 IntelIde - ok

21:45:32.0452 1640 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

21:45:32.0546 1640 intelppm - ok

21:45:32.0562 1640 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

21:45:32.0671 1640 Ip6Fw - ok

21:45:32.0702 1640 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

21:45:32.0812 1640 IpFilterDriver - ok

21:45:32.0843 1640 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

21:45:32.0952 1640 IpInIp - ok

21:45:32.0984 1640 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

21:45:33.0077 1640 IpNat - ok

21:45:33.0109 1640 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

21:45:33.0202 1640 IPSec - ok

21:45:33.0218 1640 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

21:45:33.0312 1640 IRENUM - ok

21:45:33.0327 1640 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

21:45:33.0437 1640 isapnp - ok

21:45:33.0499 1640 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe

21:45:33.0515 1640 JavaQuickStarterService - ok

21:45:33.0546 1640 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

21:45:33.0656 1640 Kbdclass - ok

21:45:33.0656 1640 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

21:45:33.0765 1640 kbdhid - ok

21:45:33.0781 1640 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

21:45:33.0874 1640 kmixer - ok

21:45:33.0906 1640 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

21:45:33.0968 1640 KSecDD - ok

21:45:33.0999 1640 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

21:45:34.0046 1640 lanmanserver - ok

21:45:34.0062 1640 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

21:45:34.0124 1640 lanmanworkstation - ok

21:45:34.0124 1640 lbrtfdc - ok

21:45:34.0202 1640 LightScribeService (5d4b38a8d8525356798f5e560c3a3090) C:\Program Files\Common Files\LightScribe\LSSrvc.exe

21:45:34.0218 1640 LightScribeService ( UnsignedFile.Multi.Generic ) - warning

21:45:34.0218 1640 LightScribeService - detected UnsignedFile.Multi.Generic (1)

21:45:34.0249 1640 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

21:45:34.0374 1640 LmHosts - ok

21:45:34.0421 1640 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe

21:45:34.0468 1640 McrdSvc - ok

21:45:34.0484 1640 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

21:45:34.0515 1640 mdmxsdk - ok

21:45:34.0531 1640 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

21:45:34.0640 1640 Messenger - ok

21:45:34.0687 1640 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll

21:45:34.0718 1640 MHN ( UnsignedFile.Multi.Generic ) - warning

21:45:34.0718 1640 MHN - detected UnsignedFile.Multi.Generic (1)

21:45:34.0749 1640 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys

21:45:34.0765 1640 MHNDRV ( UnsignedFile.Multi.Generic ) - warning

21:45:34.0765 1640 MHNDRV - detected UnsignedFile.Multi.Generic (1)

21:45:34.0781 1640 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

21:45:34.0890 1640 mnmdd - ok

21:45:34.0921 1640 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

21:45:35.0031 1640 mnmsrvc - ok

21:45:35.0062 1640 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

21:45:35.0171 1640 Modem - ok

21:45:35.0202 1640 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

21:45:35.0312 1640 Mouclass - ok

21:45:35.0343 1640 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

21:45:35.0452 1640 mouhid - ok

21:45:35.0484 1640 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

21:45:35.0577 1640 MountMgr - ok

21:45:35.0593 1640 mraid35x - ok

21:45:35.0593 1640 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

21:45:35.0718 1640 MRxDAV - ok

21:45:35.0749 1640 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

21:45:35.0781 1640 MRxSmb - ok

21:45:35.0827 1640 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys

21:45:35.0937 1640 MSDV - ok

21:45:35.0968 1640 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

21:45:36.0077 1640 Msfs - ok

21:45:36.0077 1640 MSIServer - ok

21:45:36.0109 1640 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

21:45:36.0202 1640 MSKSSRV - ok

21:45:36.0218 1640 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

21:45:36.0327 1640 MSPCLOCK - ok

21:45:36.0343 1640 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

21:45:36.0437 1640 MSPQM - ok

21:45:36.0452 1640 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

21:45:36.0562 1640 mssmbios - ok

21:45:36.0562 1640 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

21:45:36.0656 1640 MSTEE - ok

21:45:36.0687 1640 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

21:45:36.0702 1640 Mup - ok

21:45:36.0796 1640 MysqlInventime - ok

21:45:36.0812 1640 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

21:45:36.0921 1640 NABTSFEC - ok

21:45:36.0968 1640 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

21:45:37.0093 1640 napagent - ok

21:45:37.0124 1640 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

21:45:37.0234 1640 NDIS - ok

21:45:37.0249 1640 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

21:45:37.0359 1640 NdisIP - ok

21:45:37.0390 1640 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

21:45:37.0437 1640 NdisTapi - ok

21:45:37.0452 1640 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

21:45:37.0546 1640 Ndisuio - ok

21:45:37.0562 1640 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

21:45:37.0656 1640 NdisWan - ok

21:45:37.0702 1640 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

21:45:37.0734 1640 NDProxy - ok

21:45:37.0765 1640 Net Driver HPZ12 (a081cb6fb9a12668f233eb5414be3a0e) C:\WINDOWS\system32\HPZinw12.dll

21:45:37.0765 1640 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

21:45:37.0765 1640 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

21:45:37.0781 1640 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

21:45:37.0890 1640 NetBIOS - ok

21:45:37.0921 1640 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

21:45:38.0031 1640 NetBT - ok

21:45:38.0077 1640 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

21:45:38.0187 1640 NetDDE - ok

21:45:38.0187 1640 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

21:45:38.0296 1640 NetDDEdsdm - ok

21:45:38.0327 1640 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

21:45:38.0437 1640 Netlogon - ok

21:45:38.0452 1640 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

21:45:38.0562 1640 Netman - ok

21:45:38.0593 1640 NetProbe (44831972666e9989b375c05f010944b2) C:\WINDOWS\system32\DRIVERS\netprobe.sys

21:45:38.0624 1640 NetProbe ( UnsignedFile.Multi.Generic ) - warning

21:45:38.0624 1640 NetProbe - detected UnsignedFile.Multi.Generic (1)

21:45:38.0718 1640 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

21:45:38.0734 1640 NetTcpPortSharing - ok

21:45:38.0781 1640 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

21:45:38.0890 1640 NIC1394 - ok

21:45:38.0937 1640 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

21:45:38.0984 1640 Nla - ok

21:45:38.0999 1640 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

21:45:39.0109 1640 Npfs - ok

21:45:39.0140 1640 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

21:45:39.0265 1640 Ntfs - ok

21:45:39.0296 1640 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

21:45:39.0390 1640 NtLmSsp - ok

21:45:39.0452 1640 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

21:45:39.0562 1640 NtmsSvc - ok

21:45:39.0577 1640 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

21:45:39.0687 1640 Null - ok

21:45:39.0702 1640 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

21:45:39.0827 1640 NwlnkFlt - ok

21:45:39.0827 1640 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

21:45:39.0937 1640 NwlnkFwd - ok

21:45:40.0109 1640 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

21:45:40.0124 1640 odserv - ok

21:45:40.0171 1640 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

21:45:40.0281 1640 ohci1394 - ok

21:45:40.0327 1640 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:45:40.0343 1640 ose - ok

21:45:40.0374 1640 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

21:45:40.0484 1640 Parport - ok

21:45:40.0499 1640 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

21:45:40.0609 1640 PartMgr - ok

21:45:40.0624 1640 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

21:45:40.0749 1640 ParVdm - ok

21:45:40.0765 1640 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

21:45:40.0859 1640 PCI - ok

21:45:40.0874 1640 PCIDump - ok

21:45:40.0874 1640 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

21:45:40.0999 1640 PCIIde - ok

21:45:40.0999 1640 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

21:45:41.0109 1640 Pcmcia - ok

21:45:41.0109 1640 PDCOMP - ok

21:45:41.0124 1640 PDFRAME - ok

21:45:41.0124 1640 PDRELI - ok

21:45:41.0140 1640 PDRFRAME - ok

21:45:41.0156 1640 perc2 - ok

21:45:41.0156 1640 perc2hib - ok

21:45:41.0202 1640 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

21:45:41.0218 1640 PlugPlay - ok

21:45:41.0249 1640 Pml Driver HPZ12 (65bc271f337637731d3c71455ae1f476) C:\WINDOWS\system32\HPZipm12.dll

21:45:41.0249 1640 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

21:45:41.0249 1640 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

21:45:41.0281 1640 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

21:45:41.0374 1640 PolicyAgent - ok

21:45:41.0406 1640 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

21:45:41.0515 1640 PptpMiniport - ok

21:45:41.0515 1640 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

21:45:41.0624 1640 ProtectedStorage - ok

21:45:41.0640 1640 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys

21:45:41.0671 1640 Ps2 - ok

21:45:41.0671 1640 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

21:45:41.0796 1640 PSched - ok

21:45:41.0796 1640 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

21:45:41.0921 1640 Ptilink - ok

21:45:41.0968 1640 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys

21:45:41.0968 1640 PxHelp20 - ok

21:45:41.0984 1640 ql1080 - ok

21:45:41.0984 1640 Ql10wnt - ok

21:45:41.0999 1640 ql12160 - ok

21:45:42.0015 1640 ql1240 - ok

21:45:42.0015 1640 ql1280 - ok

21:45:42.0046 1640 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

21:45:42.0140 1640 RasAcd - ok

21:45:42.0156 1640 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

21:45:42.0281 1640 RasAuto - ok

21:45:42.0296 1640 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

21:45:42.0406 1640 Rasl2tp - ok

21:45:42.0437 1640 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

21:45:42.0546 1640 RasMan - ok

21:45:42.0562 1640 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

21:45:42.0656 1640 RasPppoe - ok

21:45:42.0671 1640 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

21:45:42.0781 1640 Raspti - ok

21:45:42.0812 1640 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

21:45:42.0921 1640 Rdbss - ok

21:45:42.0937 1640 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

21:45:43.0046 1640 RDPCDD - ok

21:45:43.0093 1640 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

21:45:43.0202 1640 rdpdr - ok

21:45:43.0234 1640 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

21:45:43.0265 1640 RDPWD - ok

21:45:43.0296 1640 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

21:45:43.0406 1640 RDSessMgr - ok

21:45:43.0421 1640 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

21:45:43.0546 1640 redbook - ok

21:45:43.0577 1640 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

21:45:43.0702 1640 RemoteAccess - ok

21:45:43.0734 1640 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

21:45:43.0859 1640 RemoteRegistry - ok

21:45:43.0906 1640 RimUsb (0f6756ef8bda6dfa7be50465c83132bb) C:\WINDOWS\system32\Drivers\RimUsb.sys

21:45:43.0952 1640 RimUsb - ok

21:45:43.0968 1640 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\WINDOWS\system32\DRIVERS\RimSerial.sys

21:45:43.0984 1640 RimVSerPort - ok

21:45:43.0999 1640 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys

21:45:44.0124 1640 ROOTMODEM - ok

21:45:44.0249 1640 Roxio UPnP Renderer 9 (f3395d205dec030dce54d4575774cfba) C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe

21:45:44.0249 1640 Roxio UPnP Renderer 9 - ok

21:45:44.0281 1640 Roxio Upnp Server 9 (95519cbef94773af7cd2b26029dceea7) C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe

21:45:44.0296 1640 Roxio Upnp Server 9 - ok

21:45:44.0359 1640 RoxLiveShare9 (b9ea6e59e526b10a2a09f5b9d729797d) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe

21:45:44.0374 1640 RoxLiveShare9 - ok

21:45:44.0421 1640 RoxMediaDB9 (3daf385624abf3c3bbfb05cff2aca7d6) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

21:45:44.0468 1640 RoxMediaDB9 - ok

21:45:44.0499 1640 RoxWatch9 (8f366d03a7fda7527f76f01f695b0205) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

21:45:44.0499 1640 RoxWatch9 - ok

21:45:44.0577 1640 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

21:45:44.0687 1640 RpcLocator - ok

21:45:44.0734 1640 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll

21:45:44.0765 1640 RpcSs - ok

21:45:44.0812 1640 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

21:45:44.0937 1640 RSVP - ok

21:45:44.0984 1640 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS

21:45:45.0046 1640 rtl8139 - ok

21:45:45.0077 1640 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

21:45:45.0202 1640 SamSs - ok

21:45:45.0218 1640 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

21:45:45.0359 1640 SCardSvr - ok

21:45:45.0390 1640 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

21:45:45.0531 1640 Schedule - ok

21:45:45.0577 1640 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

21:45:45.0702 1640 Secdrv - ok

21:45:45.0734 1640 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

21:45:45.0859 1640 seclogon - ok

21:45:45.0874 1640 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

21:45:45.0999 1640 SENS - ok

21:45:46.0015 1640 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

21:45:46.0140 1640 Serial - ok

21:45:46.0171 1640 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

21:45:46.0296 1640 Sfloppy - ok

21:45:46.0327 1640 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

21:45:46.0437 1640 SharedAccess - ok

21:45:46.0484 1640 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

21:45:46.0515 1640 ShellHWDetection - ok

21:45:46.0515 1640 Simbad - ok

21:45:46.0562 1640 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe

21:45:46.0577 1640 SkypeUpdate - ok

21:45:46.0624 1640 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

21:45:46.0749 1640 SLIP - ok

21:45:46.0765 1640 Sparrow - ok

21:45:46.0796 1640 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

21:45:46.0906 1640 splitter - ok

21:45:46.0937 1640 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

21:45:46.0984 1640 Spooler - ok

21:45:46.0999 1640 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

21:45:47.0109 1640 sr - ok

21:45:47.0140 1640 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

21:45:47.0249 1640 srservice - ok

21:45:47.0281 1640 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

21:45:47.0296 1640 Srv - ok

21:45:47.0312 1640 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

21:45:47.0437 1640 SSDPSRV - ok

21:45:47.0468 1640 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

21:45:47.0577 1640 stisvc - ok

21:45:47.0624 1640 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

21:45:47.0718 1640 streamip - ok

21:45:47.0734 1640 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

21:45:47.0827 1640 swenum - ok

21:45:47.0859 1640 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

21:45:47.0968 1640 swmidi - ok

21:45:47.0984 1640 SwPrv - ok

21:45:47.0984 1640 symc810 - ok

21:45:47.0999 1640 symc8xx - ok

21:45:48.0046 1640 symlcbrd (b226f8a4d780acdf76145b58bb791d5b) C:\WINDOWS\system32\drivers\symlcbrd.sys

21:45:48.0046 1640 symlcbrd - ok

21:45:48.0062 1640 sym_hi - ok

21:45:48.0077 1640 sym_u3 - ok

21:45:48.0093 1640 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

21:45:48.0202 1640 sysaudio - ok

21:45:48.0218 1640 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

21:45:48.0327 1640 SysmonLog - ok

21:45:48.0359 1640 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

21:45:48.0499 1640 TapiSrv - ok

21:45:48.0562 1640 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

21:45:48.0609 1640 Tcpip - ok

21:45:48.0640 1640 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

21:45:48.0734 1640 TDPIPE - ok

21:45:48.0749 1640 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

21:45:48.0859 1640 TDTCP - ok

21:45:48.0874 1640 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

21:45:48.0999 1640 TermDD - ok

21:45:49.0031 1640 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

21:45:49.0171 1640 TermService - ok

21:45:49.0202 1640 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

21:45:49.0234 1640 Themes - ok

21:45:49.0265 1640 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe

21:45:49.0390 1640 TlntSvr - ok

21:45:49.0406 1640 TosIde - ok

21:45:49.0406 1640 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

21:45:49.0546 1640 TrkWks - ok

21:45:49.0562 1640 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

21:45:49.0656 1640 Udfs - ok

21:45:49.0671 1640 ultra - ok

21:45:49.0702 1640 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

21:45:49.0843 1640 Update - ok

21:45:49.0906 1640 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

21:45:50.0031 1640 upnphost - ok

21:45:50.0062 1640 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

21:45:50.0171 1640 UPS - ok

21:45:50.0218 1640 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

21:45:50.0327 1640 usbaudio - ok

21:45:50.0359 1640 USBBULK (219967585c77cf22e557841be8d30661) C:\WINDOWS\system32\Drivers\USBBULK.sys

21:45:50.0374 1640 USBBULK ( UnsignedFile.Multi.Generic ) - warning

21:45:50.0374 1640 USBBULK - detected UnsignedFile.Multi.Generic (1)

21:45:50.0421 1640 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

21:45:50.0515 1640 usbccgp - ok

21:45:50.0562 1640 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

21:45:50.0671 1640 usbehci - ok

21:45:50.0671 1640 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

21:45:50.0781 1640 usbhub - ok

21:45:50.0796 1640 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

21:45:50.0906 1640 usbprint - ok

21:45:50.0937 1640 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

21:45:51.0031 1640 usbscan - ok

21:45:51.0046 1640 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

21:45:51.0156 1640 usbstor - ok

21:45:51.0171 1640 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

21:45:51.0265 1640 usbuhci - ok

21:45:51.0281 1640 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

21:45:51.0390 1640 VgaSave - ok

21:45:51.0421 1640 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

21:45:51.0531 1640 ViaIde - ok

21:45:51.0546 1640 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

21:45:51.0640 1640 VolSnap - ok

21:45:51.0702 1640 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

21:45:51.0796 1640 VSS - ok

21:45:51.0890 1640 VX6000 (719bac5b5a9c2c1fdf7323fb7e36ca32) C:\WINDOWS\system32\DRIVERS\VX6000Xp.sys

21:45:51.0968 1640 VX6000 - ok

21:45:52.0015 1640 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

21:45:52.0156 1640 W32Time - ok

21:45:52.0187 1640 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

21:45:52.0312 1640 Wanarp - ok

21:45:52.0327 1640 WDICA - ok

21:45:52.0343 1640 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

21:45:52.0468 1640 wdmaud - ok

21:45:52.0499 1640 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

21:45:52.0609 1640 WebClient - ok

21:45:52.0656 1640 winachsx (11ec1afceb5c917ce73d3c301ff4291e) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys

21:45:52.0671 1640 winachsx - ok

21:45:52.0718 1640 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

21:45:52.0827 1640 winmgmt - ok

21:45:52.0937 1640 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

21:45:52.0999 1640 wlidsvc - ok

21:45:53.0046 1640 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll

21:45:53.0077 1640 WmdmPmSN - ok

21:45:53.0124 1640 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll

21:45:53.0187 1640 Wmi - ok

21:45:53.0265 1640 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

21:45:53.0390 1640 WmiApSrv - ok

21:45:53.0499 1640 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe

21:45:53.0577 1640 WMPNetworkSvc - ok

21:45:53.0687 1640 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

21:45:53.0843 1640 wscsvc - ok

21:45:53.0843 1640 WSearch - ok

21:45:53.0906 1640 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

21:45:54.0031 1640 WSTCODEC - ok

21:45:54.0046 1640 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

21:45:54.0171 1640 wuauserv - ok

21:45:54.0218 1640 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

21:45:54.0249 1640 WudfPf - ok

21:45:54.0281 1640 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

21:45:54.0296 1640 WudfRd - ok

21:45:54.0327 1640 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll

21:45:54.0359 1640 WudfSvc - ok

21:45:54.0406 1640 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

21:45:54.0546 1640 WZCSVC - ok

21:45:54.0577 1640 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

21:45:54.0671 1640 xmlprov - ok

21:45:54.0718 1640 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

21:45:54.0749 1640 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected

21:45:54.0749 1640 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)

21:45:54.0749 1640 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

21:45:54.0749 1640 \Device\Harddisk0\DR0 - detected TDSS File System (1)

21:45:54.0749 1640 Boot (0x1200) (245f68a6058a02c7da05c1a1d4a31fc1) \Device\Harddisk0\DR0\Partition0

21:45:54.0749 1640 \Device\Harddisk0\DR0\Partition0 - ok

21:45:54.0781 1640 Boot (0x1200) (86b882df8557ee600199423aca280b0f) \Device\Harddisk0\DR0\Partition1

21:45:54.0781 1640 \Device\Harddisk0\DR0\Partition1 - ok

21:45:54.0781 1640 ============================================================

21:45:54.0781 1640 Scan finished

21:45:54.0781 1640 ============================================================

21:45:54.0890 0324 Detected object count: 17

21:45:54.0890 0324 Actual detected object count: 17

21:46:41.0640 0324 BANTExt ( UnsignedFile.Multi.Generic ) - skipped by user

21:46:41.0640 0324 BANTExt ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:46:41.0640 0324 ELhid ( UnsignedFile.Multi.Generic ) - skipped by user

21:46:41.0640 0324 ELhid ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:46:41.0640 0324 ELkbd ( UnsignedFile.Multi.Generic ) - skipped by user

21:46:41.0640 0324 ELkbd ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:46:41.0640 0324 ELmon ( UnsignedFile.Multi.Generic ) - skipped by user

21:46:41.0640 0324 ELmon ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:46:41.0640 0324 ELmou ( UnsignedFile.Multi.Generic ) - skipped by user

21:46:41.0640 0324 ELmou ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:46:41.0640 0324 ELService ( UnsignedFile.Multi.Generic ) - skipped by user

21:46:41.0640 0324 ELService ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:46:41.0640 0324 IAANTMON ( UnsignedFile.Multi.Generic ) - skipped by user

21:46:41.0640 0324 IAANTMON ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:46:41.0656 0324 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

21:46:41.0656 0324 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:46:41.0656 0324 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

21:46:41.0656 0324 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:46:41.0656 0324 MHN ( UnsignedFile.Multi.Generic ) - skipped by user

21:46:41.0656 0324 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:46:41.0656 0324 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user

21:46:41.0656 0324 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:46:41.0656 0324 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

21:46:41.0656 0324 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:46:41.0656 0324 NetProbe ( UnsignedFile.Multi.Generic ) - skipped by user

21:46:41.0656 0324 NetProbe ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:46:41.0656 0324 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

21:46:41.0656 0324 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:46:41.0656 0324 USBBULK ( UnsignedFile.Multi.Generic ) - skipped by user

21:46:41.0656 0324 USBBULK ( UnsignedFile.Multi.Generic ) - User select action: Skip

21:46:42.0077 0324 \Device\Harddisk0\DR0\# - copied to quarantine

21:46:42.0077 0324 \Device\Harddisk0\DR0 - copied to quarantine

21:46:42.0093 0324 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine

21:46:42.0093 0324 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine

21:46:42.0093 0324 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine

21:46:42.0093 0324 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

21:46:42.0109 0324 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

21:46:42.0109 0324 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

21:46:42.0109 0324 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

21:46:42.0109 0324 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

21:46:42.0109 0324 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot

21:46:42.0124 0324 \Device\Harddisk0\DR0 - ok

21:46:42.0124 0324 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure

21:46:42.0124 0324 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

21:46:42.0124 0324 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

21:47:52.0874 2512 Deinitialize success

zeroth · April 5, 2012

Malwarebytes Anti-Malware 1.60.1.1000

www.malwarebytes.org

Database version: v2012.04.04.10

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 7.0.5730.13

HP_Administrator :: MEKSIKATSI [administrator]

4/4/2012 9:55:46 PM

mbam-log-2012-04-04 (21-55-46).txt

Scan type: Quick scan

Scan options disabled: P2P

Objects scanned: 231179

Time elapsed: 17 minute(s), 49 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

DDS (Ver_10-11-10.01) - NTFSx86

Run by HP_Administrator at 22:18:54.56 on Wed 04/04/2012

Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_31

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3574.2810 [GMT -4:00]

AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\Program Files\Emsisoft Anti-Malware\a2service.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\Comodo\Dragon\dragon_updater.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\system32\svchost.exe -k HPService

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

svchost.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\AVAST Software\Avast\avastUI.exe

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

C:\Program Files\Comodo\Dragon\dragon.exe

C:\WINDOWS\system32\SearchProtocolHost.exe