dds.txt and attach.txt pasted here

[nicholsmf]

Google searches are being redirected to different sites. I appreciate any assistance I could get. Files attached and pasted below.

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by HP_Administrator at 10:58:22 on 2012-04-14

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1982.1331 [GMT -4:00]

.

AV: PC Cleaners *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

FW: McAfee Firewall *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\DISC\DISCover.exe

C:\Program Files\DISC\DiscUpdMgr.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\McAfee\MAT\McPvTray.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe

svchost.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\mfevtps.exe

C:\Program Files\McAfee Online Backup\MOBKbackup.exe

C:\WINDOWS\system32\nvsvc32.exe

svchost.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\DISC\DiscStreamHub.exe

c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

c:\windows\system\hpsysdrv.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/

uSearch Page =

uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8

uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PAVILION&pf=desktop

uWindow Title = Windows Internet Explorer provided by Yahoo!

mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PAVILION&pf=desktop

uSearchAssistant =

mSearchAssistant =

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120215081217.dll

BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe

mRun: [DISCover] c:\program files\disc\DISCover.exe

mRun: [DiscUpdateManager] c:\program files\disc\DiscUpdMgr.exe

mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE

mRun: [PCDrProfiler]

mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [<NO NAME>]

mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [McPvTray_exe] "c:\program files\mcafee\mat\McPvTray.exe"

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\9972322\program\Updates from HP.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: trymedia.com

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 192.168.0.1

TCP: Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D} : DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243

TCP: Interfaces\{B45DB883-7F4E-460A-8AA5-CCBF54E84825} : DhcpNameServer = 192.168.0.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\4um13jxu.default\

FF - prefs.js: browser.startup.homepage - www.yahoo.com

FF - plugin: c:\documents and settings\hp_administrator\local settings\application data\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2012-2-15 64048]

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-3-13 464176]

R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2011-9-17 89792]

R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2012-2-15 54776]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-2-15 214904]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-2-15 214904]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-2-15 214904]

R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-2-15 214904]

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2012-2-15 166288]

R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2012-2-15 160608]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-9-17 150856]

R2 MOBKbackup;McAfee Online Backup;c:\program files\mcafee online backup\MOBKbackup.exe [2010-4-13 229688]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-9-17 57600]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-9-17 180816]

R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-9-17 59456]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-9-17 338176]

R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2011-9-17 83856]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2011-9-17 83856]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-9-17 87656]

.

=============== Created Last 30 ================

.

2012-04-12 21:22:38 -------- d-----w- c:\documents and settings\hp_administrator\application data\Malwarebytes

2012-04-12 21:22:08 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-04-12 21:22:05 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-04-12 21:22:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-04-04 05:53:56 182160 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

2012-03-29 23:35:10 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\{D1A2FCCB-79F7-11E1-826D-B8AC6F996F26}

2012-03-25 18:21:13 -------- d-----w- c:\documents and settings\hp_administrator\application data\Unity

2012-03-25 17:22:12 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\Unity

2012-03-15 16:30:21 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll

2012-03-15 16:30:21 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll

.

==================== Find3M ====================

.

2012-03-15 15:10:33 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-03-01 11:01:32 916992 ----a-w- c:\windows\system32\wininet.dll

2012-03-01 11:01:32 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-03-01 11:01:32 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-02-29 14:10:16 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-02-29 14:10:16 148480 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 12:17:40 385024 ----a-w- c:\windows\system32\html.iec

2012-02-07 15:02:40 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX

2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys

.

============= FINISH: 10:59:10.46 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 9/17/2011 2:07:05 PM

System Uptime: 4/12/2012 5:36:14 PM (41 hours ago)

.

Motherboard: ASUSTek Computer INC. | | NODUSM

Processor: AMD Athlon™ 64 X2 Dual Core Processor 4200+ | Socket AM2 | 2204/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 222 GiB total, 202.517 GiB free.

D: is FIXED (FAT32) - 11 GiB total, 5.587 GiB free.

E: is CDROM ()

F: is Removable

G: is Removable

H: is Removable

I: is Removable

J: is Removable

K: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP137: 1/15/2012 3:52:49 PM - System Checkpoint

RP138: 1/16/2012 4:47:29 PM - System Checkpoint

RP139: 1/17/2012 5:29:49 PM - System Checkpoint

RP140: 1/18/2012 4:06:29 PM - Installed Comcast Desktop Software (v1.2.1)

RP141: 1/19/2012 4:39:09 PM - System Checkpoint

RP142: 1/20/2012 10:46:20 PM - System Checkpoint

RP143: 1/22/2012 12:22:16 AM - System Checkpoint

RP144: 1/27/2012 7:12:09 AM - Removed CA Pest Patrol Realtime Protection

RP145: 1/27/2012 7:12:29 AM - Removed Comcast Desktop Software (v1.2.1)

RP146: 1/27/2012 7:19:18 AM - Removed muvee autoProducer 5.0

RP147: 1/27/2012 7:20:07 AM - Removed muvee autoProducer unPlugged 2.0

RP148: 1/28/2012 8:21:57 AM - System Checkpoint

RP149: 1/29/2012 8:52:33 AM - System Checkpoint

RP150: 1/30/2012 9:37:28 AM - System Checkpoint

RP151: 1/31/2012 9:38:35 AM - System Checkpoint

RP152: 2/1/2012 10:37:30 AM - System Checkpoint

RP153: 2/2/2012 11:26:26 AM - System Checkpoint

RP154: 2/3/2012 11:26:33 AM - System Checkpoint

RP155: 2/4/2012 12:01:43 PM - System Checkpoint

RP156: 2/5/2012 12:30:37 PM - System Checkpoint

RP157: 2/6/2012 12:57:59 PM - System Checkpoint

RP158: 2/7/2012 9:06:17 PM - System Checkpoint

RP159: 2/8/2012 9:11:00 PM - System Checkpoint

RP160: 2/9/2012 9:43:01 PM - System Checkpoint

RP161: 2/10/2012 10:16:03 PM - System Checkpoint

RP162: 2/11/2012 7:23:45 PM - Installed Image Resizer Powertoy for Windows XP

RP163: 2/12/2012 7:31:01 PM - System Checkpoint

RP164: 2/13/2012 8:45:07 PM - System Checkpoint

RP165: 2/14/2012 9:31:01 PM - System Checkpoint

RP166: 2/15/2012 3:00:14 AM - Software Distribution Service 3.0

RP167: 2/16/2012 3:25:13 AM - System Checkpoint

RP168: 2/17/2012 4:23:31 AM - System Checkpoint

RP169: 2/18/2012 4:41:45 AM - System Checkpoint

RP170: 2/19/2012 7:06:26 AM - Installed Microsoft Office Professional 2007

RP171: 2/20/2012 3:00:28 AM - Software Distribution Service 3.0

RP172: 2/20/2012 9:19:21 AM - Software Distribution Service 3.0

RP173: 2/21/2012 3:00:22 AM - Software Distribution Service 3.0

RP174: 2/22/2012 3:00:16 AM - Software Distribution Service 3.0

RP175: 2/23/2012 3:04:44 AM - System Checkpoint

RP176: 2/24/2012 4:04:38 AM - System Checkpoint

RP177: 2/25/2012 5:04:44 AM - System Checkpoint

RP178: 2/26/2012 6:04:38 AM - System Checkpoint

RP179: 2/27/2012 6:16:39 AM - System Checkpoint

RP180: 2/28/2012 7:10:03 AM - System Checkpoint

RP181: 2/29/2012 8:35:30 AM - System Checkpoint

RP182: 3/1/2012 9:04:40 AM - System Checkpoint

RP183: 3/2/2012 9:45:55 AM - System Checkpoint

RP184: 3/3/2012 10:21:34 AM - System Checkpoint

RP185: 3/4/2012 11:53:33 AM - System Checkpoint

RP186: 3/5/2012 3:43:19 PM - System Checkpoint

RP187: 3/6/2012 7:24:29 PM - System Checkpoint

RP188: 3/7/2012 8:14:55 PM - System Checkpoint

RP189: 3/8/2012 9:12:14 PM - System Checkpoint

RP190: 3/9/2012 11:16:39 PM - System Checkpoint

RP191: 3/11/2012 12:59:03 PM - System Checkpoint

RP192: 3/13/2012 6:19:51 PM - System Checkpoint

RP193: 3/15/2012 3:00:15 AM - Software Distribution Service 3.0

RP194: 3/16/2012 3:24:14 AM - System Checkpoint

RP195: 3/17/2012 4:24:08 AM - System Checkpoint

RP196: 3/18/2012 7:16:11 AM - System Checkpoint

RP197: 3/19/2012 7:24:08 AM - System Checkpoint

RP198: 3/20/2012 8:24:05 AM - System Checkpoint

RP199: 3/21/2012 9:37:34 AM - System Checkpoint

RP200: 3/22/2012 10:24:09 AM - System Checkpoint

RP201: 3/23/2012 11:24:17 AM - System Checkpoint

RP202: 3/24/2012 11:25:24 AM - System Checkpoint

RP203: 3/25/2012 12:39:12 PM - System Checkpoint

RP204: 3/26/2012 12:50:17 PM - System Checkpoint

RP205: 3/27/2012 1:50:35 PM - System Checkpoint

RP206: 3/28/2012 2:06:16 PM - System Checkpoint

RP207: 3/29/2012 3:41:56 PM - System Checkpoint

RP208: 3/30/2012 4:16:16 PM - System Checkpoint

RP209: 3/31/2012 4:29:50 PM - System Checkpoint

RP210: 4/1/2012 5:24:21 PM - System Checkpoint

RP211: 4/2/2012 6:04:38 PM - System Checkpoint

RP212: 4/3/2012 6:04:53 PM - System Checkpoint

RP213: 4/4/2012 7:00:08 PM - System Checkpoint

RP214: 4/5/2012 8:30:41 PM - System Checkpoint

RP215: 4/6/2012 9:05:16 PM - System Checkpoint

RP216: 4/7/2012 10:05:29 PM - System Checkpoint

RP217: 4/8/2012 10:05:35 PM - System Checkpoint

RP218: 4/11/2012 3:00:19 AM - Software Distribution Service 3.0

RP219: 4/12/2012 3:26:39 AM - System Checkpoint

RP220: 4/13/2012 3:41:18 AM - System Checkpoint

RP221: 4/14/2012 3:53:23 AM - System Checkpoint

.

==== Installed Programs ======================

.

1600

1600_Help

1600Trb

3100_3200_3300_Help

3100_3200_3300trb

3300

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.3)

Adobe Shockwave Player 11.6

AiO_Scan

AiO_Scan_CDA

AiOSoftware

AiOSoftwareNPI

BufferChm

CameraDrivers

CameraUserGuides

CCleaner

CP_AtenaShokunin1Config

CP_CalendarTemplates1

cp_LightScribeConfig

cp_OnlineProjectsConfig

CP_Package_Basic1

CP_Package_Variety1

CP_Package_Variety2

CP_Package_Variety3

CP_Panorama1Config

cp_PosterPrintConfig

cp_UpdateProjectsConfig

CueTour

Customer Experience Enhancement

Data Fax SoftModem with SmartCP

Destinations

DeviceManagementQFolder

DISCover

DocProc

DocumentViewer

Fax

Fax_CDA

High Definition Audio Driver Package - KB888111

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 10 (KB910393)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB981793)

HP Boot Optimizer

HP Deskjet Printer Preload

HP Document Viewer 6.1

HP Imaging Device Functions 7.0

HP Photosmart 330,380,420,470,7800,8000,8200 Series

HP Photosmart Cameras 6.0

HP Photosmart for Media Center PC

HP Photosmart Premier Software 6.5

HP Product Assistant

HP PSC & OfficeJet 5.3.B

HP PSC & OfficeJet 6.1.A

HP Rhapsody

HP Solution Center and Imaging Support Tools 6.1

HP Update

HP Web Helper

hpiCamDrvQFolder

HPPhotoSmartExpress

HPProductAssistant

HpSdpAppCoreApp

Image Resizer Powertoy for Windows XP

InstantShareAlert

InstantShareDevices

Java Auto Updater

Java™ 6 Update 29

Malwarebytes Anti-Malware version 1.61.0.1400

McAfee Online Backup

McAfee Security Scan Plus

McAfee Total Protection

Microsoft .NET Framework 1.0 Hotfix (KB2572066)

Microsoft .NET Framework 1.0 Hotfix (KB2656378)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Office XP Media Content

Microsoft Software Update for Web Folders (English) 12

Mozilla Firefox 11.0 (x86 en-US)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NewCopy

NewCopy_CDA

NVIDIA Drivers

OptionalContentQFolder

PanoStandAlone

PC-Doctor 5 for Windows

PhotoGallery

ProductContext

ProductContextNPI

PSPrinters08

PSTAPlugin

RandMap

Readme

Realtek High Definition Audio Driver

Scan

ScannerCopy

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Windows (KB2564958)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982381)

Security Update for Windows XP (KB982665)

SkinsHP1

SlideShow

SlideShowMusic

SolutionCenter

Sonic_PrimoSDK

Status

swMSM

Toolbox

TrayApp

Unity Web Player

Unload

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Media Player 10 (KB913800)

Update for Windows Media Player 10 (KB926251)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2616676-v2)

Update for Windows XP (KB2641690)

Update for Windows XP (KB951978)

Update for Windows XP (KB953356)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update Rollup 2 for Windows XP Media Center Edition 2005

Updates from HP (remove only)

WebFldrs XP

WebReg

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format Runtime

Windows XP Media Center Edition 2005 KB2502898

Windows XP Media Center Edition 2005 KB2619340

Windows XP Media Center Edition 2005 KB2628259

Windows XP Media Center Edition 2005 KB908246

Windows XP Media Center Edition 2005 KB912067

Windows XP Media Center Edition 2005 KB973768

Windows XP Service Pack 3

.

==== Event Viewer Messages From Past Week ========

.

4/9/2012 7:52:14 AM, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 3 time(s).

4/9/2012 7:52:14 AM, error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/9/2012 7:52:14 AM, error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/9/2012 7:52:14 AM, error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/9/2012 7:52:14 AM, error: Service Control Manager [7031] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/9/2012 7:52:14 AM, error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/9/2012 7:52:14 AM, error: Service Control Manager [7031] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/13/2012 6:18:58 AM, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s).

4/12/2012 5:36:51 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: iaStor IntelIde ViaIde

4/12/2012 5:36:47 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.

.

==== End Of File ===========================

attach.txt

dds.txt

[Maniac]

Hello nicholsmf and ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  

Step 1

Download the latest version of TDSSKiller from here and save it to your Desktop.

1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
   
   
2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
   
   
3. Click the Start Scan button.
   
   
4. If a suspicious object is detected, the default action will be Skip, click on Continue.
   
   
5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
   
6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
   
   
7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
   

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Step 2

• Launch Malwarebytes' Anti-Malware
  
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  
• Go to Scanner tab and select Perform Quick Scan, then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

• TDSSKiller log
  
• Malwarebytes' Anti-Malware log
  
• a new fresh DDS log file

[nicholsmf]

12:47:36.0484 5848 TDSS rootkit removing tool 2.7.28.0 Apr 10 2012 16:54:05

12:47:38.0484 5848 ============================================================

12:47:38.0484 5848 Current date / time: 2012/04/16 12:47:38.0484

12:47:38.0484 5848 SystemInfo:

12:47:38.0484 5848

12:47:38.0484 5848 OS Version: 5.1.2600 ServicePack: 3.0

12:47:38.0484 5848 Product type: Workstation

12:47:38.0484 5848 ComputerName: YOUR-4DACD0EA75

12:47:38.0484 5848 UserName: HP_Administrator

12:47:38.0484 5848 Windows directory: C:\WINDOWS

12:47:38.0484 5848 System windows directory: C:\WINDOWS

12:47:38.0484 5848 Processor architecture: Intel x86

12:47:38.0484 5848 Number of processors: 2

12:47:38.0484 5848 Page size: 0x1000

12:47:38.0484 5848 Boot type: Normal boot

12:47:38.0484 5848 ============================================================

12:47:40.0140 5848 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

12:47:40.0171 5848 Drive \Device\Harddisk6\DR25 - Size: 0x7B800000 (1.93 Gb), SectorSize: 0x200, Cylinders: 0xFB, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

12:47:40.0171 5848 \Device\Harddisk0\DR0:

12:47:40.0171 5848 MBR used

12:47:40.0171 5848 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BCB36A3

12:47:40.0171 5848 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x1BCB75A3, BlocksNum 0x150CFDE

12:47:40.0171 5848 \Device\Harddisk6\DR25:

12:47:40.0171 5848 MBR used

12:47:40.0171 5848 \Device\Harddisk6\DR25\Partition0: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x3DBFE0

12:47:40.0218 5848 Initialize success

12:47:40.0218 5848 ============================================================

12:47:46.0656 2132 ============================================================

12:47:46.0656 2132 Scan started

12:47:46.0656 2132 Mode: Manual;

12:47:46.0656 2132 ============================================================

12:47:46.0984 2132 Abiosdsk - ok

12:47:47.0000 2132 abp480n5 - ok

12:47:47.0031 2132 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

12:47:47.0031 2132 ACPI - ok

12:47:47.0078 2132 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

12:47:47.0078 2132 ACPIEC - ok

12:47:47.0093 2132 adpu160m - ok

12:47:47.0109 2132 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

12:47:47.0140 2132 aec - ok

12:47:47.0171 2132 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

12:47:47.0171 2132 AFD - ok

12:47:47.0187 2132 Aha154x - ok

12:47:47.0203 2132 aic78u2 - ok

12:47:47.0203 2132 aic78xx - ok

12:47:47.0250 2132 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

12:47:47.0250 2132 Alerter - ok

12:47:47.0265 2132 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

12:47:47.0281 2132 ALG - ok

12:47:47.0281 2132 AliIde - ok

12:47:47.0312 2132 AmdK8 (59301936898ae62245a6f09c0aba9475) C:\WINDOWS\system32\DRIVERS\AmdK8.sys

12:47:47.0406 2132 AmdK8 - ok

12:47:47.0406 2132 amsint - ok

12:47:47.0453 2132 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

12:47:47.0468 2132 AppMgmt - ok

12:47:47.0484 2132 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

12:47:47.0484 2132 Arp1394 - ok

12:47:47.0515 2132 asc - ok

12:47:47.0531 2132 asc3350p - ok

12:47:47.0546 2132 asc3550 - ok

12:47:47.0625 2132 aspnet_state (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe

12:47:47.0656 2132 aspnet_state - ok

12:47:47.0687 2132 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

12:47:47.0703 2132 AsyncMac - ok

12:47:47.0718 2132 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

12:47:47.0718 2132 atapi - ok

12:47:47.0734 2132 Atdisk - ok

12:47:47.0765 2132 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

12:47:47.0781 2132 Atmarpc - ok

12:47:47.0828 2132 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

12:47:47.0843 2132 AudioSrv - ok

12:47:47.0859 2132 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

12:47:47.0875 2132 audstub - ok

12:47:47.0890 2132 bb-run (7270d070173b20ac9487ea16bb08b45f) C:\WINDOWS\system32\DRIVERS\bb-run.sys

12:47:47.0890 2132 bb-run - ok

12:47:47.0906 2132 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

12:47:47.0921 2132 Beep - ok

12:47:47.0968 2132 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

12:47:48.0000 2132 BITS - ok

12:47:48.0046 2132 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

12:47:48.0046 2132 Browser - ok

12:47:48.0078 2132 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

12:47:48.0093 2132 cbidf2k - ok

12:47:48.0109 2132 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

12:47:48.0125 2132 CCDECODE - ok

12:47:48.0140 2132 cd20xrnt - ok

12:47:48.0156 2132 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

12:47:48.0156 2132 Cdaudio - ok

12:47:48.0187 2132 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

12:47:48.0203 2132 Cdfs - ok

12:47:48.0218 2132 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

12:47:48.0234 2132 Cdrom - ok

12:47:48.0281 2132 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\WINDOWS\system32\drivers\cfwids.sys

12:47:48.0453 2132 cfwids - ok

12:47:48.0468 2132 Changer - ok

12:47:48.0500 2132 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

12:47:48.0515 2132 CiSvc - ok

12:47:48.0546 2132 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

12:47:48.0562 2132 ClipSrv - ok

12:47:48.0562 2132 CmdIde - ok

12:47:48.0578 2132 COMSysApp - ok

12:47:48.0593 2132 Cpqarray - ok

12:47:48.0625 2132 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

12:47:48.0625 2132 CryptSvc - ok

12:47:48.0640 2132 dac2w2k - ok

12:47:48.0656 2132 dac960nt - ok

12:47:48.0687 2132 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

12:47:48.0687 2132 DcomLaunch - ok

12:47:48.0734 2132 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

12:47:48.0734 2132 Dhcp - ok

12:47:48.0750 2132 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

12:47:48.0750 2132 Disk - ok

12:47:48.0765 2132 dmadmin - ok

12:47:48.0796 2132 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

12:47:48.0828 2132 dmboot - ok

12:47:48.0843 2132 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

12:47:48.0843 2132 dmio - ok

12:47:48.0859 2132 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

12:47:48.0859 2132 dmload - ok

12:47:48.0859 2132 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

12:47:48.0875 2132 dmserver - ok

12:47:48.0890 2132 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

12:47:48.0890 2132 DMusic - ok

12:47:48.0937 2132 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

12:47:48.0937 2132 Dnscache - ok

12:47:48.0968 2132 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

12:47:48.0984 2132 Dot3svc - ok

12:47:49.0000 2132 dpti2o - ok

12:47:49.0015 2132 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

12:47:49.0015 2132 drmkaud - ok

12:47:49.0046 2132 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

12:47:49.0046 2132 EapHost - ok

12:47:49.0093 2132 ehRecvr (d039a0c347632622934906bd59a4e1ea) C:\WINDOWS\eHome\ehRecvr.exe

12:47:49.0187 2132 ehRecvr - ok

12:47:49.0203 2132 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe

12:47:49.0296 2132 ehSched - ok

12:47:49.0312 2132 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

12:47:49.0312 2132 ERSvc - ok

12:47:49.0343 2132 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

12:47:49.0343 2132 Eventlog - ok

12:47:49.0375 2132 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

12:47:49.0375 2132 EventSystem - ok

12:47:49.0390 2132 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

12:47:49.0390 2132 Fastfat - ok

12:47:49.0437 2132 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

12:47:49.0437 2132 FastUserSwitchingCompatibility - ok

12:47:49.0468 2132 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe

12:47:49.0484 2132 Fax - ok

12:47:49.0500 2132 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

12:47:49.0515 2132 Fdc - ok

12:47:49.0531 2132 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

12:47:49.0546 2132 Fips - ok

12:47:49.0546 2132 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

12:47:49.0562 2132 Flpydisk - ok

12:47:49.0593 2132 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

12:47:49.0593 2132 FltMgr - ok

12:47:49.0609 2132 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

12:47:49.0609 2132 Fs_Rec - ok

12:47:49.0625 2132 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

12:47:49.0625 2132 Ftdisk - ok

12:47:49.0640 2132 ftsata2 (22399d3ce5840c6082844679cca5d2fc) C:\WINDOWS\system32\DRIVERS\ftsata2.sys

12:47:49.0640 2132 ftsata2 - ok

12:47:49.0656 2132 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

12:47:49.0671 2132 Gpc - ok

12:47:49.0687 2132 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

12:47:49.0687 2132 HDAudBus - ok

12:47:49.0734 2132 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

12:47:49.0750 2132 helpsvc - ok

12:47:49.0750 2132 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll

12:47:49.0750 2132 HidServ - ok

12:47:49.0781 2132 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

12:47:49.0781 2132 HidUsb - ok

12:47:49.0812 2132 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

12:47:49.0828 2132 hkmsvc - ok

12:47:49.0875 2132 HP Port Resolver (c5f00d15aa15cb7f55a027ff75e44bb7) C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE

12:47:49.0968 2132 HP Port Resolver - ok

12:47:50.0000 2132 HP Status Server (c5a288e4ceef5a26d105117baa3763ab) C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE

12:47:50.0015 2132 HP Status Server - ok

12:47:50.0015 2132 hpn - ok

12:47:50.0046 2132 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

12:47:50.0062 2132 HPZid412 - ok

12:47:50.0078 2132 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

12:47:50.0125 2132 HPZipr12 - ok

12:47:50.0156 2132 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

12:47:50.0218 2132 HPZius12 - ok

12:47:50.0250 2132 HSXHWBS2 (1f5c64b0c6b2e2f48735a77ae714ccb8) C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys

12:47:50.0406 2132 HSXHWBS2 - ok

12:47:50.0437 2132 HSX_DP (a7f8c9228898a1e871d2ae7082f50ac3) C:\WINDOWS\system32\DRIVERS\HSX_DP.sys

12:47:50.0625 2132 HSX_DP - ok

12:47:50.0656 2132 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

12:47:50.0656 2132 HTTP - ok

12:47:50.0687 2132 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

12:47:50.0703 2132 HTTPFilter - ok

12:47:50.0703 2132 i2omgmt - ok

12:47:50.0718 2132 i2omp - ok

12:47:50.0734 2132 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

12:47:50.0734 2132 i8042prt - ok

12:47:50.0781 2132 iaStor (9a65e42664d1534b68512caad0efe963) C:\WINDOWS\system32\DRIVERS\iaStor.sys

12:47:50.0875 2132 iaStor - ok

12:47:50.0937 2132 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

12:47:50.0953 2132 IDriverT - ok

12:47:50.0968 2132 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

12:47:50.0984 2132 Imapi - ok

12:47:51.0015 2132 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

12:47:51.0031 2132 ImapiService - ok

12:47:51.0046 2132 ini910u - ok

12:47:51.0171 2132 IntcAzAudAddService (64be56b8858ca0153c725c720ffd194f) C:\WINDOWS\system32\drivers\RtkHDAud.sys

12:47:51.0359 2132 IntcAzAudAddService - ok

12:47:51.0406 2132 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

12:47:51.0406 2132 IntelIde - ok

12:47:51.0437 2132 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

12:47:51.0437 2132 intelppm - ok

12:47:51.0453 2132 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

12:47:51.0468 2132 Ip6Fw - ok

12:47:51.0500 2132 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

12:47:51.0515 2132 IpFilterDriver - ok

12:47:51.0531 2132 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

12:47:51.0531 2132 IpInIp - ok

12:47:51.0546 2132 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

12:47:51.0578 2132 IpNat - ok

12:47:51.0593 2132 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

12:47:51.0593 2132 IPSec - ok

12:47:51.0625 2132 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

12:47:51.0625 2132 IRENUM - ok

12:47:51.0656 2132 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

12:47:51.0656 2132 isapnp - ok

12:47:51.0750 2132 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe

12:47:51.0843 2132 JavaQuickStarterService - ok

12:47:51.0859 2132 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

12:47:51.0875 2132 Kbdclass - ok

12:47:51.0890 2132 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

12:47:51.0906 2132 kbdhid - ok

12:47:51.0921 2132 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

12:47:51.0937 2132 kmixer - ok

12:47:51.0953 2132 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

12:47:51.0953 2132 KSecDD - ok

12:47:51.0984 2132 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

12:47:52.0000 2132 lanmanserver - ok

12:47:52.0000 2132 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

12:47:52.0015 2132 lanmanworkstation - ok

12:47:52.0015 2132 lbrtfdc - ok

12:47:52.0062 2132 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

12:47:52.0062 2132 LmHosts - ok

12:47:52.0109 2132 LVUSBSta (f7e15f2fe7790733df86e95a76556389) C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys

12:47:52.0281 2132 LVUSBSta - ok

12:47:52.0375 2132 LVUVC (92d03dc19eae9d0a86735705e374fdad) C:\WINDOWS\system32\DRIVERS\lvuvc.sys

12:47:52.0531 2132 LVUVC - ok

12:47:52.0578 2132 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

12:47:52.0578 2132 McAfee SiteAdvisor Service - ok

12:47:52.0640 2132 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

12:47:52.0734 2132 McComponentHostService - ok

12:47:52.0734 2132 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

12:47:52.0734 2132 McMPFSvc - ok

12:47:52.0750 2132 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

12:47:52.0750 2132 mcmscsvc - ok

12:47:52.0750 2132 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

12:47:52.0750 2132 McNaiAnn - ok

12:47:52.0765 2132 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

12:47:52.0765 2132 McNASvc - ok

12:47:52.0828 2132 McODS (e8c5aae17e8332f5f4f57935238cd5eb) C:\Program Files\McAfee\VirusScan\mcods.exe

12:47:52.0828 2132 McODS - ok

12:47:52.0843 2132 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

12:47:52.0843 2132 McProxy - ok

12:47:52.0875 2132 McPvDrv (000751813ecef491689176e72b3a8bee) C:\WINDOWS\system32\drivers\McPvDrv.sys

12:47:52.0875 2132 McPvDrv - ok

12:47:52.0921 2132 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe

12:47:53.0000 2132 McrdSvc - ok

12:47:53.0031 2132 McShield (151f3ca25b739b9cb0066abd1523f064) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

12:47:53.0046 2132 McShield - ok

12:47:53.0109 2132 MDM (d1904a1fb31629eb9621d5ed2f2c3555) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

12:47:53.0187 2132 MDM - ok

12:47:53.0265 2132 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

12:47:53.0406 2132 mdmxsdk - ok

12:47:53.0453 2132 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

12:47:53.0453 2132 Messenger - ok

12:47:53.0484 2132 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\WINDOWS\system32\drivers\mfeapfk.sys

12:47:53.0562 2132 mfeapfk - ok

12:47:53.0609 2132 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\WINDOWS\system32\drivers\mfeavfk.sys

12:47:53.0703 2132 mfeavfk - ok

12:47:53.0718 2132 mfeavfk01 - ok

12:47:53.0734 2132 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\WINDOWS\system32\drivers\mfebopk.sys

12:47:53.0812 2132 mfebopk - ok

12:47:53.0859 2132 mfefire (26ba2eebcff16f611ce1118fa0850810) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

12:47:53.0859 2132 mfefire - ok

12:47:53.0875 2132 mfefirek (215666a8a85023ef019b510cbb67f678) C:\WINDOWS\system32\drivers\mfefirek.sys

12:47:53.0953 2132 mfefirek - ok

12:47:54.0000 2132 mfehidk (56d330981866a72f061dd16cc5004513) C:\WINDOWS\system32\drivers\mfehidk.sys

12:47:54.0015 2132 mfehidk - ok

12:47:54.0031 2132 mfendisk (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

12:47:54.0125 2132 mfendisk - ok

12:47:54.0125 2132 mfendiskmp (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

12:47:54.0203 2132 mfendiskmp - ok

12:47:54.0234 2132 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\WINDOWS\system32\drivers\mferkdet.sys

12:47:54.0312 2132 mferkdet - ok

12:47:54.0343 2132 mfetdi2k (922e64ca38e38106498fb3435a8e399d) C:\WINDOWS\system32\drivers\mfetdi2k.sys

12:47:54.0437 2132 mfetdi2k - ok

12:47:54.0453 2132 mfevtp (ad52269897626d614b31e153f5c5d65c) C:\WINDOWS\system32\mfevtps.exe

12:47:54.0546 2132 mfevtp - ok

12:47:54.0562 2132 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll

12:47:54.0625 2132 MHN - ok

12:47:54.0640 2132 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys

12:47:54.0781 2132 MHNDRV - ok

12:47:54.0812 2132 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

12:47:54.0828 2132 mnmdd - ok

12:47:54.0859 2132 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

12:47:54.0859 2132 mnmsrvc - ok

12:47:54.0921 2132 MOBKbackup (35176fa09a0fc58db630991a81a0ba39) C:\Program Files\McAfee Online Backup\MOBKbackup.exe

12:47:55.0015 2132 MOBKbackup - ok

12:47:55.0031 2132 MOBKFilter (e896775837a8bce436348df460522394) C:\WINDOWS\system32\DRIVERS\MOBK.sys

12:47:55.0031 2132 MOBKFilter - ok

12:47:55.0078 2132 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

12:47:55.0078 2132 Modem - ok

12:47:55.0093 2132 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

12:47:55.0109 2132 Mouclass - ok

12:47:55.0125 2132 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

12:47:55.0140 2132 mouhid - ok

12:47:55.0156 2132 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

12:47:55.0156 2132 MountMgr - ok

12:47:55.0171 2132 mraid35x - ok

12:47:55.0187 2132 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

12:47:55.0187 2132 MRxDAV - ok

12:47:55.0234 2132 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

12:47:55.0250 2132 MRxSmb - ok

12:47:55.0281 2132 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

12:47:55.0281 2132 MSDTC - ok

12:47:55.0312 2132 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

12:47:55.0312 2132 Msfs - ok

12:47:55.0328 2132 MSIServer - ok

12:47:55.0390 2132 MSK80Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

12:47:55.0390 2132 MSK80Service - ok

12:47:55.0421 2132 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

12:47:55.0421 2132 MSKSSRV - ok

12:47:55.0453 2132 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

12:47:55.0453 2132 MSPCLOCK - ok

12:47:55.0484 2132 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

12:47:55.0484 2132 MSPQM - ok

12:47:55.0515 2132 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

12:47:55.0531 2132 mssmbios - ok

12:47:55.0546 2132 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

12:47:55.0562 2132 MSTEE - ok

12:47:55.0578 2132 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

12:47:55.0593 2132 Mup - ok

12:47:55.0609 2132 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

12:47:55.0625 2132 NABTSFEC - ok

12:47:55.0671 2132 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

12:47:55.0703 2132 napagent - ok

12:47:55.0718 2132 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

12:47:55.0718 2132 NDIS - ok

12:47:55.0765 2132 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

12:47:55.0765 2132 NdisIP - ok

12:47:55.0796 2132 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

12:47:55.0796 2132 NdisTapi - ok

12:47:55.0812 2132 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

12:47:55.0828 2132 Ndisuio - ok

12:47:55.0843 2132 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

12:47:55.0859 2132 NdisWan - ok

12:47:55.0875 2132 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

12:47:55.0875 2132 NDProxy - ok

12:47:55.0890 2132 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

12:47:55.0890 2132 NetBIOS - ok

12:47:55.0921 2132 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

12:47:55.0937 2132 NetBT - ok

12:47:55.0968 2132 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

12:47:55.0984 2132 NetDDE - ok

12:47:55.0984 2132 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

12:47:55.0984 2132 NetDDEdsdm - ok

12:47:56.0031 2132 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

12:47:56.0031 2132 Netlogon - ok

12:47:56.0125 2132 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

12:47:56.0140 2132 Netman - ok

12:47:56.0234 2132 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

12:47:56.0250 2132 NIC1394 - ok

12:47:56.0296 2132 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

12:47:56.0312 2132 Nla - ok

12:47:56.0484 2132 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

12:47:56.0484 2132 Npfs - ok

12:47:56.0953 2132 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

12:47:57.0218 2132 Ntfs - ok

12:47:58.0687 2132 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

12:47:58.0687 2132 NtLmSsp - ok

12:47:58.0921 2132 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

12:47:58.0984 2132 NtmsSvc - ok

12:47:59.0187 2132 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

12:47:59.0218 2132 Null - ok

12:47:59.0734 2132 nv (ce58f42b11be20a47c3d8d2f38da254e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

12:48:00.0140 2132 nv - ok

12:48:00.0265 2132 NVENETFD (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys

12:48:00.0359 2132 NVENETFD - ok

12:48:00.0390 2132 nvnetbus (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys

12:48:00.0484 2132 nvnetbus - ok

12:48:00.0546 2132 NVSvc (95caec95d6777ce7d6b7091bc4d91ceb) C:\WINDOWS\system32\nvsvc32.exe

12:48:00.0656 2132 NVSvc - ok

12:48:00.0687 2132 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

12:48:00.0687 2132 NwlnkFlt - ok

12:48:00.0703 2132 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

12:48:00.0703 2132 NwlnkFwd - ok

12:48:00.0875 2132 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

12:48:00.0890 2132 odserv - ok

12:48:00.0937 2132 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

12:48:00.0937 2132 ohci1394 - ok

12:48:00.0984 2132 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

12:48:00.0984 2132 ose - ok

12:48:01.0015 2132 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

12:48:01.0031 2132 Parport - ok

12:48:01.0046 2132 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

12:48:01.0046 2132 PartMgr - ok

12:48:01.0078 2132 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

12:48:01.0078 2132 ParVdm - ok

12:48:01.0093 2132 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

12:48:01.0093 2132 PCI - ok

12:48:01.0109 2132 PCIDump - ok

12:48:01.0125 2132 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

12:48:01.0125 2132 PCIIde - ok

12:48:01.0140 2132 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

12:48:01.0156 2132 Pcmcia - ok

12:48:01.0171 2132 PDCOMP - ok

12:48:01.0171 2132 PDFRAME - ok

12:48:01.0187 2132 PDRELI - ok

12:48:01.0203 2132 PDRFRAME - ok

12:48:01.0218 2132 perc2 - ok

12:48:01.0234 2132 perc2hib - ok

12:48:01.0265 2132 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

12:48:01.0281 2132 PlugPlay - ok

12:48:01.0312 2132 Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE

12:48:01.0484 2132 Pml Driver HPZ12 - ok

12:48:01.0546 2132 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

12:48:01.0546 2132 PolicyAgent - ok

12:48:01.0562 2132 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

12:48:01.0578 2132 PptpMiniport - ok

12:48:01.0609 2132 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys

12:48:01.0609 2132 Processor - ok

12:48:01.0625 2132 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

12:48:01.0625 2132 ProtectedStorage - ok

12:48:01.0640 2132 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

12:48:01.0640 2132 PSched - ok

12:48:01.0656 2132 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

12:48:01.0671 2132 Ptilink - ok

12:48:01.0687 2132 PxHelp20 (0457e25bb122b854e267cf552dcdc370) C:\WINDOWS\system32\Drivers\PxHelp20.sys

12:48:01.0687 2132 PxHelp20 - ok

12:48:01.0703 2132 ql1080 - ok

12:48:01.0718 2132 Ql10wnt - ok

12:48:01.0718 2132 ql12160 - ok

12:48:01.0734 2132 ql1240 - ok

12:48:01.0750 2132 ql1280 - ok

12:48:01.0765 2132 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

12:48:01.0781 2132 RasAcd - ok

12:48:01.0812 2132 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

12:48:01.0812 2132 RasAuto - ok

12:48:01.0843 2132 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

12:48:01.0843 2132 Rasl2tp - ok

12:48:01.0890 2132 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

12:48:01.0890 2132 RasMan - ok

12:48:01.0906 2132 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

12:48:01.0921 2132 RasPppoe - ok

12:48:01.0921 2132 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

12:48:01.0937 2132 Raspti - ok

12:48:01.0953 2132 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

12:48:01.0953 2132 Rdbss - ok

12:48:01.0968 2132 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

12:48:01.0984 2132 RDPCDD - ok

12:48:02.0000 2132 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

12:48:02.0000 2132 rdpdr - ok

12:48:02.0031 2132 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

12:48:02.0218 2132 RDPWD - ok

12:48:02.0265 2132 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

12:48:02.0265 2132 RDSessMgr - ok

12:48:02.0296 2132 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

12:48:02.0296 2132 redbook - ok

12:48:02.0328 2132 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

12:48:02.0343 2132 RemoteAccess - ok

12:48:02.0375 2132 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

12:48:02.0375 2132 RemoteRegistry - ok

12:48:02.0406 2132 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

12:48:02.0421 2132 RpcLocator - ok

12:48:02.0453 2132 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

12:48:02.0468 2132 RpcSs - ok

12:48:02.0500 2132 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

12:48:02.0500 2132 RSVP - ok

12:48:02.0531 2132 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS

12:48:02.0531 2132 rtl8139 - ok

12:48:02.0578 2132 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

12:48:02.0578 2132 SamSs - ok

12:48:02.0593 2132 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

12:48:02.0609 2132 SCardSvr - ok

12:48:02.0640 2132 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

12:48:02.0656 2132 Schedule - ok

12:48:02.0687 2132 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

12:48:02.0687 2132 Secdrv - ok

12:48:02.0718 2132 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

12:48:02.0718 2132 seclogon - ok

12:48:02.0750 2132 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

12:48:02.0750 2132 SENS - ok

12:48:02.0765 2132 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

12:48:02.0765 2132 Serial - ok

12:48:02.0781 2132 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

12:48:02.0796 2132 Sfloppy - ok

12:48:02.0812 2132 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

12:48:02.0843 2132 SharedAccess - ok

12:48:02.0875 2132 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

12:48:02.0890 2132 ShellHWDetection - ok

12:48:02.0890 2132 Simbad - ok

12:48:02.0921 2132 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

12:48:02.0921 2132 SLIP - ok

12:48:02.0937 2132 Sparrow - ok

12:48:02.0968 2132 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

12:48:02.0968 2132 splitter - ok

12:48:03.0000 2132 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

12:48:03.0000 2132 Spooler - ok

12:48:03.0015 2132 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

12:48:03.0031 2132 sr - ok

12:48:03.0031 2132 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

12:48:03.0046 2132 srservice - ok

12:48:03.0062 2132 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

12:48:03.0078 2132 Srv - ok

12:48:03.0093 2132 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

12:48:03.0109 2132 SSDPSRV - ok

12:48:03.0125 2132 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

12:48:03.0140 2132 stisvc - ok

12:48:03.0171 2132 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

12:48:03.0187 2132 streamip - ok

12:48:03.0203 2132 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

12:48:03.0218 2132 swenum - ok

12:48:03.0218 2132 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

12:48:03.0234 2132 swmidi - ok

12:48:03.0250 2132 SwPrv - ok

12:48:03.0250 2132 symc810 - ok

12:48:03.0265 2132 symc8xx - ok

12:48:03.0281 2132 sym_hi - ok

12:48:03.0296 2132 sym_u3 - ok

12:48:03.0312 2132 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

12:48:03.0312 2132 sysaudio - ok

12:48:03.0343 2132 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

12:48:03.0343 2132 SysmonLog - ok

12:48:03.0375 2132 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

12:48:03.0390 2132 TapiSrv - ok

12:48:03.0437 2132 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

12:48:03.0437 2132 Tcpip - ok

12:48:03.0468 2132 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

12:48:03.0468 2132 TDPIPE - ok

12:48:03.0500 2132 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

12:48:03.0500 2132 TDTCP - ok

12:48:03.0531 2132 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

12:48:03.0531 2132 TermDD - ok

12:48:03.0562 2132 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

12:48:03.0578 2132 TermService - ok

12:48:03.0609 2132 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

12:48:03.0609 2132 Themes - ok

12:48:03.0656 2132 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe

12:48:03.0671 2132 TlntSvr - ok

12:48:03.0671 2132 TosIde - ok

12:48:03.0687 2132 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

12:48:03.0703 2132 TrkWks - ok

12:48:03.0718 2132 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

12:48:03.0718 2132 Udfs - ok

12:48:03.0734 2132 ultra - ok

12:48:03.0765 2132 UMWdf (9651e5d850b6f6bd7c77c70aa06f02bf) C:\WINDOWS\system32\wdfmgr.exe

12:48:03.0781 2132 UMWdf - ok

12:48:03.0812 2132 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

12:48:03.0828 2132 Update - ok

12:48:03.0859 2132 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

12:48:03.0875 2132 upnphost - ok

12:48:03.0890 2132 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

12:48:03.0890 2132 UPS - ok

12:48:03.0921 2132 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

12:48:03.0921 2132 usbaudio - ok

12:48:03.0953 2132 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

12:48:03.0953 2132 usbccgp - ok

12:48:03.0968 2132 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

12:48:03.0984 2132 usbehci - ok

12:48:04.0000 2132 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

12:48:04.0000 2132 usbhub - ok

12:48:04.0015 2132 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

12:48:04.0031 2132 usbohci - ok

12:48:04.0046 2132 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

12:48:04.0062 2132 usbprint - ok

12:48:04.0062 2132 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

12:48:04.0078 2132 usbscan - ok

12:48:04.0093 2132 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

12:48:04.0093 2132 usbstor - ok

12:48:04.0125 2132 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

12:48:04.0125 2132 usbuhci - ok

12:48:04.0156 2132 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

12:48:04.0156 2132 VgaSave - ok

12:48:04.0187 2132 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

12:48:04.0187 2132 ViaIde - ok

12:48:04.0203 2132 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

12:48:04.0218 2132 VolSnap - ok

12:48:04.0234 2132 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

12:48:04.0265 2132 VSS - ok

12:48:04.0281 2132 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

12:48:04.0296 2132 W32Time - ok

12:48:04.0343 2132 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

12:48:04.0343 2132 Wanarp - ok

12:48:04.0359 2132 WDICA - ok

12:48:04.0375 2132 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

12:48:04.0390 2132 wdmaud - ok

12:48:04.0406 2132 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

12:48:04.0406 2132 WebClient - ok

12:48:04.0437 2132 winachsx (11ec1afceb5c917ce73d3c301ff4291e) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys

12:48:04.0640 2132 winachsx - ok

12:48:04.0687 2132 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

12:48:04.0703 2132 winmgmt - ok

12:48:04.0734 2132 WmdmPmSN (b9715b9c18bc6c8f4b66733d208cc9f7) C:\WINDOWS\system32\MsPMSNSv.dll

12:48:04.0750 2132 WmdmPmSN - ok

12:48:04.0796 2132 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll

12:48:04.0812 2132 Wmi - ok

12:48:04.0828 2132 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

12:48:04.0843 2132 WmiApSrv - ok

12:48:04.0875 2132 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

12:48:04.0890 2132 wscsvc - ok

12:48:04.0921 2132 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

12:48:04.0921 2132 WSTCODEC - ok

12:48:04.0953 2132 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

12:48:04.0968 2132 wuauserv - ok

12:48:05.0000 2132 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

12:48:05.0031 2132 WZCSVC - ok

12:48:05.0062 2132 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

12:48:05.0062 2132 xmlprov - ok

12:48:05.0078 2132 MBR (0x1B8) (0ac6d996bce152aed9600e6d6b797e2e) \Device\Harddisk0\DR0

12:48:05.0125 2132 \Device\Harddisk0\DR0 - ok

12:48:05.0140 2132 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk6\DR25

12:48:08.0250 2132 \Device\Harddisk6\DR25 - ok

12:48:08.0250 2132 Boot (0x1200) (17e91c11e5d330cebe664f9849245fb3) \Device\Harddisk0\DR0\Partition0

12:48:08.0250 2132 \Device\Harddisk0\DR0\Partition0 - ok

12:48:08.0250 2132 Boot (0x1200) (40127471c77eb020efd38ad6d08075a2) \Device\Harddisk0\DR0\Partition1

12:48:08.0250 2132 \Device\Harddisk0\DR0\Partition1 - ok

12:48:08.0265 2132 Boot (0x1200) (0142cddb77dbef1df019f8889ddfcd04) \Device\Harddisk6\DR25\Partition0

12:48:08.0265 2132 \Device\Harddisk6\DR25\Partition0 - ok

12:48:08.0265 2132 ============================================================

12:48:08.0265 2132 Scan finished

12:48:08.0265 2132 ============================================================

12:48:08.0281 5116 Detected object count: 0

12:48:08.0281 5116 Actual detected object count: 0

12:48:16.0765 0304 ============================================================

12:48:16.0765 0304 Scan started

12:48:16.0765 0304 Mode: Manual; SigCheck; TDLFS;

12:48:16.0765 0304 ============================================================

12:48:17.0078 0304 Abiosdsk - ok

12:48:17.0078 0304 abp480n5 - ok

12:48:17.0125 0304 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys

12:48:17.0718 0304 ACPI - ok

12:48:17.0750 0304 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys

12:48:17.0906 0304 ACPIEC - ok

12:48:17.0906 0304 adpu160m - ok

12:48:17.0937 0304 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

12:48:18.0093 0304 aec - ok

12:48:18.0140 0304 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys

12:48:18.0187 0304 AFD - ok

12:48:18.0203 0304 Aha154x - ok

12:48:18.0218 0304 aic78u2 - ok

12:48:18.0234 0304 aic78xx - ok

12:48:18.0265 0304 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll

12:48:18.0437 0304 Alerter - ok

12:48:18.0468 0304 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe

12:48:18.0656 0304 ALG - ok

12:48:18.0656 0304 AliIde - ok

12:48:18.0687 0304 AmdK8 (59301936898ae62245a6f09c0aba9475) C:\WINDOWS\system32\DRIVERS\AmdK8.sys

12:48:18.0734 0304 AmdK8 - ok

12:48:18.0750 0304 amsint - ok

12:48:18.0781 0304 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll

12:48:18.0953 0304 AppMgmt - ok

12:48:18.0984 0304 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

12:48:19.0140 0304 Arp1394 - ok

12:48:19.0156 0304 asc - ok

12:48:19.0156 0304 asc3350p - ok

12:48:19.0171 0304 asc3550 - ok

12:48:19.0250 0304 aspnet_state (e1a1206a4fb19b675e947b29ccd25fba) C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe

12:48:19.0281 0304 aspnet_state ( UnsignedFile.Multi.Generic ) - warning

12:48:19.0281 0304 aspnet_state - detected UnsignedFile.Multi.Generic (1)

12:48:19.0296 0304 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

12:48:19.0468 0304 AsyncMac - ok

12:48:19.0484 0304 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

12:48:19.0656 0304 atapi - ok

12:48:19.0671 0304 Atdisk - ok

12:48:19.0703 0304 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

12:48:19.0875 0304 Atmarpc - ok

12:48:19.0921 0304 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll

12:48:20.0078 0304 AudioSrv - ok

12:48:20.0109 0304 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

12:48:20.0296 0304 audstub - ok

12:48:20.0312 0304 bb-run (7270d070173b20ac9487ea16bb08b45f) C:\WINDOWS\system32\DRIVERS\bb-run.sys

12:48:20.0359 0304 bb-run - ok

12:48:20.0390 0304 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

12:48:20.0625 0304 Beep - ok

12:48:20.0656 0304 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll

12:48:20.0812 0304 BITS - ok

12:48:20.0843 0304 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll

12:48:21.0015 0304 Browser - ok

12:48:21.0031 0304 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

12:48:21.0218 0304 cbidf2k - ok

12:48:21.0250 0304 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

12:48:21.0406 0304 CCDECODE - ok

12:48:21.0421 0304 cd20xrnt - ok

12:48:21.0437 0304 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

12:48:21.0625 0304 Cdaudio - ok

12:48:21.0640 0304 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

12:48:21.0796 0304 Cdfs - ok

12:48:21.0812 0304 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

12:48:21.0984 0304 Cdrom - ok

12:48:22.0015 0304 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\WINDOWS\system32\drivers\cfwids.sys

12:48:22.0062 0304 cfwids - ok

12:48:22.0078 0304 Changer - ok

12:48:22.0109 0304 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe

12:48:22.0281 0304 CiSvc - ok

12:48:22.0312 0304 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe

12:48:22.0500 0304 ClipSrv - ok

12:48:22.0515 0304 CmdIde - ok

12:48:22.0531 0304 COMSysApp - ok

12:48:22.0546 0304 Cpqarray - ok

12:48:22.0562 0304 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll

12:48:22.0750 0304 CryptSvc - ok

12:48:22.0765 0304 dac2w2k - ok

12:48:22.0781 0304 dac960nt - ok

12:48:22.0812 0304 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

12:48:22.0875 0304 DcomLaunch - ok

12:48:22.0890 0304 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll

12:48:23.0046 0304 Dhcp - ok

12:48:23.0062 0304 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

12:48:23.0234 0304 Disk - ok

12:48:23.0250 0304 dmadmin - ok

12:48:23.0296 0304 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys

12:48:23.0531 0304 dmboot - ok

12:48:23.0546 0304 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys

12:48:23.0718 0304 dmio - ok

12:48:23.0750 0304 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

12:48:23.0921 0304 dmload - ok

12:48:23.0937 0304 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll

12:48:24.0109 0304 dmserver - ok

12:48:24.0125 0304 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

12:48:24.0312 0304 DMusic - ok

12:48:24.0343 0304 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll

12:48:24.0406 0304 Dnscache - ok

12:48:24.0437 0304 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll

12:48:24.0625 0304 Dot3svc - ok

12:48:24.0640 0304 dpti2o - ok

12:48:24.0640 0304 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

12:48:24.0828 0304 drmkaud - ok

12:48:24.0859 0304 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll

12:48:25.0031 0304 EapHost - ok

12:48:25.0078 0304 ehRecvr (d039a0c347632622934906bd59a4e1ea) C:\WINDOWS\eHome\ehRecvr.exe

12:48:25.0140 0304 ehRecvr - ok

12:48:25.0171 0304 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe

12:48:25.0265 0304 ehSched - ok

12:48:25.0281 0304 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll

12:48:25.0453 0304 ERSvc - ok

12:48:25.0484 0304 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

12:48:25.0515 0304 Eventlog - ok

12:48:25.0546 0304 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll

12:48:25.0578 0304 EventSystem - ok

12:48:25.0609 0304 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

12:48:25.0750 0304 Fastfat - ok

12:48:25.0796 0304 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

12:48:25.0859 0304 FastUserSwitchingCompatibility - ok

12:48:25.0890 0304 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe

12:48:26.0062 0304 Fax - ok

12:48:26.0078 0304 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

12:48:26.0265 0304 Fdc - ok

12:48:26.0281 0304 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys

12:48:26.0437 0304 Fips - ok

12:48:26.0453 0304 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

12:48:26.0625 0304 Flpydisk - ok

12:48:26.0640 0304 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys

12:48:26.0796 0304 FltMgr - ok

12:48:26.0812 0304 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

12:48:26.0984 0304 Fs_Rec - ok

12:48:27.0000 0304 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

12:48:27.0187 0304 Ftdisk - ok

12:48:27.0203 0304 ftsata2 (22399d3ce5840c6082844679cca5d2fc) C:\WINDOWS\system32\DRIVERS\ftsata2.sys

12:48:27.0250 0304 ftsata2 - ok

12:48:27.0265 0304 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

12:48:27.0421 0304 Gpc - ok

12:48:27.0437 0304 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

12:48:27.0593 0304 HDAudBus - ok

12:48:27.0640 0304 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

12:48:27.0781 0304 helpsvc - ok

12:48:27.0812 0304 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll

12:48:27.0984 0304 HidServ - ok

12:48:28.0000 0304 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

12:48:28.0156 0304 HidUsb - ok

12:48:28.0187 0304 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll

12:48:28.0359 0304 hkmsvc - ok

12:48:28.0390 0304 HP Port Resolver (c5f00d15aa15cb7f55a027ff75e44bb7) C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE

12:48:28.0500 0304 HP Port Resolver - ok

12:48:28.0531 0304 HP Status Server (c5a288e4ceef5a26d105117baa3763ab) C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE

12:48:28.0640 0304 HP Status Server - ok

12:48:28.0640 0304 hpn - ok

12:48:28.0671 0304 HPZid412 (30ca91e657cede2f95359d6ef186f650) C:\WINDOWS\system32\DRIVERS\HPZid412.sys

12:48:28.0734 0304 HPZid412 - ok

12:48:28.0750 0304 HPZipr12 (efd31afa752aa7c7bbb57bcbe2b01c78) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

12:48:28.0781 0304 HPZipr12 - ok

12:48:28.0812 0304 HPZius12 (7ac43c38ca8fd7ed0b0a4466f753e06e) C:\WINDOWS\system32\DRIVERS\HPZius12.sys

12:48:28.0859 0304 HPZius12 - ok

12:48:28.0890 0304 HSXHWBS2 (1f5c64b0c6b2e2f48735a77ae714ccb8) C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys

12:48:29.0093 0304 HSXHWBS2 - ok

12:48:29.0140 0304 HSX_DP (a7f8c9228898a1e871d2ae7082f50ac3) C:\WINDOWS\system32\DRIVERS\HSX_DP.sys

12:48:29.0203 0304 HSX_DP - ok

12:48:29.0234 0304 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

12:48:29.0281 0304 HTTP - ok

12:48:29.0312 0304 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll

12:48:29.0500 0304 HTTPFilter - ok

12:48:29.0515 0304 i2omgmt - ok

12:48:29.0515 0304 i2omp - ok

12:48:29.0546 0304 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

12:48:29.0718 0304 i8042prt - ok

12:48:29.0750 0304 iaStor (9a65e42664d1534b68512caad0efe963) C:\WINDOWS\system32\DRIVERS\iaStor.sys

12:48:29.0828 0304 iaStor - ok

12:48:29.0906 0304 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

12:48:29.0921 0304 IDriverT ( UnsignedFile.Multi.Generic ) - warning

12:48:29.0921 0304 IDriverT - detected UnsignedFile.Multi.Generic (1)

12:48:29.0937 0304 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

12:48:30.0093 0304 Imapi - ok

12:48:30.0140 0304 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe

12:48:30.0312 0304 ImapiService - ok

12:48:30.0328 0304 ini910u - ok

12:48:30.0453 0304 IntcAzAudAddService (64be56b8858ca0153c725c720ffd194f) C:\WINDOWS\system32\drivers\RtkHDAud.sys

12:48:30.0640 0304 IntcAzAudAddService - ok

12:48:30.0671 0304 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys

12:48:30.0828 0304 IntelIde - ok

12:48:30.0875 0304 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys

12:48:31.0031 0304 intelppm - ok

12:48:31.0046 0304 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys

12:48:31.0203 0304 Ip6Fw - ok

12:48:31.0234 0304 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

12:48:31.0406 0304 IpFilterDriver - ok

12:48:31.0421 0304 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

12:48:31.0593 0304 IpInIp - ok

12:48:31.0625 0304 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

12:48:31.0765 0304 IpNat - ok

12:48:31.0781 0304 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

12:48:31.0937 0304 IPSec - ok

12:48:31.0968 0304 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

12:48:32.0125 0304 IRENUM - ok

12:48:32.0156 0304 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys

12:48:32.0312 0304 isapnp - ok

12:48:32.0406 0304 JavaQuickStarterService (381b25dc8e958d905b33130d500bbf29) C:\Program Files\Java\jre6\bin\jqs.exe

12:48:32.0421 0304 JavaQuickStarterService - ok

12:48:32.0437 0304 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

12:48:32.0625 0304 Kbdclass - ok

12:48:32.0640 0304 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys

12:48:32.0796 0304 kbdhid - ok

12:48:32.0828 0304 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

12:48:32.0968 0304 kmixer - ok

12:48:33.0000 0304 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

12:48:33.0031 0304 KSecDD - ok

12:48:33.0062 0304 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll

12:48:33.0109 0304 lanmanserver - ok

12:48:33.0140 0304 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll

12:48:33.0171 0304 lanmanworkstation - ok

12:48:33.0187 0304 lbrtfdc - ok

12:48:33.0203 0304 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll

12:48:33.0375 0304 LmHosts - ok

12:48:33.0406 0304 LVUSBSta (f7e15f2fe7790733df86e95a76556389) C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys

12:48:33.0421 0304 LVUSBSta - ok

12:48:33.0546 0304 LVUVC (92d03dc19eae9d0a86735705e374fdad) C:\WINDOWS\system32\DRIVERS\lvuvc.sys

12:48:33.0687 0304 LVUVC - ok

12:48:33.0781 0304 McAfee SiteAdvisor Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

12:48:33.0796 0304 McAfee SiteAdvisor Service - ok

12:48:33.0843 0304 McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

12:48:33.0984 0304 McComponentHostService - ok

12:48:33.0984 0304 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

12:48:34.0000 0304 McMPFSvc - ok

12:48:34.0015 0304 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

12:48:34.0031 0304 mcmscsvc - ok

12:48:34.0046 0304 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

12:48:34.0062 0304 McNaiAnn - ok

12:48:34.0062 0304 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

12:48:34.0093 0304 McNASvc - ok

12:48:34.0156 0304 McODS (e8c5aae17e8332f5f4f57935238cd5eb) C:\Program Files\McAfee\VirusScan\mcods.exe

12:48:34.0187 0304 McODS - ok

12:48:34.0187 0304 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

12:48:34.0218 0304 McProxy - ok

12:48:34.0250 0304 McPvDrv (000751813ecef491689176e72b3a8bee) C:\WINDOWS\system32\drivers\McPvDrv.sys

12:48:34.0265 0304 McPvDrv - ok

12:48:34.0312 0304 McrdSvc (df0a511f38f16016bf658fca0090cb87) C:\WINDOWS\ehome\mcrdsvc.exe

12:48:34.0406 0304 McrdSvc - ok

12:48:34.0437 0304 McShield (151f3ca25b739b9cb0066abd1523f064) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

12:48:34.0453 0304 McShield - ok

12:48:34.0500 0304 MDM (d1904a1fb31629eb9621d5ed2f2c3555) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

12:48:34.0515 0304 MDM ( UnsignedFile.Multi.Generic ) - warning

12:48:34.0515 0304 MDM - detected UnsignedFile.Multi.Generic (1)

12:48:34.0546 0304 mdmxsdk (e246a32c445056996074a397da56e815) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

12:48:34.0578 0304 mdmxsdk - ok

12:48:34.0609 0304 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll

12:48:34.0796 0304 Messenger - ok

12:48:34.0828 0304 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\WINDOWS\system32\drivers\mfeapfk.sys

12:48:34.0859 0304 mfeapfk - ok

12:48:34.0890 0304 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\WINDOWS\system32\drivers\mfeavfk.sys

12:48:34.0906 0304 mfeavfk - ok

12:48:34.0921 0304 mfeavfk01 - ok

12:48:34.0937 0304 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\WINDOWS\system32\drivers\mfebopk.sys

12:48:34.0953 0304 mfebopk - ok

12:48:34.0968 0304 mfefire (26ba2eebcff16f611ce1118fa0850810) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

12:48:34.0984 0304 mfefire - ok

12:48:35.0000 0304 mfefirek (215666a8a85023ef019b510cbb67f678) C:\WINDOWS\system32\drivers\mfefirek.sys

12:48:35.0125 0304 mfefirek - ok

12:48:35.0171 0304 mfehidk (56d330981866a72f061dd16cc5004513) C:\WINDOWS\system32\drivers\mfehidk.sys

12:48:35.0203 0304 mfehidk - ok

12:48:35.0234 0304 mfendisk (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

12:48:35.0343 0304 mfendisk - ok

12:48:35.0359 0304 mfendiskmp (62acda4e958e2a392557ba3c6c754a58) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

12:48:35.0453 0304 mfendiskmp - ok

12:48:35.0484 0304 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\WINDOWS\system32\drivers\mferkdet.sys

12:48:35.0500 0304 mferkdet - ok

12:48:35.0546 0304 mfetdi2k (922e64ca38e38106498fb3435a8e399d) C:\WINDOWS\system32\drivers\mfetdi2k.sys

12:48:35.0562 0304 mfetdi2k - ok

12:48:35.0578 0304 mfevtp (ad52269897626d614b31e153f5c5d65c) C:\WINDOWS\system32\mfevtps.exe

12:48:35.0593 0304 mfevtp - ok

12:48:35.0625 0304 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll

12:48:35.0640 0304 MHN ( UnsignedFile.Multi.Generic ) - warning

12:48:35.0640 0304 MHN - detected UnsignedFile.Multi.Generic (1)

12:48:35.0671 0304 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys

12:48:35.0687 0304 MHNDRV ( UnsignedFile.Multi.Generic ) - warning

12:48:35.0687 0304 MHNDRV - detected UnsignedFile.Multi.Generic (1)

12:48:35.0718 0304 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

12:48:35.0890 0304 mnmdd - ok

12:48:35.0937 0304 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe

12:48:36.0109 0304 mnmsrvc - ok

12:48:36.0171 0304 MOBKbackup (35176fa09a0fc58db630991a81a0ba39) C:\Program Files\McAfee Online Backup\MOBKbackup.exe

12:48:36.0187 0304 MOBKbackup - ok

12:48:36.0203 0304 MOBKFilter (e896775837a8bce436348df460522394) C:\WINDOWS\system32\DRIVERS\MOBK.sys

12:48:36.0218 0304 MOBKFilter - ok

12:48:36.0265 0304 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys

12:48:36.0421 0304 Modem - ok

12:48:36.0437 0304 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys

12:48:36.0593 0304 Mouclass - ok

12:48:36.0625 0304 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys

12:48:36.0796 0304 mouhid - ok

12:48:36.0812 0304 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

12:48:36.0968 0304 MountMgr - ok

12:48:36.0984 0304 mraid35x - ok

12:48:37.0000 0304 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

12:48:37.0140 0304 MRxDAV - ok

12:48:37.0187 0304 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

12:48:37.0265 0304 MRxSmb - ok

12:48:37.0312 0304 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe

12:48:37.0468 0304 MSDTC - ok

12:48:37.0484 0304 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

12:48:37.0640 0304 Msfs - ok

12:48:37.0656 0304 MSIServer - ok

12:48:37.0718 0304 MSK80Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

12:48:37.0750 0304 MSK80Service - ok

12:48:37.0765 0304 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

12:48:37.0937 0304 MSKSSRV - ok

12:48:37.0953 0304 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

12:48:38.0109 0304 MSPCLOCK - ok

12:48:38.0140 0304 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

12:48:38.0281 0304 MSPQM - ok

12:48:38.0312 0304 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

12:48:38.0468 0304 mssmbios - ok

12:48:38.0484 0304 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

12:48:38.0640 0304 MSTEE - ok

12:48:38.0656 0304 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

12:48:38.0671 0304 Mup - ok

12:48:38.0703 0304 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

12:48:38.0859 0304 NABTSFEC - ok

12:48:38.0890 0304 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll

12:48:39.0062 0304 napagent - ok

12:48:39.0093 0304 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

12:48:39.0250 0304 NDIS - ok

12:48:39.0281 0304 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

12:48:39.0437 0304 NdisIP - ok

12:48:39.0484 0304 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

12:48:39.0515 0304 NdisTapi - ok

12:48:39.0546 0304 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

12:48:39.0718 0304 Ndisuio - ok

12:48:39.0734 0304 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

12:48:39.0875 0304 NdisWan - ok

12:48:39.0890 0304 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

12:48:39.0921 0304 NDProxy - ok

12:48:39.0937 0304 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

12:48:40.0078 0304 NetBIOS - ok

12:48:40.0109 0304 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

12:48:40.0265 0304 NetBT - ok

12:48:40.0296 0304 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

12:48:40.0468 0304 NetDDE - ok

12:48:40.0468 0304 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe

12:48:40.0625 0304 NetDDEdsdm - ok

12:48:40.0656 0304 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

12:48:40.0812 0304 Netlogon - ok

12:48:40.0843 0304 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll

12:48:41.0000 0304 Netman - ok

12:48:41.0015 0304 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

12:48:41.0171 0304 NIC1394 - ok

12:48:41.0218 0304 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll

12:48:41.0250 0304 Nla - ok

12:48:41.0265 0304 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

12:48:41.0421 0304 Npfs - ok

12:48:41.0453 0304 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

12:48:41.0640 0304 Ntfs - ok

12:48:41.0656 0304 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

12:48:41.0796 0304 NtLmSsp - ok

12:48:41.0843 0304 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll

12:48:42.0000 0304 NtmsSvc - ok

12:48:42.0031 0304 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

12:48:42.0234 0304 Null - ok

12:48:42.0328 0304 nv (ce58f42b11be20a47c3d8d2f38da254e) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

12:48:42.0500 0304 nv - ok

12:48:42.0546 0304 NVENETFD (22eedb34c4d7613a25b10c347c6c4c21) C:\WINDOWS\system32\DRIVERS\NVENETFD.sys

12:48:42.0562 0304 NVENETFD - ok

12:48:42.0593 0304 nvnetbus (5e3f6ad5cad0f12d3cccd06fd964087a) C:\WINDOWS\system32\DRIVERS\nvnetbus.sys

12:48:42.0609 0304 nvnetbus - ok

12:48:42.0656 0304 NVSvc (95caec95d6777ce7d6b7091bc4d91ceb) C:\WINDOWS\system32\nvsvc32.exe

12:48:42.0781 0304 NVSvc - ok

12:48:42.0796 0304 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

12:48:42.0984 0304 NwlnkFlt - ok

12:48:43.0000 0304 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

12:48:43.0203 0304 NwlnkFwd - ok

12:48:43.0343 0304 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

12:48:43.0359 0304 odserv - ok

12:48:43.0406 0304 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

12:48:43.0562 0304 ohci1394 - ok

12:48:43.0593 0304 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

12:48:43.0609 0304 ose - ok

12:48:43.0640 0304 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys

12:48:43.0812 0304 Parport - ok

12:48:43.0843 0304 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

12:48:44.0015 0304 PartMgr - ok

12:48:44.0046 0304 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys

12:48:44.0265 0304 ParVdm - ok

12:48:44.0265 0304 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys

12:48:44.0421 0304 PCI - ok

12:48:44.0437 0304 PCIDump - ok

12:48:44.0437 0304 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys

12:48:44.0640 0304 PCIIde - ok

12:48:44.0671 0304 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys

12:48:44.0812 0304 Pcmcia - ok

12:48:44.0828 0304 PDCOMP - ok

12:48:44.0843 0304 PDFRAME - ok

12:48:44.0843 0304 PDRELI - ok

12:48:44.0859 0304 PDRFRAME - ok

12:48:44.0875 0304 perc2 - ok

12:48:44.0890 0304 perc2hib - ok

12:48:44.0921 0304 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe

12:48:44.0937 0304 PlugPlay - ok

12:48:45.0015 0304 Pml Driver HPZ12 (2d091a99624fb9e7eef0a86d872ec0c3) C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE

12:48:45.0015 0304 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

12:48:45.0015 0304 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

12:48:45.0046 0304 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

12:48:45.0187 0304 PolicyAgent - ok

12:48:45.0218 0304 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

12:48:45.0406 0304 PptpMiniport - ok

12:48:45.0421 0304 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys

12:48:45.0578 0304 Processor - ok

12:48:45.0593 0304 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

12:48:45.0734 0304 ProtectedStorage - ok

12:48:45.0750 0304 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

12:48:45.0890 0304 PSched - ok

12:48:45.0921 0304 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

12:48:46.0093 0304 Ptilink - ok

12:48:46.0125 0304 PxHelp20 (0457e25bb122b854e267cf552dcdc370) C:\WINDOWS\system32\Drivers\PxHelp20.sys

12:48:46.0140 0304 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning

12:48:46.0140 0304 PxHelp20 - detected UnsignedFile.Multi.Generic (1)

12:48:46.0140 0304 ql1080 - ok

12:48:46.0156 0304 Ql10wnt - ok

12:48:46.0171 0304 ql12160 - ok

12:48:46.0187 0304 ql1240 - ok

12:48:46.0187 0304 ql1280 - ok

12:48:46.0218 0304 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

12:48:46.0406 0304 RasAcd - ok

12:48:46.0421 0304 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll

12:48:46.0578 0304 RasAuto - ok

12:48:46.0593 0304 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

12:48:46.0750 0304 Rasl2tp - ok

12:48:46.0796 0304 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll

12:48:46.0953 0304 RasMan - ok

12:48:46.0968 0304 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

12:48:47.0125 0304 RasPppoe - ok

12:48:47.0140 0304 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

12:48:47.0343 0304 Raspti - ok

12:48:47.0359 0304 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

12:48:47.0546 0304 Rdbss - ok

12:48:47.0578 0304 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

12:48:47.0750 0304 RDPCDD - ok

12:48:47.0765 0304 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

12:48:47.0921 0304 rdpdr - ok

12:48:47.0953 0304 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys

12:48:48.0171 0304 RDPWD - ok

12:48:48.0203 0304 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe

12:48:48.0359 0304 RDSessMgr - ok

12:48:48.0375 0304 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys

12:48:48.0546 0304 redbook - ok

12:48:48.0578 0304 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll

12:48:48.0734 0304 RemoteAccess - ok

12:48:48.0765 0304 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll

12:48:48.0921 0304 RemoteRegistry - ok

12:48:48.0968 0304 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe

12:48:49.0109 0304 RpcLocator - ok

12:48:49.0156 0304 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll

12:48:49.0187 0304 RpcSs - ok

12:48:49.0218 0304 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe

12:48:49.0406 0304 RSVP - ok

12:48:49.0437 0304 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS

12:48:49.0546 0304 rtl8139 - ok

12:48:49.0562 0304 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe

12:48:49.0734 0304 SamSs - ok

12:48:49.0750 0304 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe

12:48:49.0906 0304 SCardSvr - ok

12:48:49.0937 0304 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll

12:48:50.0093 0304 Schedule - ok

12:48:50.0109 0304 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

12:48:50.0281 0304 Secdrv - ok

12:48:50.0296 0304 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll

12:48:50.0453 0304 seclogon - ok

12:48:50.0468 0304 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll

12:48:50.0625 0304 SENS - ok

12:48:50.0656 0304 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\drivers\Serial.sys

12:48:50.0812 0304 Serial - ok

12:48:50.0828 0304 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys

12:48:50.0984 0304 Sfloppy - ok

12:48:51.0000 0304 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll

12:48:51.0187 0304 SharedAccess - ok

12:48:51.0218 0304 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

12:48:51.0250 0304 ShellHWDetection - ok

12:48:51.0265 0304 Simbad - ok

12:48:51.0296 0304 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

12:48:51.0437 0304 SLIP - ok

12:48:51.0453 0304 Sparrow - ok

12:48:51.0484 0304 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

12:48:51.0640 0304 splitter - ok

12:48:51.0656 0304 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe

12:48:51.0703 0304 Spooler - ok

12:48:51.0718 0304 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys

12:48:51.0875 0304 sr - ok

12:48:51.0890 0304 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll

12:48:52.0046 0304 srservice - ok

12:48:52.0062 0304 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

12:48:52.0093 0304 Srv - ok

12:48:52.0125 0304 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll

12:48:52.0281 0304 SSDPSRV - ok

12:48:52.0296 0304 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll

12:48:52.0468 0304 stisvc - ok

12:48:52.0484 0304 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

12:48:52.0625 0304 streamip - ok

12:48:52.0640 0304 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

12:48:52.0796 0304 swenum - ok

12:48:52.0812 0304 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

12:48:52.0953 0304 swmidi - ok

12:48:52.0968 0304 SwPrv - ok

12:48:52.0984 0304 symc810 - ok

12:48:52.0984 0304 symc8xx - ok

12:48:53.0000 0304 sym_hi - ok

12:48:53.0015 0304 sym_u3 - ok

12:48:53.0031 0304 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

12:48:53.0187 0304 sysaudio - ok

12:48:53.0203 0304 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe

12:48:53.0359 0304 SysmonLog - ok

12:48:53.0375 0304 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll

12:48:53.0546 0304 TapiSrv - ok

12:48:53.0593 0304 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

12:48:53.0625 0304 Tcpip - ok

12:48:53.0640 0304 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

12:48:53.0796 0304 TDPIPE - ok

12:48:53.0812 0304 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

12:48:53.0968 0304 TDTCP - ok

12:48:53.0984 0304 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

12:48:54.0140 0304 TermDD - ok

12:48:54.0156 0304 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll

12:48:54.0328 0304 TermService - ok

12:48:54.0359 0304 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll

12:48:54.0390 0304 Themes - ok

12:48:54.0437 0304 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe

12:48:54.0578 0304 TlntSvr - ok

12:48:54.0593 0304 TosIde - ok

12:48:54.0625 0304 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll

12:48:54.0781 0304 TrkWks - ok

12:48:54.0796 0304 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

12:48:54.0968 0304 Udfs - ok

12:48:54.0968 0304 ultra - ok

12:48:55.0000 0304 UMWdf (9651e5d850b6f6bd7c77c70aa06f02bf) C:\WINDOWS\system32\wdfmgr.exe

12:48:55.0125 0304 UMWdf - ok

12:48:55.0156 0304 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

12:48:55.0359 0304 Update - ok

12:48:55.0390 0304 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll

12:48:55.0562 0304 upnphost - ok

12:48:55.0593 0304 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe

12:48:55.0781 0304 UPS - ok

12:48:55.0796 0304 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys

12:48:55.0953 0304 usbaudio - ok

12:48:55.0984 0304 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

12:48:56.0140 0304 usbccgp - ok

12:48:56.0156 0304 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

12:48:56.0296 0304 usbehci - ok

12:48:56.0312 0304 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

12:48:56.0453 0304 usbhub - ok

12:48:56.0484 0304 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys

12:48:56.0640 0304 usbohci - ok

12:48:56.0656 0304 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys

12:48:56.0812 0304 usbprint - ok

12:48:56.0828 0304 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys

12:48:56.0984 0304 usbscan - ok

12:48:56.0984 0304 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

12:48:57.0140 0304 usbstor - ok

12:48:57.0156 0304 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

12:48:57.0312 0304 usbuhci - ok

12:48:57.0328 0304 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

12:48:57.0484 0304 VgaSave - ok

12:48:57.0515 0304 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

12:48:57.0671 0304 ViaIde - ok

12:48:57.0687 0304 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys

12:48:57.0843 0304 VolSnap - ok

12:48:57.0859 0304 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe

12:48:58.0015 0304 VSS - ok

12:48:58.0031 0304 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll

12:48:58.0171 0304 W32Time - ok

12:48:58.0203 0304 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

12:48:58.0343 0304 Wanarp - ok

12:48:58.0359 0304 WDICA - ok

12:48:58.0375 0304 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

12:48:58.0531 0304 wdmaud - ok

12:48:58.0546 0304 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll

12:48:58.0703 0304 WebClient - ok

12:48:58.0750 0304 winachsx (11ec1afceb5c917ce73d3c301ff4291e) C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys

12:48:58.0921 0304 winachsx - ok

12:48:58.0984 0304 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll

12:48:59.0140 0304 winmgmt - ok

12:48:59.0171 0304 WmdmPmSN (b9715b9c18bc6c8f4b66733d208cc9f7) C:\WINDOWS\system32\MsPMSNSv.dll

12:48:59.0250 0304 WmdmPmSN - ok

12:48:59.0296 0304 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll

12:48:59.0359 0304 Wmi - ok

12:48:59.0375 0304 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe

12:48:59.0578 0304 WmiApSrv - ok

12:48:59.0609 0304 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll

12:48:59.0781 0304 wscsvc - ok

12:48:59.0812 0304 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

12:48:59.0984 0304 WSTCODEC - ok

12:49:00.0000 0304 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll

12:49:00.0171 0304 wuauserv - ok

12:49:00.0203 0304 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll

12:49:00.0437 0304 WZCSVC - ok

12:49:00.0468 0304 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll

12:49:00.0640 0304 xmlprov - ok

12:49:00.0671 0304 MBR (0x1B8) (0ac6d996bce152aed9600e6d6b797e2e) \Device\Harddisk0\DR0

12:49:00.0734 0304 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

12:49:00.0734 0304 \Device\Harddisk0\DR0 - detected TDSS File System (1)

12:49:00.0734 0304 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk6\DR25

12:49:04.0343 0304 \Device\Harddisk6\DR25 - ok

12:49:04.0359 0304 Boot (0x1200) (17e91c11e5d330cebe664f9849245fb3) \Device\Harddisk0\DR0\Partition0

12:49:04.0359 0304 \Device\Harddisk0\DR0\Partition0 - ok

12:49:04.0359 0304 Boot (0x1200) (40127471c77eb020efd38ad6d08075a2) \Device\Harddisk0\DR0\Partition1

12:49:04.0359 0304 \Device\Harddisk0\DR0\Partition1 - ok

12:49:04.0359 0304 Boot (0x1200) (0142cddb77dbef1df019f8889ddfcd04) \Device\Harddisk6\DR25\Partition0

12:49:04.0375 0304 \Device\Harddisk6\DR25\Partition0 - ok

12:49:04.0375 0304 ============================================================

12:49:04.0375 0304 Scan finished

12:49:04.0375 0304 ============================================================

12:49:04.0484 3904 Detected object count: 8

12:49:04.0484 3904 Actual detected object count: 8

12:49:57.0531 3904 aspnet_state ( UnsignedFile.Multi.Generic ) - skipped by user

12:49:57.0531 3904 aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:49:57.0531 3904 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

12:49:57.0531 3904 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:49:57.0531 3904 MDM ( UnsignedFile.Multi.Generic ) - skipped by user

12:49:57.0531 3904 MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:49:57.0531 3904 MHN ( UnsignedFile.Multi.Generic ) - skipped by user

12:49:57.0531 3904 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:49:57.0546 3904 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user

12:49:57.0546 3904 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:49:57.0546 3904 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

12:49:57.0546 3904 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:49:57.0546 3904 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user

12:49:57.0546 3904 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:49:57.0546 3904 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

12:49:57.0546 3904 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

12:50:06.0187 4348 Deinitialize success

[nicholsmf]

Malwarebytes Anti-Malware 1.61.0.1400

www.malwarebytes.org

Database version: v2012.04.16.04

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

HP_Administrator :: YOUR-4DACD0EA75 [administrator]

4/16/2012 12:51:02 PM

mbam-log-2012-04-16 (12-51-02).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 202414

Time elapsed: 8 minute(s), 40 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[nicholsmf]

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702

Run by HP_Administrator at 13:09:28 on 2012-04-16

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1982.1312 [GMT -4:00]

.

AV: PC Cleaners *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

FW: McAfee Firewall *Enabled*

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\ehome\ehtray.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\DISC\DISCover.exe

C:\Program Files\DISC\DiscUpdMgr.exe

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\McAfee\MAT\McPvTray.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe

svchost.exe

C:\WINDOWS\eHome\ehRecvr.exe

C:\WINDOWS\eHome\ehSched.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\mfevtps.exe

C:\Program Files\McAfee Online Backup\MOBKbackup.exe

C:\WINDOWS\system32\nvsvc32.exe

svchost.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\WINDOWS\system32\dllhost.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\eHome\ehmsas.exe

C:\Program Files\DISC\DiscStreamHub.exe

c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

c:\windows\system\hpsysdrv.exe

C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.yahoo.com/

uSearch Page =

uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie8

uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PAVILION&pf=desktop

uWindow Title = Windows Internet Explorer provided by Yahoo!

mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PAVILION&pf=desktop

uSearchAssistant =

mSearchAssistant =

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120215081217.dll

BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll

TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRunOnce: [FlashPlayerUpdate] c:\windows\system32\macromed\flash\FlashUtil11g_Plugin.exe -update plugin

mRun: [ehTray] c:\windows\ehome\ehtray.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe

mRun: [DISCover] c:\program files\disc\DISCover.exe

mRun: [DiscUpdateManager] c:\program files\disc\DiscUpdMgr.exe

mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE

mRun: [PCDrProfiler]

mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [<NO NAME>]

mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey

mRun: [McPvTray_exe] "c:\program files\mcafee\mat\McPvTray.exe"

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\9972322\program\Updates from HP.exe

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\jp2iexp.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: trymedia.com

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab

TCP: DhcpNameServer = 192.168.0.1

TCP: Interfaces\{892900FC-9814-4488-99C0-81491C1EE93D} : DhcpNameServer = 16.92.3.242 16.92.3.243 16.81.3.243 16.118.3.243

TCP: Interfaces\{B45DB883-7F4E-460A-8AA5-CCBF54E84825} : DhcpNameServer = 192.168.0.1

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll

mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\4um13jxu.default\

FF - prefs.js: browser.startup.homepage - www.yahoo.com

FF - plugin: c:\documents and settings\hp_administrator\local settings\application data\unity\webplayer\loader\npUnity3D32.dll

FF - plugin: c:\progra~1\mcafee\msc\npMcSnFFPl.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mcafee\siteadvisor\NPMcFFPlg32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2012-2-15 64048]

R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-3-13 464176]

R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [2011-9-17 89792]

R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2012-2-15 54776]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-2-15 214904]

R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-2-15 214904]

R2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-2-15 214904]

R2 McProxy;McAfee Proxy Service;c:\program files\common files\mcafee\mcsvchost\McSvHost.exe [2012-2-15 214904]

R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]

R2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2012-2-15 166288]

R2 mfefire;McAfee Firewall Core Service;c:\program files\common files\mcafee\systemcore\mfefire.exe [2012-2-15 160608]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-9-17 150856]

R2 MOBKbackup;McAfee Online Backup;c:\program files\mcafee online backup\MOBKbackup.exe [2010-4-13 229688]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-9-17 57600]

R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-9-17 180816]

R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-9-17 59456]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2011-9-17 338176]

R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [2011-9-17 83856]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [2011-9-17 83856]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-9-17 87656]

.

=============== Created Last 30 ================

.

2012-04-12 21:22:38 -------- d-----w- c:\documents and settings\hp_administrator\application data\Malwarebytes

2012-04-12 21:22:08 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-04-12 21:22:05 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-04-12 21:22:04 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-04-04 05:53:56 182160 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll

2012-03-29 23:35:10 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\{D1A2FCCB-79F7-11E1-826D-B8AC6F996F26}

2012-03-25 18:21:13 -------- d-----w- c:\documents and settings\hp_administrator\application data\Unity

2012-03-25 17:22:12 -------- d-----w- c:\documents and settings\hp_administrator\local settings\application data\Unity

.

==================== Find3M ====================

.

2012-03-15 15:10:33 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-03-01 11:01:32 916992 ----a-w- c:\windows\system32\wininet.dll

2012-03-01 11:01:32 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-03-01 11:01:32 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-02-29 14:10:16 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-02-29 14:10:16 148480 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 12:17:40 385024 ----a-w- c:\windows\system32\html.iec

2012-02-07 15:02:40 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX

2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys

.

============= FINISH: 13:10:18.70 ===============

[nicholsmf]

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 9/17/2011 2:07:05 PM

System Uptime: 4/12/2012 5:36:14 PM (92 hours ago)

.

Motherboard: ASUSTek Computer INC. | | NODUSM

Processor: AMD Athlon 64 X2 Dual Core Processor 4200+ | Socket AM2 | 2204/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 222 GiB total, 202.437 GiB free.

D: is FIXED (FAT32) - 11 GiB total, 5.587 GiB free.

E: is CDROM ()

F: is Removable

G: is Removable

H: is Removable

I: is Removable

J: is Removable

K: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP139: 1/17/2012 5:29:49 PM - System Checkpoint

RP140: 1/18/2012 4:06:29 PM - Installed Comcast Desktop Software (v1.2.1)

RP141: 1/19/2012 4:39:09 PM - System Checkpoint

RP142: 1/20/2012 10:46:20 PM - System Checkpoint

RP143: 1/22/2012 12:22:16 AM - System Checkpoint

RP144: 1/27/2012 7:12:09 AM - Removed CA Pest Patrol Realtime Protection

RP145: 1/27/2012 7:12:29 AM - Removed Comcast Desktop Software (v1.2.1)

RP146: 1/27/2012 7:19:18 AM - Removed muvee autoProducer 5.0

RP147: 1/27/2012 7:20:07 AM - Removed muvee autoProducer unPlugged 2.0

RP148: 1/28/2012 8:21:57 AM - System Checkpoint

RP149: 1/29/2012 8:52:33 AM - System Checkpoint

RP150: 1/30/2012 9:37:28 AM - System Checkpoint

RP151: 1/31/2012 9:38:35 AM - System Checkpoint

RP152: 2/1/2012 10:37:30 AM - System Checkpoint

RP153: 2/2/2012 11:26:26 AM - System Checkpoint

RP154: 2/3/2012 11:26:33 AM - System Checkpoint

RP155: 2/4/2012 12:01:43 PM - System Checkpoint

RP156: 2/5/2012 12:30:37 PM - System Checkpoint

RP157: 2/6/2012 12:57:59 PM - System Checkpoint

RP158: 2/7/2012 9:06:17 PM - System Checkpoint

RP159: 2/8/2012 9:11:00 PM - System Checkpoint

RP160: 2/9/2012 9:43:01 PM - System Checkpoint

RP161: 2/10/2012 10:16:03 PM - System Checkpoint

RP162: 2/11/2012 7:23:45 PM - Installed Image Resizer Powertoy for Windows XP

RP163: 2/12/2012 7:31:01 PM - System Checkpoint

RP164: 2/13/2012 8:45:07 PM - System Checkpoint

RP165: 2/14/2012 9:31:01 PM - System Checkpoint

RP166: 2/15/2012 3:00:14 AM - Software Distribution Service 3.0

RP167: 2/16/2012 3:25:13 AM - System Checkpoint

RP168: 2/17/2012 4:23:31 AM - System Checkpoint

RP169: 2/18/2012 4:41:45 AM - System Checkpoint

RP170: 2/19/2012 7:06:26 AM - Installed Microsoft Office Professional 2007

RP171: 2/20/2012 3:00:28 AM - Software Distribution Service 3.0

RP172: 2/20/2012 9:19:21 AM - Software Distribution Service 3.0

RP173: 2/21/2012 3:00:22 AM - Software Distribution Service 3.0

RP174: 2/22/2012 3:00:16 AM - Software Distribution Service 3.0

RP175: 2/23/2012 3:04:44 AM - System Checkpoint

RP176: 2/24/2012 4:04:38 AM - System Checkpoint

RP177: 2/25/2012 5:04:44 AM - System Checkpoint

RP178: 2/26/2012 6:04:38 AM - System Checkpoint

RP179: 2/27/2012 6:16:39 AM - System Checkpoint

RP180: 2/28/2012 7:10:03 AM - System Checkpoint

RP181: 2/29/2012 8:35:30 AM - System Checkpoint

RP182: 3/1/2012 9:04:40 AM - System Checkpoint

RP183: 3/2/2012 9:45:55 AM - System Checkpoint

RP184: 3/3/2012 10:21:34 AM - System Checkpoint

RP185: 3/4/2012 11:53:33 AM - System Checkpoint

RP186: 3/5/2012 3:43:19 PM - System Checkpoint

RP187: 3/6/2012 7:24:29 PM - System Checkpoint

RP188: 3/7/2012 8:14:55 PM - System Checkpoint

RP189: 3/8/2012 9:12:14 PM - System Checkpoint

RP190: 3/9/2012 11:16:39 PM - System Checkpoint

RP191: 3/11/2012 12:59:03 PM - System Checkpoint

RP192: 3/13/2012 6:19:51 PM - System Checkpoint

RP193: 3/15/2012 3:00:15 AM - Software Distribution Service 3.0

RP194: 3/16/2012 3:24:14 AM - System Checkpoint

RP195: 3/17/2012 4:24:08 AM - System Checkpoint

RP196: 3/18/2012 7:16:11 AM - System Checkpoint

RP197: 3/19/2012 7:24:08 AM - System Checkpoint

RP198: 3/20/2012 8:24:05 AM - System Checkpoint

RP199: 3/21/2012 9:37:34 AM - System Checkpoint

RP200: 3/22/2012 10:24:09 AM - System Checkpoint

RP201: 3/23/2012 11:24:17 AM - System Checkpoint

RP202: 3/24/2012 11:25:24 AM - System Checkpoint

RP203: 3/25/2012 12:39:12 PM - System Checkpoint

RP204: 3/26/2012 12:50:17 PM - System Checkpoint

RP205: 3/27/2012 1:50:35 PM - System Checkpoint

RP206: 3/28/2012 2:06:16 PM - System Checkpoint

RP207: 3/29/2012 3:41:56 PM - System Checkpoint

RP208: 3/30/2012 4:16:16 PM - System Checkpoint

RP209: 3/31/2012 4:29:50 PM - System Checkpoint

RP210: 4/1/2012 5:24:21 PM - System Checkpoint

RP211: 4/2/2012 6:04:38 PM - System Checkpoint

RP212: 4/3/2012 6:04:53 PM - System Checkpoint

RP213: 4/4/2012 7:00:08 PM - System Checkpoint

RP214: 4/5/2012 8:30:41 PM - System Checkpoint

RP215: 4/6/2012 9:05:16 PM - System Checkpoint

RP216: 4/7/2012 10:05:29 PM - System Checkpoint

RP217: 4/8/2012 10:05:35 PM - System Checkpoint

RP218: 4/11/2012 3:00:19 AM - Software Distribution Service 3.0

RP219: 4/12/2012 3:26:39 AM - System Checkpoint

RP220: 4/13/2012 3:41:18 AM - System Checkpoint

RP221: 4/14/2012 3:53:23 AM - System Checkpoint

RP222: 4/15/2012 3:53:29 AM - System Checkpoint

RP223: 4/16/2012 4:41:37 AM - System Checkpoint

.

==== Installed Programs ======================

.

1600

1600_Help

1600Trb

3100_3200_3300_Help

3100_3200_3300trb

3300

Adobe AIR

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.3)

Adobe Shockwave Player 11.6

AiO_Scan

AiO_Scan_CDA

AiOSoftware

AiOSoftwareNPI

BufferChm

CameraDrivers

CameraUserGuides

CCleaner

CP_AtenaShokunin1Config

CP_CalendarTemplates1

cp_LightScribeConfig

cp_OnlineProjectsConfig

CP_Package_Basic1

CP_Package_Variety1

CP_Package_Variety2

CP_Package_Variety3

CP_Panorama1Config

cp_PosterPrintConfig

cp_UpdateProjectsConfig

CueTour

Customer Experience Enhancement

Data Fax SoftModem with SmartCP

Destinations

DeviceManagementQFolder

DISCover

DocProc

DocumentViewer

Fax

Fax_CDA

High Definition Audio Driver Package - KB888111

Hotfix for Windows Media Player 10 (KB903157)

Hotfix for Windows Media Player 10 (KB910393)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB981793)

HP Boot Optimizer

HP Deskjet Printer Preload

HP Document Viewer 6.1

HP Imaging Device Functions 7.0

HP Photosmart 330,380,420,470,7800,8000,8200 Series

HP Photosmart Cameras 6.0

HP Photosmart for Media Center PC

HP Photosmart Premier Software 6.5

HP Product Assistant

HP PSC & OfficeJet 5.3.B

HP PSC & OfficeJet 6.1.A

HP Rhapsody

HP Solution Center and Imaging Support Tools 6.1

HP Update

HP Web Helper

hpiCamDrvQFolder

HPPhotoSmartExpress

HPProductAssistant

HpSdpAppCoreApp

Image Resizer Powertoy for Windows XP

InstantShareAlert

InstantShareDevices

Java Auto Updater

Java 6 Update 29

Malwarebytes Anti-Malware version 1.61.0.1400

McAfee Online Backup

McAfee Security Scan Plus

McAfee Total Protection

Microsoft .NET Framework 1.0 Hotfix (KB2572066)

Microsoft .NET Framework 1.0 Hotfix (KB2656378)

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2656353)

Microsoft .NET Framework 1.1 Security Update (KB2656370)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Professional 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Office XP Media Content

Microsoft Software Update for Web Folders (English) 12

Mozilla Firefox 11.0 (x86 en-US)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NewCopy

NewCopy_CDA

NVIDIA Drivers

OptionalContentQFolder

PanoStandAlone

PC-Doctor 5 for Windows

PhotoGallery

ProductContext

ProductContextNPI

PSPrinters08

PSTAPlugin

RandMap

Readme

Realtek High Definition Audio Driver

Scan

ScannerCopy

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Windows (KB2564958)

Security Update for Step By Step Interactive Training (KB923723)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 10 (KB911565)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2491683)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982381)

Security Update for Windows XP (KB982665)

SkinsHP1

SlideShow

SlideShowMusic

SolutionCenter

Sonic_PrimoSDK

Status

swMSM

Toolbox

TrayApp

Unity Web Player

Unload

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition

Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Media Player 10 (KB913800)

Update for Windows Media Player 10 (KB926251)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2616676-v2)

Update for Windows XP (KB2641690)

Update for Windows XP (KB951978)

Update for Windows XP (KB953356)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update Rollup 2 for Windows XP Media Center Edition 2005

Updates from HP (remove only)

WebFldrs XP

WebReg

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format Runtime

Windows XP Media Center Edition 2005 KB2502898

Windows XP Media Center Edition 2005 KB2619340

Windows XP Media Center Edition 2005 KB2628259

Windows XP Media Center Edition 2005 KB908246

Windows XP Media Center Edition 2005 KB912067

Windows XP Media Center Edition 2005 KB973768

Windows XP Service Pack 3

.

==== Event Viewer Messages From Past Week ========

.

4/9/2012 7:52:14 AM, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 3 time(s).

4/9/2012 7:52:14 AM, error: Service Control Manager [7031] - The McAfee VirusScan Announcer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/9/2012 7:52:14 AM, error: Service Control Manager [7031] - The McAfee Services service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/9/2012 7:52:14 AM, error: Service Control Manager [7031] - The McAfee Proxy Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/9/2012 7:52:14 AM, error: Service Control Manager [7031] - The McAfee Personal Firewall Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/9/2012 7:52:14 AM, error: Service Control Manager [7031] - The McAfee Network Agent service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/9/2012 7:52:14 AM, error: Service Control Manager [7031] - The McAfee Anti-Spam Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

4/13/2012 6:18:58 AM, error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s).

4/12/2012 5:36:51 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: iaStor IntelIde ViaIde

4/12/2012 5:36:47 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.

.

==== End Of File ===========================

[Maniac]

Step 1

Please re-run TDSSKiller and use Delete option for this entrie:

12:49:57.0546 3904 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

12:49:57.0546 3904 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Step 2

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

[nicholsmf]

ComboFix 12-04-16.02 - HP_Administrator 04/17/2012 18:55:01.2.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1982.1400 [GMT -4:00]

Running from: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

AV: PC Cleaners *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}

FW: McAfee Firewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\docume~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll

c:\documents and settings\Administrator\WINDOWS

c:\documents and settings\Default User\WINDOWS

c:\documents and settings\HP_Administrator\Local Settings\Temp\IadHide5.dll

c:\documents and settings\HP_Administrator\WINDOWS

c:\windows\system32\config\systemprofile\WINDOWS

c:\windows\system32\PowerToyReadme.htm

D:\Autorun.inf

.

.

((((((((((((((((((((((((( Files Created from 2012-03-17 to 2012-04-17 )))))))))))))))))))))))))))))))

.

.

2012-04-16 20:44 . 2012-04-16 20:44 -------- d-----w- C:\TDSSKiller_Quarantine

2012-04-12 21:22 . 2012-04-12 21:22 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Malwarebytes

2012-04-12 21:22 . 2012-04-12 21:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-04-12 21:22 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-04-12 21:22 . 2012-04-12 21:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll

2012-03-29 23:35 . 2012-03-29 23:35 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\{D1A2FCCB-79F7-11E1-826D-B8AC6F996F26}

2012-03-25 18:21 . 2012-03-25 18:21 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Unity

2012-03-25 17:22 . 2012-03-25 17:22 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\Unity

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-15 15:10 . 2011-09-17 18:37 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-03-01 11:01 . 2011-09-17 20:11 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-03-01 11:01 . 2011-09-17 20:11 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-03-01 11:01 . 2008-08-16 08:29 916992 ----a-w- c:\windows\system32\wininet.dll

2012-02-29 14:10 . 2011-09-17 20:16 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-02-29 14:10 . 2004-08-10 18:00 148480 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 12:17 . 2011-09-17 20:08 385024 ----a-w- c:\windows\system32\html.iec

2012-02-07 15:02 . 2012-02-07 15:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX

2012-02-03 09:22 . 2008-08-16 08:29 1860096 ----a-w- c:\windows\system32\win32k.sys

2012-03-15 16:30 . 2012-01-27 12:48 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]

@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"

[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]

2010-04-14 01:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]

@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"

[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]

2010-04-14 01:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]

@="{b4caf489-1eec-c617-49ad-8d7088598c06}"

[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]

2010-04-14 01:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-30 67584]

"RTHDCPL"="RTHDCPL.EXE" [2006-03-08 16010240]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-25 7311360]

"nwiz"="nwiz.exe" [2006-01-25 1519616]

"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]

"DISCover"="c:\program files\DISC\DISCover.exe" [2006-03-16 1077248]

"DiscUpdateManager"="c:\program files\DISC\DiscUpdMgr.exe" [2006-03-16 61440]

"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568]

"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-16 249856]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1318816]

"McPvTray_exe"="c:\program files\McAfee\MAT\McPvTray.exe" [2011-04-08 419904]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-12-15 282624]

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

Updates From HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2008-8-16 36903]

.

c:\documents and settings\Default User\Start Menu\Programs\Startup\

Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-5-18 27136]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"c:\\Program Files\\DISC\\DISCover.exe"=

"c:\\Program Files\\DISC\\DiscStreamHub.exe"=

"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Common Files\\Mcafee\\McSvcHost\\McSvHost.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

.

R0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2/15/2012 9:13 AM 64048]

R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [9/17/2011 3:02 PM 89792]

R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2/15/2012 9:13 AM 54776]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2/15/2012 9:12 AM 214904]

R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2/15/2012 9:12 AM 214904]

R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2/15/2012 9:12 AM 214904]

R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\Mcafee\SystemCore\mfefire.exe [2/15/2012 9:12 AM 160608]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [9/17/2011 2:55 PM 150856]

R2 MOBKbackup;McAfee Online Backup;c:\program files\McAfee Online Backup\MOBKbackup.exe [4/13/2010 9:11 PM 229688]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [9/17/2011 3:02 PM 57600]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [9/17/2011 3:02 PM 338176]

R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [9/17/2011 3:02 PM 83856]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [1/15/2010 8:49 AM 227232]

S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [9/17/2011 3:02 PM 83856]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [9/17/2011 3:02 PM 87656]

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - mfeavfk01

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]

2009-03-08 08:32 128512 ----a-w- c:\windows\system32\advpack.dll

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/

uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PAVILION&pf=desktop

mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PAVILION&pf=desktop

uSearchAssistant =

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

Trusted Zone: trymedia.com

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\4um13jxu.default\

FF - prefs.js: browser.startup.homepage - www.yahoo.com

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-PCDrProfiler - (no file)

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-04-17 19:02

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

.

c:\docume~1\HP_ADM~1\LOCALS~1\Temp\CSC19.tmp 796 bytes

c:\docume~1\HP_ADM~1\LOCALS~1\Temp\mpthopkn.cmdline 346 bytes

c:\docume~1\HP_ADM~1\LOCALS~1\Temp\mpthopkn.err 0 bytes

c:\docume~1\HP_ADM~1\LOCALS~1\Temp\RES1A.tmp 1244 bytes

.

scan completed successfully

hidden files: 4

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(2060)

c:\windows\system32\WININET.dll

c:\progra~1\mcafee\SITEAD~1\saHook.dll

c:\program files\McAfee Online Backup\MOBKshell.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\RTHDCPL.EXE

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

c:\windows\system32\nvsvc32.exe

c:\windows\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE

c:\program files\Common Files\McAfee\SystemCore\mcshield.exe

c:\windows\ehome\mcrdsvc.exe

c:\windows\system32\dllhost.exe

c:\windows\system32\rundll32.exe

c:\windows\System32\vssvc.exe

c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe

c:\program files\DISC\DiscStreamHub.exe

c:\windows\eHome\ehmsas.exe

.

**************************************************************************

.

Completion time: 2012-04-17 19:06:09 - machine was rebooted

ComboFix-quarantined-files.txt 2012-04-17 23:06

.

Pre-Run: 217,286,316,032 bytes free

Post-Run: 217,236,774,912 bytes free

.

- - End Of File - - CD0FB82E4F86F6BD4AA133999D9CCF26

[Maniac]

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

http://forums.malwarebytes.org/index.php?showtopic=108636

SecCenter::
AV: PC Cleaners *Disabled/Updated* {737A8864-C2D9-4337-B49A-B5E35815B9BB}

Collect::
c:\documents and settings\hp_administrator\local settings\Temp\CSC19.tmp
c:\documents and settings\hp_administrator\local settings\Temp\mpthopkn.cmdline
c:\documents and settings\hp_administrator\local settings\Temp\mpthopkn.err
c:\documents and settings\hp_administrator\local settings\Temp\RES1A.tmp

DDS::
Trusted Zone: trymedia.com

JavaClearCache::

Save this as CFScript.txt, in the same location as ComboFix.exe

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

[nicholsmf]

ComboFix 12-04-16.02 - HP_Administrator 04/18/2012 17:43:45.3.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1982.1363 [GMT -4:00]

Running from: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe

Command switches used :: c:\documents and settings\HP_Administrator\Desktop\CFScript.txt

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}

FW: McAfee Firewall *Enabled* {94894B63-8C7F-4050-BDA4-813CA00DA3E8}

.

.

((((((((((((((((((((((((( Files Created from 2012-03-18 to 2012-04-18 )))))))))))))))))))))))))))))))

.

.

2012-04-16 20:44 . 2012-04-16 20:44 -------- d-----w- C:\TDSSKiller_Quarantine

2012-04-12 21:22 . 2012-04-12 21:22 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Malwarebytes

2012-04-12 21:22 . 2012-04-12 21:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-04-12 21:22 . 2012-04-04 19:56 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-04-12 21:22 . 2012-04-12 21:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll

2012-03-29 23:35 . 2012-03-29 23:35 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\{D1A2FCCB-79F7-11E1-826D-B8AC6F996F26}

2012-03-25 18:21 . 2012-03-25 18:21 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Unity

2012-03-25 17:22 . 2012-03-25 17:22 -------- d-----w- c:\documents and settings\HP_Administrator\Local Settings\Application Data\Unity

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-03-15 15:10 . 2011-09-17 18:37 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-03-01 11:01 . 2011-09-17 20:11 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-03-01 11:01 . 2011-09-17 20:11 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-03-01 11:01 . 2008-08-16 08:29 916992 ----a-w- c:\windows\system32\wininet.dll

2012-02-29 14:10 . 2011-09-17 20:16 177664 ----a-w- c:\windows\system32\wintrust.dll

2012-02-29 14:10 . 2004-08-10 18:00 148480 ----a-w- c:\windows\system32\imagehlp.dll

2012-02-29 12:17 . 2011-09-17 20:08 385024 ----a-w- c:\windows\system32\html.iec

2012-02-07 15:02 . 2012-02-07 15:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX

2012-02-03 09:22 . 2008-08-16 08:29 1860096 ----a-w- c:\windows\system32\win32k.sys

2012-03-15 16:30 . 2012-01-27 12:48 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-04-17_23.01.48 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-04-18 21:49 . 2012-04-18 21:49 16384 c:\windows\Temp\Perflib_Perfdata_49c.dat

+ 2012-04-18 21:49 . 2012-04-18 21:49 16384 c:\windows\Temp\Perflib_Perfdata_400.dat

+ 2005-08-31 03:51 . 2012-04-18 20:39 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat

- 2005-08-31 03:51 . 2012-04-17 22:14 32768 c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat

+ 2012-04-18 02:54 . 2012-04-18 20:39 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat

- 2005-08-31 03:51 . 2012-04-17 22:14 32768 c:\windows\system32\config\systemprofile\Cookies\index.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]

@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"

[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]

2010-04-14 01:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]

@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"

[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]

2010-04-14 01:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]

@="{b4caf489-1eec-c617-49ad-8d7088598c06}"

[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]

2010-04-14 01:11 2872120 ----a-w- c:\program files\McAfee Online Backup\MOBKshell.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-30 67584]

"RTHDCPL"="RTHDCPL.EXE" [2006-03-08 16010240]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-25 7311360]

"nwiz"="nwiz.exe" [2006-01-25 1519616]

"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]

"DISCover"="c:\program files\DISC\DISCover.exe" [2006-03-16 1077248]

"DiscUpdateManager"="c:\program files\DISC\DiscUpdMgr.exe" [2006-03-16 61440]

"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-23 237568]

"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-16 249856]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2011-11-22 1318816]

"McPvTray_exe"="c:\program files\McAfee\MAT\McPvTray.exe" [2011-04-08 419904]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-12-15 282624]

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

Updates From HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2008-8-16 36903]

.

c:\documents and settings\Default User\Start Menu\Programs\Startup\

Pin.lnk - c:\hp\bin\CLOAKER.EXE [2006-5-18 27136]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

"c:\\Program Files\\DISC\\DISCover.exe"=

"c:\\Program Files\\DISC\\DiscStreamHub.exe"=

"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Common Files\\Mcafee\\McSvcHost\\McSvHost.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

.

R0 McPvDrv;McPvDrv Driver;c:\windows\system32\drivers\McPvDrv.sys [2/15/2012 9:13 AM 64048]

R1 mfetdi2k;McAfee Inc. mfetdi2k;c:\windows\system32\drivers\mfetdi2k.sys [9/17/2011 3:02 PM 89792]

R1 MOBKFilter;MOBKFilter;c:\windows\system32\drivers\MOBK.sys [2/15/2012 9:13 AM 54776]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2/15/2012 9:12 AM 214904]

R2 McMPFSvc;McAfee Personal Firewall Service;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2/15/2012 9:12 AM 214904]

R2 McNaiAnn;McAfee VirusScan Announcer;"c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe" /McCoreSvc [2/15/2012 9:12 AM 214904]

R2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\Mcafee\SystemCore\mfefire.exe [2/15/2012 9:12 AM 160608]

R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [9/17/2011 2:55 PM 150856]

R2 MOBKbackup;McAfee Online Backup;c:\program files\McAfee Online Backup\MOBKbackup.exe [4/13/2010 9:11 PM 229688]

R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [9/17/2011 3:02 PM 57600]

R3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [9/17/2011 3:02 PM 338176]

R3 mfendiskmp;mfendiskmp;c:\windows\system32\drivers\mfendisk.sys [9/17/2011 3:02 PM 83856]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [1/15/2010 8:49 AM 227232]

S3 mfendisk;McAfee Core NDIS Intermediate Filter;c:\windows\system32\drivers\mfendisk.sys [9/17/2011 3:02 PM 83856]

S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [9/17/2011 3:02 PM 87656]

.

--- Other Services/Drivers In Memory ---

.

*Deregistered* - mfeavfk01

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]

2009-03-08 08:32 128512 ----a-w- c:\windows\system32\advpack.dll

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/

uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PAVILION&pf=desktop

mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=63&bd=PAVILION&pf=desktop

uSearchAssistant =

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\4um13jxu.default\

FF - prefs.js: browser.startup.homepage - www.yahoo.com

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-04-18 17:49

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(3112)

c:\windows\system32\WININET.dll

c:\progra~1\mcafee\SITEAD~1\saHook.dll

c:\docume~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll

c:\program files\McAfee Online Backup\MOBKshell.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\RTHDCPL.EXE

c:\windows\eHome\ehRecvr.exe

c:\windows\eHome\ehSched.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

c:\windows\system32\nvsvc32.exe

c:\windows\System32\spool\DRIVERS\W32X86\3\HPZIPM12.EXE

c:\windows\ehome\mcrdsvc.exe

c:\program files\Common Files\McAfee\SystemCore\mcshield.exe

c:\windows\system32\dllhost.exe

c:\windows\system32\rundll32.exe

c:\windows\system32\wscntfy.exe

c:\windows\eHome\ehmsas.exe

c:\windows\System32\vssvc.exe

c:\program files\DISC\DiscStreamHub.exe

c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe

.

**************************************************************************

.

Completion time: 2012-04-18 17:52:13 - machine was rebooted

ComboFix-quarantined-files.txt 2012-04-18 21:52

.

Pre-Run: 217,179,897,856 bytes free

Post-Run: 217,158,991,872 bytes free

.

- - End Of File - - A5B98C261D42558E1CCA4057B01E2620

[Maniac]

Please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan

• Tick the box next to YES, I accept the Terms of Use
  
• Click Start
  
• When asked, allow the ActiveX control to install
  
• Click Start
  
• Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  
• Click Scan (This scan can take several hours, so please be patient)
  
• Once the scan is completed, you may close the window
  
• Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
  
• Copy and paste that log as a reply to this topic
  

[nicholsmf]

Said there were no threats found. Here's the log.

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

# version=7

# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=003277d6f95ae744a709f83bcd3787f4

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-04-19 05:06:34

# local_time=2012-04-19 01:06:34 (-0500, Eastern Daylight Time)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=5121 16777173 100 75 23360 35229642 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=110396

# found=0

# cleaned=0

# scan_time=5412

[Maniac]

How are things there?

[nicholsmf]

How are things there?

Still getting random redirects from Google.

[Maniac]

Please re-install your Firefox (without your data and settings) and let me know:

http://support.mozilla.org/en-US/kb/Uninstalling%20Firefox

[nicholsmf]

Please re-install your Firefox (without your data and settings) and let me know:

http://support.mozil...lling%20Firefox

So far, so good. Thank you.

[Maniac]

Glad I help you!

Please uninstall ComboFix:

www.bleepingcomputer.com/combofix/how-to-use-combofix#uninstall

Next, manually delete DDS and TDSSKiller. Then uninstall ESET Online Scanner.

Some malware prevention tips:

http://forums.malwarebytes.org/index.php?showtopic=104379&pid=515983&st=0entry515983

Safe surfing!

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!