jeffaward Posted June 12, 2012 ID:559840 Share Posted June 12, 2012 About 3 weeks ago, I discovered I was infected with rootkit.0access.h on my computer. I have tried a few different removal options but nothing seems to actually remove it. I used MB, tdsskiller, and super antispyware but it is still showing up. I am considering reinstalling or repairing Windows but thought I would try here. Any help is appreciated. I have never had to post about virus removal so any information that may be helpful, I would need help knowing where to find it.Thanks, Jeff Link to post Share on other sites More sharing options...
Maniac Posted June 12, 2012 ID:559853 Share Posted June 12, 2012 Hello Jeff and ! My name is Maniac and I will be glad to help you solve your malware problem.Please note:If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.Make sure you read all of the instructions and fixes thoroughly before continuing with them.Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.Please follow the instructions here and post both log files:http://forums.malwarebytes.org/index.php?showtopic=9573 Link to post Share on other sites More sharing options...
jeffaward Posted June 12, 2012 Author ID:559855 Share Posted June 12, 2012 I'm running a fresh scan of MB now and will get the .dds right after. I will get the logs as soon as they are finished. Thanks. Link to post Share on other sites More sharing options...
jeffaward Posted June 12, 2012 Author ID:559909 Share Posted June 12, 2012 Malwarebytes Anti-Malware 1.61.0.1400www.malwarebytes.orgDatabase version: v2012.06.12.05Windows XP Service Pack 3 x86 NTFSInternet Explorer 8.0.6001.18702Jeff Snyder :: JEFF [administrator]6/12/2012 10:48:35 AMmbam-log-2012-06-12 (10-48-35).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 307026Time elapsed: 2 hour(s), 4 minute(s), 56 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 1C:\WINDOWS\system32\pdlnshay.dll (RootKit.0Access.H) -> Delete on reboot.Registry Keys Detected: 2HKCR\CLSID\{A3CCEDF7-2DE2-11D0-86F4-00A0C913F750} (Trojan.Agent.H) -> Delete on reboot.HKCR\PNGFilter.CoPNGFilter.1 (Trojan.Agent.H) -> Quarantined and deleted successfully.Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 4C:\WINDOWS\system32\pdlnshay.dll (RootKit.0Access.H) -> Delete on reboot.C:\Documents and Settings\Jeff Snyder\Local Settings\Temp\145.tmp (Trojan.Agent.H) -> Delete on reboot.C:\Documents and Settings\Jeff Snyder\Local Settings\Temp\fir0.exe (Trojan.Agent.MRGGen) -> Quarantined and deleted successfully.C:\Documents and Settings\Jeff Snyder\Local Settings\Temp\0.6684617860996616.htm (Trojan.Agent.H) -> Quarantined and deleted successfully.(end).DDS (Ver_2011-08-26.01) - NTFSx86Internet Explorer: 8.0.6001.18702Run by Jeff Snyder at 13:12:37 on 2012-06-12Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.998.65 [GMT -5:00].AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}FW: McAfee Firewall *Disabled*.============== Running Processes ===============.C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupsvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEsvchost.exeC:\Program Files\SUPERAntiSpyware\SASCORE.EXEC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Intel\AMT\LMS.exeC:\Program Files\McAfee\SiteAdvisor\McSACore.exeC:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exeC:\WINDOWS\system32\mfevtps.exeC:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exeC:\WINDOWS\system32\HPZipm12.exeC:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYSC:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\McAfee\SystemCore\mcshield.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Common Files\McAfee\SystemCore\mfefire.exeC:\WINDOWS\system32\fxssvc.exeC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\WINDOWS\system32\igfxtray.exeC:\Program Files\Hewlett-Packard\hp business inkjet 1200 series\Toolbox\HPWNTBX.exeC:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exeC:\WINDOWS\System32\svchost.exe -k HTTPFilterC:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\WINDOWS\system32\mdm.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Google\Google Talk\googletalk.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exeC:\UPS\WSTD\WSTDMessaging.exeC:\Documents and Settings\Jeff Snyder\Application Data\Dropbox\bin\Dropbox.exeC:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\System32\vssvc.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\system32\dllhost.exec:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe\\.\globalroot\SystemRoot\system32\svchost.exe -k netsvcs.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.comcast.net/uWindow Title = Windows Internet Explorer provided by ComcastuDefault_Search_URL = 687474703a2f2f7777772e476f6f676c652e636f6d2fuSearch Bar = 687474703a2f2f7777772e476f6f676c652e636f6d2fuSearch Page = 687474703a2f2f7777772e476f6f676c652e636f6d2fuSearchMigratedDefaultURL = 687474703a2f2f7777772e476f6f676c652e636f6d2fmWindow Title = Windows Internet Explorer provided by ComcastmSearch Bar = 687474703a2f2f7777772e476f6f676c652e636f6d2fmSearchMigratedDefaultURL = 687474703a2f2f7777772e476f6f676c652e636f6d2fuInternet Settings,ProxyOverride = *.localuSearchAssistant = 687474703a2f2f7777772e476f6f676c652e636f6d2fmSearchURL = 687474703a2f2f7777772e476f6f676c652e636f6d2fmSearchAssistant = 687474703a2f2f7777772e476f6f676c652e636f6d2fBHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dllBHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dllBHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No FileBHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - Symantec Intrusion PreventionBHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120428182603.dllBHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar3.dllBHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllBHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dllBHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dllBHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\windows\system32\BAE.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllTB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllTB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No FileTB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dllTB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar3.dllEB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dlluRun: [googletalk] "c:\program files\google\google talk\googletalk.exe" /autostartuRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exemRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"mRun: [Reminder] %WINDIR%\Creator\Remind_XP.exemRun: [Recguard] %WINDIR%\SMINST\RECGUARD.EXEmRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HPWNTOOLBOX] c:\program files\hewlett-packard\hp business inkjet 1200 series\toolbox\HPWNTBX.exe "-i"mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXEmRun: [intelAudioStudio] "c:\program files\intel audio studio\IntelAudioStudio.exe" TRAYmRun: [NA1Messenger] c:\ups\wstd\UPSNA1Msgr.exemRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exemRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkeymRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottimemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -tIE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLLLSP: mswsock.dllDPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cabDPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cabDPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://by144fd.bay144.hotmail.msn.com/resources/MsnPUpld.cabDPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cabDPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178042772078DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cabDPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cabDPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab53083.cabDPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cabDPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://chill.comcast.net/Gameshell/GameHost/1.0/OberonGameHost.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cabDPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://vocalocity.webex.com/client/T27LB/nbr/ieatgpc.cabFilter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dllHandler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dllNotify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLLNotify: igfxcui - igfxdev.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL.============= SERVICES / DRIVERS ===============.R? AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update ServiceR? gupdate1c991013bdbe492;Google Update Service (gupdate1c991013bdbe492)R? gupdatem;Google Update Service (gupdatem)R? MBAMSwissArmy;MBAMSwissArmyR? mfebopk;McAfee Inc. mfebopkR? mfendisk;McAfee Core NDIS Intermediate FilterR? mferkdet;McAfee Inc. mferkdetR? mferkdk;McAfee Inc. mferkdkR? NPF;WinPcap Packet Driver (NPF)R? SASENUM;SASENUMR? SQLAgent$UPSWSDBSERVER;SQLAgent$UPSWSDBSERVERS? !SASCORE;SAS Core ServiceS? cfwids;McAfee Inc. cfwidsS? McAfee SiteAdvisor Service;McAfee SiteAdvisor ServiceS? McMPFSvc;McAfee Personal Firewall ServiceS? McNaiAnn;McAfee VirusScan AnnouncerS? McProxy;McAfee Proxy ServiceS? McShield;McAfee McShieldS? mfeavfk;McAfee Inc. mfeavfkS? mfefire;McAfee Firewall Core ServiceS? mfefirek;McAfee Inc. mfefirekS? mfehidk;McAfee Inc. mfehidkS? mfendiskmp;mfendiskmpS? mfetdi2k;McAfee Inc. mfetdi2kS? mfevtp;McAfee Validation Trust Protection ServiceS? MSSQL$UPSWSDBSERVER;MSSQL$UPSWSDBSERVERS? SASDIFSV;SASDIFSVS? SASKUTIL;SASKUTIL.=============== Created Last 30 ================.2012-06-12 15:33:23 40776 -c--a-w- c:\windows\system32\drivers\mbamswissarmy.sys2012-05-15 16:27:55 -------- dc----w- C:\7d519ce54c1a8a72c36e0d2eebf32012-05-14 17:24:53 -------- dc----w- C:\a2e1398811d49f46355c5e2012-05-14 16:08:04 -------- dc----w- C:\ec5daa06ac634b13dafc810e242012-05-14 16:02:56 -------- dc----w- c:\documents and settings\jeff snyder\local settings\application data\PCHealth.==================== Find3M ====================.2012-06-12 18:01:38 0 -csha-w- c:\windows\system32\dds_trash_log.cmd2012-05-08 18:33:07 50704 -c--a-w- c:\windows\system32\drivers\npf.sys2012-05-08 18:33:07 281104 -c--a-w- c:\windows\system32\wpcap.dll2012-05-08 18:33:07 100880 -c--a-w- c:\windows\system32\Packet.dll2012-05-04 17:40:03 419488 -c--a-w- c:\windows\system32\FlashPlayerApp.exe2012-05-04 17:40:02 70304 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-04-11 13:14:41 2148352 -c--a-w- c:\windows\system32\ntoskrnl.exe2012-04-11 13:12:06 1862272 -c--a-w- c:\windows\system32\win32k.sys2012-04-11 12:35:51 2026496 -c--a-w- c:\windows\system32\ntkrnlpa.exe2012-04-04 20:56:40 22344 -c--a-w- c:\windows\system32\drivers\mbam.sys2012-03-20 18:11:32 151880 -c--a-w- c:\windows\system32\mfevtps.exe.============= FINISH: 13:25:19.42 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume1Install Date: 11/6/2006 2:52:58 PMSystem Uptime: 6/12/2012 1:01:02 PM (0 hours ago).Motherboard: Intel Corporation | | DQ965MTProcessor: Intel® Core2 CPU 6300 @ 1.86GHz | | 1864/266mhz.==== Disk Partitions =========================.A: is RemovableC: is FIXED (NTFS) - 70 GiB total, 7.916 GiB free.D: is FIXED (FAT32) - 4 GiB total, 1.513 GiB free.E: is CDROM ()F: is Removable.==== Disabled Device Manager Items =============.Class GUID:Description: Audio Device on High Definition Audio BusDevice ID: HDAUDIO\FUNC_01&VEN_8384&DEV_7618&SUBSYS_107B5058&REV_1002\4&22347350&0&0201Manufacturer:Name: Audio Device on High Definition Audio BusPNP Device ID: HDAUDIO\FUNC_01&VEN_8384&DEV_7618&SUBSYS_107B5058&REV_1002\4&22347350&0&0201Service:.Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}Description: Parallel DeviceDevice ID: ROOT\LEGACY_HPFECP15\0000Manufacturer:Name: Parallel DevicePNP Device ID: ROOT\LEGACY_HPFECP15\0000Service: HPFECP15.==== System Restore Points ===================.RP1664: 3/23/2012 1:34:53 PM - System CheckpointRP1665: 3/24/2012 2:21:23 PM - System CheckpointRP1666: 3/25/2012 3:21:25 PM - System CheckpointRP1667: 3/26/2012 3:36:40 PM - System CheckpointRP1668: 3/27/2012 4:09:49 PM - System CheckpointRP1669: 3/28/2012 4:21:51 PM - System CheckpointRP1670: 3/29/2012 5:01:17 PM - System CheckpointRP1671: 3/30/2012 5:17:18 PM - System CheckpointRP1672: 3/31/2012 5:29:19 PM - System CheckpointRP1673: 4/1/2012 6:29:31 PM - System CheckpointRP1674: 4/2/2012 7:29:40 PM - System CheckpointRP1675: 4/3/2012 7:30:10 PM - System CheckpointRP1676: 4/4/2012 8:40:18 PM - System CheckpointRP1677: 4/5/2012 9:02:25 PM - System CheckpointRP1678: 4/6/2012 10:02:18 PM - System CheckpointRP1679: 4/9/2012 8:08:27 AM - System CheckpointRP1680: 4/10/2012 10:43:47 AM - System CheckpointRP1681: 4/11/2012 11:33:33 AM - System CheckpointRP1682: 4/11/2012 9:59:38 PM - Software Distribution Service 3.0RP1683: 4/12/2012 10:09:55 PM - System CheckpointRP1684: 4/13/2012 11:09:54 PM - System CheckpointRP1685: 4/15/2012 12:09:57 AM - System CheckpointRP1686: 4/16/2012 9:13:07 AM - System CheckpointRP1687: 4/17/2012 9:37:53 AM - System CheckpointRP1688: 4/18/2012 10:36:17 AM - System CheckpointRP1689: 4/19/2012 11:12:59 AM - System CheckpointRP1690: 4/20/2012 12:19:36 PM - System CheckpointRP1691: 4/23/2012 9:09:23 AM - System CheckpointRP1692: 4/24/2012 10:00:11 AM - System CheckpointRP1693: 4/25/2012 10:20:40 AM - System CheckpointRP1694: 4/26/2012 10:42:09 AM - System CheckpointRP1695: 4/27/2012 11:05:53 AM - System CheckpointRP1696: 4/28/2012 11:29:24 AM - System CheckpointRP1697: 4/29/2012 11:53:16 AM - System CheckpointRP1698: 4/30/2012 12:53:09 PM - System CheckpointRP1699: 5/1/2012 1:08:26 PM - System CheckpointRP1700: 5/2/2012 1:40:29 PM - System CheckpointRP1701: 5/3/2012 3:02:21 PM - System CheckpointRP1702: 5/4/2012 3:37:59 PM - System CheckpointRP1703: 5/5/2012 4:01:24 PM - System CheckpointRP1704: 5/6/2012 4:18:08 PM - System CheckpointRP1705: 5/7/2012 5:18:05 PM - System CheckpointRP1706: 5/7/2012 8:53:59 PM - Removed SUPERAntiSpyware Free EditionRP1707: 5/9/2012 1:34:01 AM - Software Distribution Service 3.0RP1708: 5/10/2012 2:14:26 AM - System CheckpointRP1709: 5/11/2012 2:57:15 AM - System CheckpointRP1710: 5/12/2012 3:33:22 AM - System CheckpointRP1711: 5/13/2012 4:33:17 AM - System CheckpointRP1712: 5/14/2012 4:41:47 AM - System CheckpointRP1713: 5/14/2012 11:01:00 AM - Software Distribution Service 3.0RP1714: 5/14/2012 12:11:41 PM - Software Distribution Service 3.0RP1715: 5/15/2012 11:26:52 AM - Software Distribution Service 3.0RP1716: 5/15/2012 11:42:34 AM - Software Distribution Service 3.0RP1717: 5/15/2012 11:48:52 AM - Software Distribution Service 3.0RP1718: 5/16/2012 12:32:13 PM - System CheckpointRP1719: 5/17/2012 12:44:10 PM - System CheckpointRP1720: 5/18/2012 1:42:05 PM - System CheckpointRP1721: 5/19/2012 2:30:03 PM - System CheckpointRP1722: 5/20/2012 2:42:04 PM - System CheckpointRP1723: 5/21/2012 11:00:23 AM - Software Distribution Service 3.0RP1724: 5/21/2012 4:19:17 PM - Software Distribution Service 3.0RP1725: 5/22/2012 4:35:53 PM - System CheckpointRP1726: 5/23/2012 5:06:44 PM - System CheckpointRP1727: 5/24/2012 6:06:43 PM - System CheckpointRP1728: 5/25/2012 6:08:53 PM - System CheckpointRP1729: 5/26/2012 7:08:54 PM - System CheckpointRP1730: 5/27/2012 8:10:54 PM - System CheckpointRP1731: 5/28/2012 11:00:22 AM - Software Distribution Service 3.0RP1732: 5/29/2012 11:10:52 AM - System CheckpointRP1733: 6/1/2012 3:23:22 PM - System CheckpointRP1734: 6/2/2012 4:24:21 PM - System CheckpointRP1735: 6/3/2012 5:12:20 PM - System CheckpointRP1736: 6/4/2012 11:00:18 AM - Software Distribution Service 3.0RP1737: 6/5/2012 11:12:10 AM - System CheckpointRP1738: 6/6/2012 12:34:26 PM - System CheckpointRP1739: 6/7/2012 12:43:02 PM - System CheckpointRP1740: 6/8/2012 1:12:40 PM - System CheckpointRP1741: 6/9/2012 1:13:09 PM - System CheckpointRP1742: 6/10/2012 1:14:38 PM - System CheckpointRP1743: 6/11/2012 11:00:18 AM - Software Distribution Service 3.0RP1744: 6/12/2012 9:16:34 AM - Software Distribution Service 3.0.==== Installed Programs ======================.Add or Remove Adobe Creative Suite 3 Design PremiumAdobe Acrobat 8 ProfessionalAdobe Acrobat 8.1.4 ProfessionalAdobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)Adobe Anchor Service CS3Adobe Asset Services CS3Adobe Bridge CS3Adobe Bridge Start MeetingAdobe BridgeTalk Plugin CS3Adobe Camera Raw 4.0Adobe CMapsAdobe Color - Photoshop SpecificAdobe Color Common SettingsAdobe Color EU Extra SettingsAdobe Color JA Extra SettingsAdobe Color NA Recommended SettingsAdobe Creative Suite 3 Design PremiumAdobe Default Language CS3Adobe Device Central CS3Adobe Dreamweaver CS3Adobe ExtendScript Toolkit 2Adobe Extension Manager CS3Adobe Flash CS3Adobe Flash Player 11 ActiveXAdobe Flash Player 9 PluginAdobe Flash Video EncoderAdobe Fonts AllAdobe Help Viewer CS3Adobe Illustrator CS3Adobe InDesign CS3Adobe InDesign CS3 Icon HandlerAdobe Linguistics CS3Adobe MotionPicture Color FilesAdobe PDF Library FilesAdobe Photoshop CS3Adobe Reader 8.2.0Adobe SetupAdobe Shockwave Player 11.5Adobe SING CS3Adobe Stock Photos CS3Adobe Type SupportAdobe Update Manager CS3Adobe Version Cue CS3 ClientAdobe Version Cue CS3 Server {ko_KR}Adobe WAS CS3Adobe WinSoft Linguistics PluginAdobe XMP Panels CS3AHV content for Acrobat and FlashAlignmentUtilityAlpha Five V7AnimationLab v3Apple Application SupportApple Mobile Device SupportApple Software UpdateBlackBerry Desktop Software 6.0BonjourBrowser Address Error RedirectorCarboniteCCCComcast High-Speed Internet Install WizardCompatibility Pack for the 2007 Office systemCorel ApplicationsCritical Update for Windows Media Player 11 (KB959772)Data Access Objects (DAO) 3.5Desktop DoctorDropboxDynex mini card readerEmotion 3D Web Edition 1.5Facebook Plug-InFinale NotePad 2008FloorPlan 3D v8FormsComponentFOSSGearDrvsGoogle EarthGoogle Talk (remove only)Google Toolbar for Internet ExplorerGoogle Update HelperHandBrake 0.9.5High Definition Audio Driver Package - KB888111Hotfix 2050 for SQL Server 2000 ENU (KB948110)Hotfix 2055 for SQL Server 2000 ENU (KB960082)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows Internet Explorer 7 (KB947864)Hotfix for Windows Media Format 11 SDK (KB929399)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB2158563)Hotfix for Windows XP (KB2443685)Hotfix for Windows XP (KB2570791)Hotfix for Windows XP (KB2633952)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB970653-v3)Hotfix for Windows XP (KB976098-v2)Hotfix for Windows XP (KB979306)Hotfix for Windows XP (KB981793)HP Business Inkjet 1200HP Deskjet 6900 seriesHP PrecisionScan Pro 3.0i960 EmulatorICCHelpIntel Audio StudioIntel® Active Management Technology LMS Service and SOL DriverIntel® Graphics Media Accelerator DriverIntel® Management Engine InterfaceIntel® PRO Network Connections DriversiTunesJava Auto UpdaterJava 6 Update 25Junk Mail filter updateLogitech SetPointMalwarebytes Anti-Malware version 1.61.0.1400McAfee Internet SecurityMediaLifeMicrosoft .NET Framework 1.1Microsoft .NET Framework 1.1 Security Update (KB2656353)Microsoft .NET Framework 1.1 Security Update (KB2656370)Microsoft .NET Framework 1.1 Security Update (KB979906)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft Application Error ReportingMicrosoft Choice GuardMicrosoft Compression Client Pack 1.0 for Windows XPMicrosoft Internationalized Domain Names Mitigation APIsMicrosoft National Language Support Downlevel APIsMicrosoft Office Small Business Edition 2003Microsoft SilverlightMicrosoft SQL Server Desktop Engine (UPSWSDBSERVER)Microsoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161MSICheckerMSNMSVCRTMSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Musicmatch® JukeboxNA1MessengerNero BurnRightsNero OEMNetWaitingNRFOctoshape add-in for Adobe Flash PlayerOGA Notifier 2.0.0048.0OmniForm 4.0PDF SettingsPolicyManagerPowerDVDQFolderQuickTimeRealPlayerReconcilerRecovery Software Suite GatewayRegCure 1.5.0.1ReportServerRhapsody Player EngineSafariScan Manager 5.1Security Update for CAPICOM (KB931906)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft Windows (KB2564958)Security Update for Step By Step Interactive Training (KB898458)Security Update for Windows Internet Explorer 7 (KB928090)Security Update for Windows Internet Explorer 7 (KB929969)Security Update for Windows Internet Explorer 7 (KB931768)Security Update for Windows Internet Explorer 7 (KB933566)Security Update for Windows Internet Explorer 7 (KB937143)Security Update for Windows Internet Explorer 7 (KB938127)Security Update for Windows Internet Explorer 7 (KB939653)Security Update for Windows Internet Explorer 7 (KB942615)Security Update for Windows Internet Explorer 7 (KB944533)Security Update for Windows Internet Explorer 7 (KB950759)Security Update for Windows Internet Explorer 7 (KB953838)Security Update for Windows Internet Explorer 7 (KB956390)Security Update for Windows Internet Explorer 7 (KB958215)Security Update for Windows Internet Explorer 7 (KB960714)Security Update for Windows Internet Explorer 7 (KB961260)Security Update for Windows Internet Explorer 7 (KB963027)Security Update for Windows Internet Explorer 7 (KB969897)Security Update for Windows Internet Explorer 7 (KB972260)Security Update for Windows Internet Explorer 8 (KB2183461)Security Update for Windows Internet Explorer 8 (KB2360131)Security Update for Windows Internet Explorer 8 (KB2416400)Security Update for Windows Internet Explorer 8 (KB2482017)Security Update for Windows Internet Explorer 8 (KB2497640)Security Update for Windows Internet Explorer 8 (KB2510531)Security Update for Windows Internet Explorer 8 (KB2530548)Security Update for Windows Internet Explorer 8 (KB2544521)Security Update for Windows Internet Explorer 8 (KB2559049)Security Update for Windows Internet Explorer 8 (KB2586448)Security Update for Windows Internet Explorer 8 (KB2618444)Security Update for Windows Internet Explorer 8 (KB2647516)Security Update for Windows Internet Explorer 8 (KB2675157)Security Update for Windows Internet Explorer 8 (KB971961)Security Update for Windows Internet Explorer 8 (KB972260)Security Update for Windows Internet Explorer 8 (KB974455)Security Update for Windows Internet Explorer 8 (KB976325)Security Update for Windows Internet Explorer 8 (KB978207)Security Update for Windows Internet Explorer 8 (KB981332)Security Update for Windows Internet Explorer 8 (KB982381)Security Update for Windows Media Player (KB2378111)Security Update for Windows Media Player (KB911564)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB968816)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB975558)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player 10 (KB911565)Security Update for Windows Media Player 10 (KB917734)Security Update for Windows Media Player 11 (KB936782)Security Update for Windows Media Player 11 (KB954154)Security Update for Windows Media Player 6.4 (KB925398)Security Update for Windows XP (KB2079403)Security Update for Windows XP (KB2115168)Security Update for Windows XP (KB2121546)Security Update for Windows XP (KB2160329)Security Update for Windows XP (KB2229593)Security Update for Windows XP (KB2259922)Security Update for Windows XP (KB2279986)Security Update for Windows XP (KB2286198)Security Update for Windows XP (KB2296011)Security Update for Windows XP (KB2296199)Security Update for Windows XP (KB2347290)Security Update for Windows XP (KB2360937)Security Update for Windows XP (KB2387149)Security Update for Windows XP (KB2393802)Security Update for Windows XP (KB2412687)Security Update for Windows XP (KB2419632)Security Update for Windows XP (KB2423089)Security Update for Windows XP (KB2436673)Security Update for Windows XP (KB2440591)Security Update for Windows XP (KB2443105)Security Update for Windows XP (KB2476490)Security Update for Windows XP (KB2476687)Security Update for Windows XP (KB2478960)Security Update for Windows XP (KB2478971)Security Update for Windows XP (KB2479628)Security Update for Windows XP (KB2479943)Security Update for Windows XP (KB2481109)Security Update for Windows XP (KB2483185)Security Update for Windows XP (KB2485376)Security Update for Windows XP (KB2485663)Security Update for Windows XP (KB2491683)Security Update for Windows XP (KB2503658)Security Update for Windows XP (KB2503665)Security Update for Windows XP (KB2506212)Security Update for Windows XP (KB2506223)Security Update for Windows XP (KB2507618)Security Update for Windows XP (KB2507938)Security Update for Windows XP (KB2508272)Security Update for Windows XP (KB2508429)Security Update for Windows XP (KB2509553)Security Update for Windows XP (KB2511455)Security Update for Windows XP (KB2524375)Security Update for Windows XP (KB2535512)Security Update for Windows XP (KB2536276-v2)Security Update for Windows XP (KB2536276)Security Update for Windows XP (KB2544893-v2)Security Update for Windows XP (KB2544893)Security Update for Windows XP (KB2555917)Security Update for Windows XP (KB2562937)Security Update for Windows XP (KB2566454)Security Update for Windows XP (KB2567053)Security Update for Windows XP (KB2567680)Security Update for Windows XP (KB2570222)Security Update for Windows XP (KB2570947)Security Update for Windows XP (KB2584146)Security Update for Windows XP (KB2585542)Security Update for Windows XP (KB2592799)Security Update for Windows XP (KB2598479)Security Update for Windows XP (KB2603381)Security Update for Windows XP (KB2618451)Security Update for Windows XP (KB2619339)Security Update for Windows XP (KB2620712)Security Update for Windows XP (KB2621440)Security Update for Windows XP (KB2624667)Security Update for Windows XP (KB2631813)Security Update for Windows XP (KB2633171)Security Update for Windows XP (KB2639417)Security Update for Windows XP (KB2641653)Security Update for Windows XP (KB2646524)Security Update for Windows XP (KB2647518)Security Update for Windows XP (KB2653956)Security Update for Windows XP (KB2659262)Security Update for Windows XP (KB2660465)Security Update for Windows XP (KB2661637)Security Update for Windows XP (KB2676562)Security Update for Windows XP (KB2686509)Security Update for Windows XP (KB2695962)Security Update for Windows XP (KB913433)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923689)Security Update for Windows XP (KB938464-v2)Security Update for Windows XP (KB938464)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950760)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951376)Security Update for Windows XP (KB951698)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB953839)Security Update for Windows XP (KB954211)Security Update for Windows XP (KB954459)Security Update for Windows XP (KB954600)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956391)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956744)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956841)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957095)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958690)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960715)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961371)Security Update for Windows XP (KB961373)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB968537)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969898)Security Update for Windows XP (KB969947)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971486)Security Update for Windows XP (KB971557)Security Update for Windows XP (KB971633)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973346)Security Update for Windows XP (KB973354)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973525)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975562)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977165)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978251)Security Update for Windows XP (KB978262)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979559)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB979687)Security Update for Windows XP (KB980195)Security Update for Windows XP (KB980218)Security Update for Windows XP (KB980232)Security Update for Windows XP (KB980436)Security Update for Windows XP (KB981322)Security Update for Windows XP (KB981852)Security Update for Windows XP (KB981957)Security Update for Windows XP (KB981997)Security Update for Windows XP (KB982132)Security Update for Windows XP (KB982214)Security Update for Windows XP (KB982665)Security Update for Windows XP (KB982802)Segoe UISibelius Scorch (ActiveX Only)Spelling Dictionaries Support For Adobe Reader 8SUPERAntiSpywareSupportUtilitySymantec Technical Support Advanced Chat ControlsSystemTurboCAD Professional v10.5UnifiedPrintingUpdate for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Windows Internet Explorer 8 (KB972636)Update for Windows Internet Explorer 8 (KB976662)Update for Windows Internet Explorer 8 (KB976749)Update for Windows Internet Explorer 8 (KB980182)Update for Windows XP (KB2141007)Update for Windows XP (KB2345886)Update for Windows XP (KB2467659)Update for Windows XP (KB2541763)Update for Windows XP (KB2607712)Update for Windows XP (KB2616676)Update for Windows XP (KB2641690)Update for Windows XP (KB951072-v2)Update for Windows XP (KB951978)Update for Windows XP (KB955759)Update for Windows XP (KB955839)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971029)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)UPS WorldShipUPSDBUPSICCUPSlinkHTTPUPSVC2008MMUPSVCMMVocalocity DesktopWebFldrs XPWebHelpWebShopWindows Genuine Advantage Notifications (KB905474)Windows Genuine Advantage Validation Tool (KB892130)Windows Internet Explorer 7Windows Internet Explorer 8Windows Live Communications PlatformWindows Live EssentialsWindows Live MailWindows Live Sign-in AssistantWindows Live Upload ToolWindows Media Format 11 runtimeWindows Media Player 11Windows XP Service Pack 3WorldShipWSSharedYahoo! Music JukeboxZoom V.92 PCI Voice Faxmodem.==== Event Viewer Messages From Past Week ========.6/8/2012 4:41:59 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.6/5/2012 1:05:41 PM, error: Service Control Manager [7023] - The Was service terminated with the following error: The specified module could not be found.6/5/2012 1:05:41 PM, error: Service Control Manager [7023] - The Vstor2 service terminated with the following error: The specified module could not be found.6/5/2012 1:05:41 PM, error: Service Control Manager [7023] - The Oracle_load_balancer_60_server-forms6i service terminated with the following error: The specified module could not be found.6/5/2012 1:05:41 PM, error: Service Control Manager [7023] - The Omniusb service terminated with the following error: The specified module could not be found.6/12/2012 1:11:20 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee Scanner service to connect.6/12/2012 1:11:20 PM, error: Service Control Manager [7000] - The McAfee Scanner service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.6/12/2012 1:11:20 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service MCODS with arguments "" in order to run the server: {C98F04D7-CD30-4BB0-B7D7-8DD7448520F2}6/12/2012 1:03:12 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: abp480n5 ACPIEC adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p asc3550 cbidf cd20xrnt CmdIde Cpqarray dac2w2k dac960nt dpti2o hpn i2omp ini910u IntelIde mraid35x Pcmcia perc2 perc2hib ql1080 Ql10wnt ql12160 ql1240 ql1280 sisagp Sparrow symc810 symc8xx sym_hi sym_u3 TosIde ultra viaagp ViaIde6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The WaveFDE service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The Vcsw service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The Speakerphone service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The S116mdfl service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The PCDCODEC service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The NuidFltr service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The Kbdhid service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The Admjoy service terminated with the following error: The specified module could not be found..==== End Of File =========================== Link to post Share on other sites More sharing options...
Maniac Posted June 12, 2012 ID:559943 Share Posted June 12, 2012 BACKDOOR WARNINGOne or more of the identified infections is known to use a backdoor.This allows hackers to remotely control your computer, steal critical system information and download and execute files.I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?When Should I Format, How Should I ReinstallWe can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please proceed with the following steps.Step 1Download the latest version of TDSSKiller from here and save it to your Desktop.Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.Click the Start Scan button.If a suspicious object is detected, the default action will be Skip, click on Continue.If malicious objects are found, they will show in the Scan results and offer three (3) options.Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.Step 2Launch Malwarebytes' Anti-MalwareGo to Update tab and select Check for Updates. If an update is found, it will download and install the latest version. Go to Scanner tab and select Perform Quick Scan, then click Scan.The scan may take some time to finish,so please be patient.When the scan is complete, click OK, then Show Results to view the results.Make sure that everything is checked, and click Remove Selected.When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.Copy&Paste the entire report in your next reply.Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.In your next reply, post the following log files:TDSSKiller logMalwarebytes' Anti-Malware loga new fresh DDS log file Link to post Share on other sites More sharing options...
jeffaward Posted June 13, 2012 Author ID:560136 Share Posted June 13, 2012 To be honest, I have already tried using the tdss killer and it seems that every time I connect this unit back to the internet I end up with the same results. rootkit.0access.h is back, cannot internet search, computer just runs slow. MB finds the trojan but cannot remove it. I am goign through the process again per your instructions and will post the logs when they are available but I am wondering if maybe you can help me understand what is needed to repair vs reinstall windows. it seems this is the last option Link to post Share on other sites More sharing options...
Maniac Posted June 13, 2012 ID:560139 Share Posted June 13, 2012 Follow my instructions, the rest I'll take care of. Everything you need to know is here:http://windows.microsoft.com/en-us/windows/help/install-reinstall-uninstall Link to post Share on other sites More sharing options...
jeffaward Posted June 13, 2012 Author ID:560207 Share Posted June 13, 2012 In an effort to be thorough, please see the attached log files. If you think there is anything of value here, I will try it but after researching this trojan, I feel the reinstall windows is my best choice. Let me know if you have any other thoughts.07:37:04.0734 3320 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:1807:37:04.0765 3320 ============================================================07:37:04.0765 3320 Current date / time: 2012/06/13 07:37:04.076507:37:04.0765 3320 SystemInfo:07:37:04.0765 3320 07:37:04.0765 3320 OS Version: 5.1.2600 ServicePack: 3.007:37:04.0765 3320 Product type: Workstation07:37:04.0765 3320 ComputerName: JEFF07:37:04.0765 3320 UserName: Jeff Snyder07:37:04.0765 3320 Windows directory: C:\WINDOWS07:37:04.0765 3320 System windows directory: C:\WINDOWS07:37:04.0765 3320 Processor architecture: Intel x8607:37:04.0765 3320 Number of processors: 207:37:04.0765 3320 Page size: 0x100007:37:04.0765 3320 Boot type: Normal boot07:37:04.0765 3320 ============================================================07:37:06.0906 3320 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000005407:37:06.0906 3320 ============================================================07:37:06.0906 3320 \Device\Harddisk0\DR0:07:37:06.0921 3320 MBR partitions:07:37:06.0921 3320 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x8EAAC6, BlocksNum 0x8C1FB3A07:37:06.0921 3320 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x8EAA8707:37:06.0921 3320 ============================================================07:37:06.0953 3320 C: <-> \Device\Harddisk0\DR0\Partition007:37:06.0953 3320 D: <-> \Device\Harddisk0\DR0\Partition107:37:06.0953 3320 ============================================================07:37:06.0953 3320 Initialize success07:37:06.0953 3320 ============================================================07:37:08.0406 5420 ============================================================07:37:08.0406 5420 Scan started07:37:08.0406 5420 Mode: Manual;07:37:08.0406 5420 ============================================================07:37:09.0156 5420 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE07:37:09.0156 5420 !SASCORE - ok07:37:09.0250 5420 Abiosdsk - ok07:37:09.0296 5420 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS07:37:09.0296 5420 abp480n5 - ok07:37:09.0328 5420 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys07:37:09.0343 5420 ACPI - ok07:37:09.0343 5420 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys07:37:09.0343 5420 ACPIEC - ok07:37:09.0484 5420 Adobe Version Cue CS3 (14c23516c990dcd6052152cf034dde40) C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe07:37:09.0500 5420 Adobe Version Cue CS3 - ok07:37:09.0578 5420 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe07:37:09.0625 5420 AdobeFlashPlayerUpdateSvc - ok07:37:09.0656 5420 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys07:37:09.0656 5420 adpu160m - ok07:37:09.0671 5420 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys07:37:09.0671 5420 aec - ok07:37:09.0718 5420 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys07:37:09.0718 5420 AFD - ok07:37:09.0765 5420 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys07:37:09.0765 5420 agp440 - ok07:37:09.0765 5420 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys07:37:09.0781 5420 agpCPQ - ok07:37:09.0781 5420 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys07:37:09.0781 5420 Aha154x - ok07:37:09.0796 5420 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys07:37:09.0796 5420 aic78u2 - ok07:37:09.0812 5420 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys07:37:09.0812 5420 aic78xx - ok07:37:09.0828 5420 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll07:37:09.0828 5420 Alerter - ok07:37:09.0843 5420 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe07:37:09.0843 5420 ALG - ok07:37:09.0859 5420 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys07:37:09.0859 5420 AliIde - ok07:37:09.0875 5420 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys07:37:09.0875 5420 alim1541 - ok07:37:09.0875 5420 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys07:37:09.0890 5420 amdagp - ok07:37:09.0890 5420 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys07:37:09.0890 5420 amsint - ok07:37:09.0890 5420 aniwzcsdservice - ok07:37:09.0984 5420 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe07:37:09.0984 5420 Apple Mobile Device - ok07:37:10.0015 5420 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll07:37:10.0015 5420 AppMgmt - ok07:37:10.0062 5420 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys07:37:10.0062 5420 Arp1394 - ok07:37:10.0093 5420 array_utility_service4,0,1,3 - ok07:37:10.0093 5420 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys07:37:10.0109 5420 asc - ok07:37:10.0109 5420 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys07:37:10.0109 5420 asc3350p - ok07:37:10.0140 5420 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys07:37:10.0140 5420 asc3550 - ok07:37:10.0218 5420 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe07:37:10.0234 5420 aspnet_state - ok07:37:10.0250 5420 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys07:37:10.0250 5420 AsyncMac - ok07:37:10.0265 5420 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys07:37:10.0265 5420 atapi - ok07:37:10.0265 5420 Atdisk - ok07:37:10.0296 5420 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys07:37:10.0296 5420 Atmarpc - ok07:37:10.0328 5420 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll07:37:10.0328 5420 AudioSrv - ok07:37:10.0343 5420 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys07:37:10.0343 5420 audstub - ok07:37:10.0343 5420 AX88772 - ok07:37:10.0421 5420 BCMModem (2d39d498108c4810ef8cc1103a2a5b73) C:\WINDOWS\system32\DRIVERS\BCMDM.sys07:37:10.0453 5420 BCMModem - ok07:37:10.0500 5420 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys07:37:10.0500 5420 Beep - ok07:37:10.0531 5420 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll07:37:10.0687 5420 BITS - ok07:37:10.0828 5420 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe07:37:10.0843 5420 Bonjour Service - ok07:37:10.0859 5420 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll07:37:10.0859 5420 Browser - ok07:37:11.0484 5420 CarboniteService (e581146b4e24601d3b3c60e960de4e3b) C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe07:37:11.0750 5420 CarboniteService - ok07:37:11.0921 5420 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys07:37:11.0921 5420 cbidf - ok07:37:11.0921 5420 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys07:37:11.0921 5420 cbidf2k - ok07:37:11.0937 5420 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys07:37:11.0937 5420 cd20xrnt - ok07:37:11.0937 5420 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys07:37:11.0937 5420 Cdaudio - ok07:37:11.0968 5420 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys07:37:11.0968 5420 Cdfs - ok07:37:11.0968 5420 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys07:37:11.0968 5420 Cdrom - ok07:37:12.0015 5420 cfwids (1c7b1e36f3ced9e4b0b13385e627fe8b) C:\WINDOWS\system32\drivers\cfwids.sys07:37:12.0015 5420 cfwids - ok07:37:12.0031 5420 Changer - ok07:37:12.0062 5420 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe07:37:12.0062 5420 CiSvc - ok07:37:12.0109 5420 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe07:37:12.0109 5420 ClipSrv - ok07:37:12.0218 5420 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe07:37:12.0265 5420 clr_optimization_v2.0.50727_32 - ok07:37:12.0296 5420 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys07:37:12.0296 5420 CmBatt - ok07:37:12.0296 5420 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys07:37:12.0296 5420 CmdIde - ok07:37:12.0328 5420 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys07:37:12.0328 5420 Compbatt - ok07:37:12.0343 5420 COMSysApp - ok07:37:12.0359 5420 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys07:37:12.0359 5420 Cpqarray - ok07:37:12.0375 5420 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll07:37:12.0390 5420 CryptSvc - ok07:37:12.0406 5420 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys07:37:12.0406 5420 dac2w2k - ok07:37:12.0437 5420 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys07:37:12.0437 5420 dac960nt - ok07:37:12.0484 5420 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll07:37:12.0531 5420 DcomLaunch - ok07:37:12.0562 5420 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll07:37:12.0562 5420 Dhcp - ok07:37:12.0578 5420 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys07:37:12.0578 5420 Disk - ok07:37:12.0593 5420 dklogger - ok07:37:12.0593 5420 dmadmin - ok07:37:12.0671 5420 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys07:37:12.0687 5420 dmboot - ok07:37:12.0718 5420 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys07:37:12.0718 5420 dmio - ok07:37:12.0750 5420 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys07:37:12.0750 5420 dmload - ok07:37:12.0765 5420 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll07:37:12.0765 5420 dmserver - ok07:37:12.0781 5420 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys07:37:12.0781 5420 DMusic - ok07:37:12.0812 5420 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll07:37:12.0812 5420 Dnscache - ok07:37:12.0859 5420 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll07:37:12.0859 5420 Dot3svc - ok07:37:12.0875 5420 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys07:37:12.0875 5420 dpti2o - ok07:37:12.0890 5420 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys07:37:12.0890 5420 drmkaud - ok07:37:12.0937 5420 e1express (00192f0c612591d585594e9467e6ca8b) C:\WINDOWS\system32\DRIVERS\e1e5132.sys07:37:12.0953 5420 e1express - ok07:37:12.0968 5420 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll07:37:12.0968 5420 EapHost - ok07:37:13.0000 5420 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll07:37:13.0000 5420 ERSvc - ok07:37:13.0046 5420 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe07:37:13.0062 5420 Eventlog - ok07:37:13.0125 5420 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll07:37:13.0140 5420 EventSystem - ok07:37:13.0156 5420 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys07:37:13.0156 5420 Fastfat - ok07:37:13.0203 5420 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll07:37:13.0218 5420 FastUserSwitchingCompatibility - ok07:37:13.0265 5420 Fax (e97d6a8684466df94ff3bc24fb787a07) C:\WINDOWS\system32\fxssvc.exe07:37:13.0312 5420 Fax - ok07:37:13.0312 5420 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys07:37:13.0312 5420 Fdc - ok07:37:13.0328 5420 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys07:37:13.0328 5420 Fips - ok07:37:13.0453 5420 FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe07:37:13.0500 5420 FLEXnet Licensing Service - ok07:37:13.0500 5420 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys07:37:13.0500 5420 Flpydisk - ok07:37:13.0531 5420 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys07:37:13.0531 5420 FltMgr - ok07:37:13.0656 5420 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe07:37:13.0656 5420 FontCache3.0.0.0 - ok07:37:13.0671 5420 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys07:37:13.0671 5420 Fs_Rec - ok07:37:13.0687 5420 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys07:37:13.0703 5420 Ftdisk - ok07:37:13.0703 5420 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys07:37:13.0703 5420 GEARAspiWDM - ok07:37:13.0734 5420 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys07:37:13.0734 5420 Gpc - ok07:37:13.0843 5420 gupdate1c991013bdbe492 (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe07:37:13.0843 5420 gupdate1c991013bdbe492 - ok07:37:13.0843 5420 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files\Google\Update\GoogleUpdate.exe07:37:13.0843 5420 gupdatem - ok07:37:13.0890 5420 gusvc (5467f1ff0af264566740f67e8b810735) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe07:37:13.0906 5420 gusvc - ok07:37:13.0937 5420 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys07:37:13.0937 5420 HDAudBus - ok07:37:13.0984 5420 HECI (77ffc30aed2a09bc5dabdd9bc3f392d5) C:\WINDOWS\system32\DRIVERS\HECI.sys07:37:13.0984 5420 HECI - ok07:37:14.0078 5420 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll07:37:14.0078 5420 helpsvc - ok07:37:14.0109 5420 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys07:37:14.0109 5420 HidUsb - ok07:37:14.0140 5420 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll07:37:14.0140 5420 hkmsvc - ok07:37:14.0218 5420 HP Port Resolver (c5f00d15aa15cb7f55a027ff75e44bb7) C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE07:37:14.0218 5420 HP Port Resolver - ok07:37:14.0234 5420 HP Status Server (c5a288e4ceef5a26d105117baa3763ab) C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE07:37:14.0234 5420 HP Status Server - ok07:37:14.0250 5420 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys07:37:14.0250 5420 hpn - ok07:37:14.0296 5420 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys07:37:14.0343 5420 HTTP - ok07:37:14.0359 5420 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll07:37:14.0375 5420 HTTPFilter - ok07:37:14.0390 5420 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys07:37:14.0390 5420 i2omgmt - ok07:37:14.0406 5420 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys07:37:14.0406 5420 i2omp - ok07:37:14.0406 5420 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys07:37:14.0406 5420 i8042prt - ok07:37:14.0500 5420 ialm (88164ba0e3fc4172ff3a1bd82b756454) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys07:37:14.0531 5420 ialm - ok07:37:14.0671 5420 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe07:37:14.0671 5420 IDriverT - ok07:37:14.0796 5420 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe07:37:14.0812 5420 idsvc - ok07:37:14.0953 5420 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys07:37:14.0968 5420 Imapi - ok07:37:14.0984 5420 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe07:37:14.0984 5420 ImapiService - ok07:37:15.0031 5420 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys07:37:15.0031 5420 ini910u - ok07:37:15.0046 5420 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys07:37:15.0046 5420 IntelIde - ok07:37:15.0078 5420 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys07:37:15.0078 5420 intelppm - ok07:37:15.0109 5420 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys07:37:15.0109 5420 Ip6Fw - ok07:37:15.0109 5420 ipassconnectengine - ok07:37:15.0125 5420 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys07:37:15.0125 5420 IpFilterDriver - ok07:37:15.0156 5420 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys07:37:15.0156 5420 IpInIp - ok07:37:15.0187 5420 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys07:37:15.0187 5420 IpNat - ok07:37:15.0250 5420 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe07:37:15.0281 5420 iPod Service - ok07:37:15.0312 5420 IPSec (329b13447d6fa3d13a565259921b5a4e) C:\WINDOWS\system32\DRIVERS\ipsec.sys07:37:15.0312 5420 IPSec - ok07:37:15.0343 5420 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys07:37:15.0343 5420 IRENUM - ok07:37:15.0375 5420 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys07:37:15.0375 5420 isapnp - ok07:37:15.0500 5420 JavaQuickStarterService (11c3efb4bac41175d03b1595db1a4a4f) C:\Program Files\Java\jre6\bin\jqs.exe07:37:15.0500 5420 JavaQuickStarterService - ok07:37:15.0515 5420 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys07:37:15.0515 5420 Kbdclass - ok07:37:15.0531 5420 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys07:37:15.0546 5420 kmixer - ok07:37:15.0593 5420 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys07:37:15.0593 5420 KSecDD - ok07:37:15.0625 5420 L8042Kbd (5a11400ea1f0a106fe7edb28c270f7b8) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys07:37:15.0625 5420 L8042Kbd - ok07:37:15.0656 5420 L8042mou (20c919b52897b72ebcb2ad2fc29d8ef0) C:\WINDOWS\system32\DRIVERS\L8042mou.Sys07:37:15.0656 5420 L8042mou - ok07:37:15.0687 5420 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll07:37:15.0687 5420 lanmanserver - ok07:37:15.0734 5420 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll07:37:15.0750 5420 lanmanworkstation - ok07:37:15.0750 5420 lbrtfdc - ok07:37:15.0781 5420 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll07:37:15.0781 5420 LmHosts - ok07:37:15.0781 5420 LMouKE (90a794d0a0bf3531c4ba1c0510449629) C:\WINDOWS\system32\DRIVERS\LMouKE.Sys07:37:15.0781 5420 LMouKE - ok07:37:15.0828 5420 LMS (1dfd22357216bdfeb627f5f96cf839ed) C:\Program Files\Intel\AMT\LMS.exe07:37:15.0828 5420 LMS - ok07:37:15.0828 5420 lvcomser - ok07:37:15.0875 5420 MBAMSwissArmy (0db7527db188c7d967a37bb51bbf3963) C:\WINDOWS\system32\drivers\mbamswissarmy.sys07:37:15.0875 5420 MBAMSwissArmy - ok07:37:15.0937 5420 McAfee SiteAdvisor Service (aac3b33ba020d2af530d694a5a920180) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe07:37:15.0937 5420 McAfee SiteAdvisor Service - ok07:37:16.0078 5420 McMPFSvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe07:37:16.0093 5420 McMPFSvc - ok07:37:16.0093 5420 mcmscsvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe07:37:16.0093 5420 mcmscsvc - ok07:37:16.0109 5420 McNaiAnn (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe07:37:16.0109 5420 McNaiAnn - ok07:37:16.0109 5420 McNASvc (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe07:37:16.0109 5420 McNASvc - ok07:37:16.0203 5420 McODS (42117cbc4849a5cf11129912dabbdeca) C:\Program Files\McAfee\VirusScan\mcods.exe07:37:16.0218 5420 McODS - ok07:37:16.0218 5420 McProxy (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe07:37:16.0218 5420 McProxy - ok07:37:16.0312 5420 McShield (593fa4c378818ece76ba64a11ad56cf2) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe07:37:16.0312 5420 McShield - ok07:37:16.0343 5420 mdmxsdk (eeaea6514ba7c9d273b5e87c4e1aab30) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys07:37:16.0343 5420 mdmxsdk - ok07:37:16.0375 5420 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll07:37:16.0375 5420 Messenger - ok07:37:16.0406 5420 mfeapfk (43c31bdf404a6d7a7ac1bfd5ead2a566) C:\WINDOWS\system32\drivers\mfeapfk.sys07:37:16.0406 5420 mfeapfk - ok07:37:16.0453 5420 mfeavfk (c1dc5f42d3367f33b6451be78b38bd46) C:\WINDOWS\system32\drivers\mfeavfk.sys07:37:16.0453 5420 mfeavfk - ok07:37:16.0468 5420 mfeavfk01 - ok07:37:16.0484 5420 mfebopk (0435c43f4c2be01b84868ad2a906397b) C:\WINDOWS\system32\drivers\mfebopk.sys07:37:16.0484 5420 mfebopk - ok07:37:16.0515 5420 mfefire (7e1f8b1bdc8240f08bd358b3a466c005) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe07:37:16.0515 5420 mfefire - ok07:37:16.0546 5420 mfefirek (4ea6ff90015424517843e931448e00f1) C:\WINDOWS\system32\drivers\mfefirek.sys07:37:16.0562 5420 mfefirek - ok07:37:16.0609 5420 mfehidk (d1e998748ba24a731106611d535c6bbf) C:\WINDOWS\system32\drivers\mfehidk.sys07:37:16.0625 5420 mfehidk - ok07:37:16.0625 5420 mfendisk (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys07:37:16.0625 5420 mfendisk - ok07:37:16.0640 5420 mfendiskmp (26c76d10ed650e6492800d6f081ecfba) C:\WINDOWS\system32\DRIVERS\mfendisk.sys07:37:16.0640 5420 mfendiskmp - ok07:37:16.0671 5420 mferkdet (f454a13377f0a006d20a8c14a753c432) C:\WINDOWS\system32\drivers\mferkdet.sys07:37:16.0671 5420 mferkdet - ok07:37:16.0734 5420 mferkdk (c2ec40b1fd35cae0aa749ed318ecc571) C:\WINDOWS\system32\drivers\mferkdk.sys07:37:16.0734 5420 mferkdk - ok07:37:16.0781 5420 mfetdi2k (070d3faf2eac417c59d8674a8752f7a6) C:\WINDOWS\system32\drivers\mfetdi2k.sys07:37:16.0781 5420 mfetdi2k - ok07:37:16.0812 5420 mfevtp (b10c4efd40810c08f4b44df2efcb54f7) C:\WINDOWS\system32\mfevtps.exe07:37:16.0828 5420 mfevtp - ok07:37:16.0859 5420 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys07:37:16.0859 5420 mnmdd - ok07:37:16.0890 5420 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe07:37:16.0890 5420 mnmsrvc - ok07:37:16.0906 5420 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys07:37:16.0906 5420 Modem - ok07:37:16.0953 5420 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys07:37:16.0953 5420 MODEMCSA - ok07:37:16.0968 5420 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys07:37:16.0968 5420 Mouclass - ok07:37:17.0000 5420 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys07:37:17.0000 5420 mouhid - ok07:37:17.0015 5420 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys07:37:17.0031 5420 MountMgr - ok07:37:17.0031 5420 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys07:37:17.0031 5420 mraid35x - ok07:37:17.0062 5420 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys07:37:17.0078 5420 MRxDAV - ok07:37:17.0125 5420 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys07:37:17.0140 5420 MRxSmb - ok07:37:17.0171 5420 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe07:37:17.0171 5420 MSDTC - ok07:37:17.0187 5420 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys07:37:17.0187 5420 Msfs - ok07:37:17.0203 5420 MSIServer - ok07:37:17.0328 5420 MSK80Service (7e6932eeda54c8eaf7dc6c2225261b85) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe07:37:17.0328 5420 MSK80Service - ok07:37:17.0328 5420 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys07:37:17.0328 5420 MSKSSRV - ok07:37:17.0343 5420 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys07:37:17.0343 5420 MSPCLOCK - ok07:37:17.0359 5420 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys07:37:17.0359 5420 MSPQM - ok07:37:17.0375 5420 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys07:37:17.0390 5420 mssmbios - ok07:37:17.0562 5420 MSSQL$UPSWSDBSERVER - ok07:37:17.0640 5420 MSSQLServerADHelper (1d1b22613eab9287af902398867bc93c) C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe07:37:17.0640 5420 MSSQLServerADHelper - ok07:37:17.0671 5420 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys07:37:17.0671 5420 Mup - ok07:37:17.0718 5420 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll07:37:17.0734 5420 napagent - ok07:37:17.0765 5420 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys07:37:17.0765 5420 NDIS - ok07:37:17.0812 5420 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys07:37:17.0812 5420 NdisTapi - ok07:37:17.0843 5420 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys07:37:17.0843 5420 Ndisuio - ok07:37:17.0859 5420 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys07:37:17.0859 5420 NdisWan - ok07:37:17.0906 5420 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys07:37:17.0906 5420 NDProxy - ok07:37:17.0921 5420 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys07:37:17.0921 5420 NetBIOS - ok07:37:17.0937 5420 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys07:37:17.0953 5420 NetBT - ok07:37:17.0984 5420 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe07:37:17.0984 5420 NetDDE - ok07:37:17.0984 5420 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe07:37:18.0000 5420 NetDDEdsdm - ok07:37:18.0031 5420 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe07:37:18.0031 5420 Netlogon - ok07:37:18.0062 5420 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll07:37:18.0078 5420 Netman - ok07:37:18.0171 5420 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe07:37:18.0187 5420 NetTcpPortSharing - ok07:37:18.0203 5420 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys07:37:18.0218 5420 NIC1394 - ok07:37:18.0250 5420 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll07:37:18.0281 5420 Nla - ok07:37:18.0328 5420 NPF (b9730495e0cf674680121e34bd95a73b) C:\WINDOWS\system32\drivers\NPF.sys07:37:18.0328 5420 NPF - ok07:37:18.0343 5420 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys07:37:18.0343 5420 Npfs - ok07:37:18.0484 5420 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys07:37:18.0500 5420 Ntfs - ok07:37:18.0531 5420 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe07:37:18.0531 5420 NtLmSsp - ok07:37:18.0578 5420 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll07:37:18.0593 5420 NtmsSvc - ok07:37:18.0625 5420 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys07:37:18.0625 5420 Null - ok07:37:18.0656 5420 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys07:37:18.0656 5420 NwlnkFlt - ok07:37:18.0671 5420 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys07:37:18.0671 5420 NwlnkFwd - ok07:37:18.0703 5420 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys07:37:18.0703 5420 ohci1394 - ok07:37:18.0781 5420 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE07:37:18.0781 5420 ose - ok07:37:18.0812 5420 p2pimsvc - ok07:37:18.0812 5420 pae_1394 - ok07:37:18.0828 5420 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys07:37:18.0828 5420 Parport - ok07:37:18.0859 5420 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys07:37:18.0859 5420 PartMgr - ok07:37:18.0890 5420 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys07:37:18.0890 5420 ParVdm - ok07:37:18.0921 5420 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys07:37:18.0921 5420 PCI - ok07:37:18.0921 5420 PCIDump - ok07:37:18.0953 5420 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys07:37:18.0953 5420 PCIIde - ok07:37:19.0000 5420 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\DRIVERS\pcmcia.sys07:37:19.0015 5420 Pcmcia - ok07:37:19.0015 5420 PDCOMP - ok07:37:19.0015 5420 PDFRAME - ok07:37:19.0031 5420 PDRELI - ok07:37:19.0031 5420 PDRFRAME - ok07:37:19.0031 5420 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys07:37:19.0031 5420 perc2 - ok07:37:19.0046 5420 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys07:37:19.0046 5420 perc2hib - ok07:37:19.0093 5420 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe07:37:19.0093 5420 PlugPlay - ok07:37:19.0140 5420 Pml Driver HPZ12 (a38b3ce68e7f126190cde4aa3fdf050f) C:\WINDOWS\system32\HPZipm12.exe07:37:19.0140 5420 Pml Driver HPZ12 - ok07:37:19.0140 5420 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe07:37:19.0140 5420 PolicyAgent - ok07:37:19.0171 5420 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys07:37:19.0171 5420 PptpMiniport - ok07:37:19.0218 5420 PrismXL (f3c8d6e59a36d4dd5729782015e685a8) C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS07:37:19.0218 5420 PrismXL - ok07:37:19.0234 5420 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe07:37:19.0234 5420 ProtectedStorage - ok07:37:19.0250 5420 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys07:37:19.0250 5420 PSched - ok07:37:19.0250 5420 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys07:37:19.0250 5420 Ptilink - ok07:37:19.0296 5420 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys07:37:19.0296 5420 PxHelp20 - ok07:37:19.0296 5420 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys07:37:19.0296 5420 ql1080 - ok07:37:19.0312 5420 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys07:37:19.0312 5420 Ql10wnt - ok07:37:19.0312 5420 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys07:37:19.0312 5420 ql12160 - ok07:37:19.0328 5420 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys07:37:19.0328 5420 ql1240 - ok07:37:19.0343 5420 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys07:37:19.0343 5420 ql1280 - ok07:37:19.0343 5420 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys07:37:19.0343 5420 RasAcd - ok07:37:19.0390 5420 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll07:37:19.0390 5420 RasAuto - ok07:37:19.0406 5420 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys07:37:19.0421 5420 Rasl2tp - ok07:37:19.0453 5420 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll07:37:19.0453 5420 RasMan - ok07:37:19.0468 5420 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys07:37:19.0468 5420 RasPppoe - ok07:37:19.0515 5420 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys07:37:19.0515 5420 Raspti - ok07:37:19.0531 5420 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys07:37:19.0531 5420 Rdbss - ok07:37:19.0546 5420 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys07:37:19.0546 5420 RDPCDD - ok07:37:19.0593 5420 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys07:37:19.0593 5420 rdpdr - ok07:37:19.0640 5420 RDPWD (5b3055daa788bd688594d2f5981f2a83) C:\WINDOWS\system32\drivers\RDPWD.sys07:37:19.0656 5420 RDPWD - ok07:37:19.0687 5420 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe07:37:19.0687 5420 RDSessMgr - ok07:37:19.0703 5420 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys07:37:19.0703 5420 redbook - ok07:37:19.0734 5420 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll07:37:19.0734 5420 RemoteAccess - ok07:37:19.0765 5420 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll07:37:19.0765 5420 RemoteRegistry - ok07:37:19.0812 5420 RimUsb (f17713d108aca124a139fde877eef68a) C:\WINDOWS\system32\Drivers\RimUsb.sys07:37:19.0812 5420 RimUsb - ok07:37:19.0828 5420 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\WINDOWS\system32\DRIVERS\RimSerial.sys07:37:19.0828 5420 RimVSerPort - ok07:37:19.0859 5420 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys07:37:19.0859 5420 ROOTMODEM - ok07:37:19.0984 5420 RoxLiveShare9 - ok07:37:20.0000 5420 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe07:37:20.0000 5420 RpcLocator - ok07:37:20.0031 5420 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll07:37:20.0031 5420 RpcSs - ok07:37:20.0078 5420 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe07:37:20.0093 5420 RSVP - ok07:37:20.0093 5420 s116obex - ok07:37:20.0140 5420 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe07:37:20.0140 5420 SamSs - ok07:37:20.0187 5420 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS07:37:20.0187 5420 SASDIFSV - ok07:37:20.0218 5420 SASENUM (7ce61c25c159f50f9eaf6d77fc83fa35) C:\Program Files\SUPERAntiSpyware\SASENUM.SYS07:37:20.0218 5420 SASENUM - ok07:37:20.0250 5420 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS07:37:20.0250 5420 SASKUTIL - ok07:37:20.0281 5420 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe07:37:20.0296 5420 SCardSvr - ok07:37:20.0328 5420 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll07:37:20.0343 5420 Schedule - ok07:37:20.0453 5420 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys07:37:20.0468 5420 sdbus - ok07:37:20.0531 5420 SE2Cbus (11028c6a84a967070cb1286550f2058f) C:\WINDOWS\system32\DcCam.dll07:37:20.0531 5420 SE2Cbus ( Backdoor.Multi.ZAccess.gen ) - infected07:37:20.0531 5420 SE2Cbus - detected Backdoor.Multi.ZAccess.gen (0)07:37:20.0562 5420 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys07:37:20.0562 5420 Secdrv - ok07:37:20.0625 5420 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll07:37:20.0625 5420 seclogon - ok07:37:20.0656 5420 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll07:37:20.0656 5420 SENS - ok07:37:20.0671 5420 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys07:37:20.0671 5420 Serenum - ok07:37:20.0687 5420 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys07:37:20.0687 5420 Serial - ok07:37:20.0687 5420 serialkeys - ok07:37:20.0703 5420 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys07:37:20.0703 5420 Sfloppy - ok07:37:20.0718 5420 sfng32 - ok07:37:20.0750 5420 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll07:37:20.0765 5420 SharedAccess - ok07:37:20.0812 5420 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll07:37:20.0812 5420 ShellHWDetection - ok07:37:20.0828 5420 Simbad - ok07:37:20.0843 5420 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys07:37:20.0843 5420 sisagp - ok07:37:20.0875 5420 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys07:37:20.0875 5420 Sparrow - ok07:37:20.0921 5420 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys07:37:20.0921 5420 splitter - ok07:37:20.0968 5420 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe07:37:20.0968 5420 Spooler - ok07:37:21.0093 5420 sprtsvc_ddoctorv2 (c3716ec0d36ad924b6888d794563e647) C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe07:37:21.0109 5420 sprtsvc_ddoctorv2 - ok07:37:21.0218 5420 SQLAgent$UPSWSDBSERVER - ok07:37:21.0234 5420 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys07:37:21.0234 5420 sr - ok07:37:21.0265 5420 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll07:37:21.0281 5420 srservice - ok07:37:21.0421 5420 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys07:37:21.0437 5420 Srv - ok07:37:21.0468 5420 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll07:37:21.0468 5420 SSDPSRV - ok07:37:21.0468 5420 STHDA - ok07:37:21.0515 5420 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll07:37:21.0562 5420 stisvc - ok07:37:21.0578 5420 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys07:37:21.0578 5420 swenum - ok07:37:21.0593 5420 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys07:37:21.0609 5420 swmidi - ok07:37:21.0609 5420 SwPrv - ok07:37:21.0765 5420 Symantec RemoteAssist (edafa57c298461a5ea448f4b546afb4b) C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe07:37:21.0781 5420 Symantec RemoteAssist - ok07:37:21.0812 5420 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys07:37:21.0812 5420 symc810 - ok07:37:21.0828 5420 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys07:37:21.0828 5420 symc8xx - ok07:37:21.0828 5420 SymIM - ok07:37:21.0828 5420 SymIMMP - ok07:37:21.0843 5420 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys07:37:21.0843 5420 sym_hi - ok07:37:21.0843 5420 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys07:37:21.0859 5420 sym_u3 - ok07:37:21.0859 5420 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys07:37:21.0875 5420 sysaudio - ok07:37:21.0890 5420 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe07:37:21.0890 5420 SysmonLog - ok07:37:21.0937 5420 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll07:37:21.0953 5420 TapiSrv - ok07:37:21.0968 5420 Tb2RCAssist - ok07:37:22.0031 5420 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys07:37:22.0062 5420 Tcpip - ok07:37:22.0093 5420 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys07:37:22.0093 5420 TDPIPE - ok07:37:22.0109 5420 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys07:37:22.0109 5420 TDTCP - ok07:37:22.0140 5420 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys07:37:22.0140 5420 TermDD - ok07:37:22.0187 5420 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll07:37:22.0218 5420 TermService - ok07:37:22.0265 5420 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll07:37:22.0265 5420 Themes - ok07:37:22.0296 5420 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe07:37:22.0296 5420 TlntSvr - ok07:37:22.0312 5420 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys07:37:22.0312 5420 TosIde - ok07:37:22.0328 5420 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll07:37:22.0343 5420 TrkWks - ok07:37:22.0375 5420 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys07:37:22.0375 5420 tunmp - ok07:37:22.0406 5420 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys07:37:22.0406 5420 Udfs - ok07:37:22.0437 5420 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys07:37:22.0437 5420 ultra - ok07:37:22.0468 5420 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys07:37:22.0484 5420 Update - ok07:37:22.0515 5420 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll07:37:22.0578 5420 upnphost - ok07:37:22.0609 5420 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe07:37:22.0609 5420 UPS - ok07:37:22.0656 5420 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\WINDOWS\system32\Drivers\usbaapl.sys07:37:22.0656 5420 USBAAPL - ok07:37:22.0671 5420 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys07:37:22.0687 5420 usbccgp - ok07:37:22.0718 5420 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys07:37:22.0718 5420 usbehci - ok07:37:22.0750 5420 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys07:37:22.0750 5420 usbhub - ok07:37:22.0875 5420 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys07:37:22.0875 5420 usbprint - ok07:37:22.0921 5420 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys07:37:22.0921 5420 usbscan - ok07:37:22.0937 5420 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS07:37:22.0937 5420 usbstor - ok07:37:22.0968 5420 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys07:37:22.0968 5420 usbuhci - ok07:37:23.0015 5420 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys07:37:23.0015 5420 VgaSave - ok07:37:23.0046 5420 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys07:37:23.0046 5420 viaagp - ok07:37:23.0078 5420 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys07:37:23.0078 5420 ViaIde - ok07:37:23.0093 5420 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys07:37:23.0093 5420 VolSnap - ok07:37:23.0125 5420 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe07:37:23.0140 5420 VSS - ok07:37:23.0171 5420 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll07:37:23.0203 5420 W32Time - ok07:37:23.0218 5420 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys07:37:23.0218 5420 Wanarp - ok07:37:23.0218 5420 WDICA - ok07:37:23.0250 5420 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys07:37:23.0250 5420 wdmaud - ok07:37:23.0281 5420 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll07:37:23.0281 5420 WebClient - ok07:37:23.0343 5420 Winachcf (ddb6b2d33bb299664f1470ed4e83c389) C:\WINDOWS\system32\DRIVERS\winachcf.sys07:37:23.0359 5420 Winachcf - ok07:37:23.0484 5420 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll07:37:23.0484 5420 winmgmt - ok07:37:23.0531 5420 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll07:37:23.0531 5420 WmdmPmSN - ok07:37:23.0593 5420 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll07:37:23.0640 5420 Wmi - ok07:37:23.0687 5420 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe07:37:23.0687 5420 WmiApSrv - ok07:37:23.0984 5420 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe07:37:24.0015 5420 WMPNetworkSvc - ok07:37:24.0093 5420 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys07:37:24.0093 5420 WpdUsb - ok07:37:24.0109 5420 Wtcls2k - ok07:37:24.0140 5420 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll07:37:24.0156 5420 wuauserv - ok07:37:24.0203 5420 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys07:37:24.0203 5420 WudfPf - ok07:37:24.0218 5420 WUDFRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\WUDFRd.sys07:37:24.0218 5420 WUDFRd - ok07:37:24.0234 5420 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll07:37:24.0250 5420 WudfSvc - ok07:37:24.0281 5420 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll07:37:24.0328 5420 WZCSVC - ok07:37:24.0359 5420 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll07:37:24.0359 5420 xmlprov - ok07:37:24.0390 5420 MBR (0x1B8) (b20939cd98b7710036274839082ae757) \Device\Harddisk0\DR007:37:24.0421 5420 \Device\Harddisk0\DR0 - ok07:37:24.0453 5420 Boot (0x1200) (c27cccb23aceb0c3dc8803708eae422b) \Device\Harddisk0\DR0\Partition007:37:24.0453 5420 \Device\Harddisk0\DR0\Partition0 - ok07:37:24.0453 5420 Boot (0x1200) (0a9e19296592d06719d9fc679c9fd6c3) \Device\Harddisk0\DR0\Partition107:37:24.0453 5420 \Device\Harddisk0\DR0\Partition1 - ok07:37:24.0453 5420 ============================================================07:37:24.0453 5420 Scan finished07:37:24.0453 5420 ============================================================07:37:24.0468 4540 Detected object count: 107:37:24.0468 4540 Actual detected object count: 107:37:35.0125 4540 C:\WINDOWS\system32\DcCam.dll - copied to quarantine07:37:35.0125 4540 HKLM\SYSTEM\ControlSet001\services\SE2Cbus - will be deleted on reboot07:37:35.0156 4540 C:\WINDOWS\system32\DcCam.dll - will be deleted on reboot07:37:35.0156 4540 SE2Cbus ( Backdoor.Multi.ZAccess.gen ) - User select action: Delete07:41:23.0953 4800 Deinitialize successMalwarebytes Anti-Malware 1.61.0.1400www.malwarebytes.orgDatabase version: v2012.06.12.05Windows XP Service Pack 3 x86 NTFSInternet Explorer 8.0.6001.18702Jeff Snyder :: JEFF [administrator]6/13/2012 7:47:42 AMmbam-log-2012-06-13 (07-47-42).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 299764Time elapsed: 38 minute(s), 52 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 1C:\WINDOWS\system32\acdpowerservice.dll (RootKit.0Access.H) -> Delete on reboot.Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 0(No malicious items detected)Files Detected: 1C:\WINDOWS\system32\acdpowerservice.dll (RootKit.0Access.H) -> Delete on reboot.(end).DDS (Ver_2011-08-26.01) - NTFSx86Internet Explorer: 8.0.6001.18702Run by Jeff Snyder at 11:58:32 on 2012-06-13Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.998.181 [GMT -5:00].AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}FW: McAfee Firewall *Disabled*.============== Running Processes ===============.C:\WINDOWS\system32\svchost -k DcomLaunchsvchost.exeC:\WINDOWS\System32\svchost.exe -k netsvcsC:\WINDOWS\system32\svchost.exe -k WudfServiceGroupsvchost.exesvchost.exeC:\WINDOWS\system32\spoolsv.exesvchost.exeC:\Program Files\SUPERAntiSpyware\SASCORE.EXEC:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Intel\AMT\LMS.exeC:\Program Files\McAfee\SiteAdvisor\McSACore.exeC:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exeC:\WINDOWS\system32\mfevtps.exeC:\UPS\WSTD\MSSQL$UPSWSDBSERVER\Binn\sqlservr.exeC:\WINDOWS\system32\HPZipm12.exeC:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYSC:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files\Common Files\McAfee\SystemCore\mcshield.exeC:\Program Files\Common Files\McAfee\SystemCore\mfefire.exeC:\WINDOWS\system32\wuauclt.exeC:\WINDOWS\system32\fxssvc.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\mdm.exeC:\Program Files\CyberLink\PowerDVD\PDVDServ.exeC:\WINDOWS\system32\igfxtray.exeC:\Program Files\Hewlett-Packard\hp business inkjet 1200 series\Toolbox\HPWNTBX.exeC:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exeC:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\McAfee.com\Agent\mcagent.exeC:\Program Files\iTunes\iTunesHelper.exeC:\Program Files\Google\Google Talk\googletalk.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe\\.\globalroot\SystemRoot\system32\svchost.exe -k netsvcsC:\UPS\WSTD\WSTDMessaging.exeC:\Documents and Settings\Jeff Snyder\Application Data\Dropbox\bin\Dropbox.exeC:\Program Files\iPod\bin\iPodService.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeC:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroDist.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.comcast.net/uWindow Title = Windows Internet Explorer provided by ComcastuDefault_Search_URL = 687474703a2f2f7777772e476f6f676c652e636f6d2fuSearch Bar = 687474703a2f2f7777772e476f6f676c652e636f6d2fuSearch Page = 687474703a2f2f7777772e476f6f676c652e636f6d2fuSearchMigratedDefaultURL = 687474703a2f2f7777772e476f6f676c652e636f6d2fmWindow Title = Windows Internet Explorer provided by ComcastmSearch Bar = 687474703a2f2f7777772e476f6f676c652e636f6d2fmSearchMigratedDefaultURL = 687474703a2f2f7777772e476f6f676c652e636f6d2fuInternet Settings,ProxyOverride = *.localuSearchAssistant = 687474703a2f2f7777772e476f6f676c652e636f6d2fmSearchURL = 687474703a2f2f7777772e476f6f676c652e636f6d2fmSearchAssistant = 687474703a2f2f7777772e476f6f676c652e636f6d2fBHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dllBHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dllBHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No FileBHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - Symantec Intrusion PreventionBHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120428182603.dllBHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dllBHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar3.dllBHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllBHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dllBHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dllBHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\windows\system32\BAE.dllBHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dllBHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllTB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dllTB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No FileTB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dllTB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar3.dllEB: Adobe PDF: {182ec0be-5110-49c8-a062-beb1d02a220b} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dlluRun: [googletalk] "c:\program files\google\google talk\googletalk.exe" /autostartuRun: [ctfmon.exe] c:\windows\system32\ctfmon.exeuRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exemRun: [RemoteControl] "c:\program files\cyberlink\powerdvd\PDVDServ.exe"mRun: [Reminder] %WINDIR%\Creator\Remind_XP.exemRun: [Recguard] %WINDIR%\SMINST\RECGUARD.EXEmRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HPWNTOOLBOX] c:\program files\hewlett-packard\hp business inkjet 1200 series\toolbox\HPWNTBX.exe "-i"mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 8.0\acrobat\Acrotray.exe"mRun: [Adobe_ID0EYTHM] c:\progra~1\common~1\adobe\adobev~1\server\bin\VERSIO~2.EXEmRun: [intelAudioStudio] "c:\program files\intel audio studio\IntelAudioStudio.exe" TRAYmRun: [NA1Messenger] c:\ups\wstd\UPSNA1Msgr.exemRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exemRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [mcui_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkeymRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottimemRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -tStartupFolder: c:\docume~1\jeffsn~1\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\jeff snyder\application data\dropbox\bin\Dropbox.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\servic~1.lnk - c:\program files\microsoft sql server\80\tools\binn\sqlmangr.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\upswor~2.lnk - c:\ups\wstd\WSTDMessaging.exeStartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\upswor~1.lnk - c:\ups\wstd\wstdPldReminder.exeIE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.htmlIE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.htmlIE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.htmlIE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.htmlIE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exeIE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exeIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLLLSP: mswsock.dllDPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://support.microsoft.com/OAS/ActiveX/MSDcode.cabDPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cabDPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://by144fd.bay144.hotmail.msn.com/resources/MsnPUpld.cabDPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cabDPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1178042772078DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cabDPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cabDPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cabDPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab53083.cabDPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cabDPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://chill.comcast.net/Gameshell/GameHost/1.0/OberonGameHost.cabDPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cabDPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://vocalocity.webex.com/client/T27LB/nbr/ieatgpc.cabFilter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\McSnIePl.dllHandler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dllNotify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLLNotify: igfxcui - igfxdev.dllSSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dllSEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL.============= SERVICES / DRIVERS ===============.R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2011-8-3 57600].=============== Created Last 30 ================.2012-05-15 16:27:55 -------- dc----w- C:\7d519ce54c1a8a72c36e0d2eebf32012-05-14 17:24:53 -------- dc----w- C:\a2e1398811d49f46355c5e.==================== Find3M ====================.2012-06-13 16:56:01 0 -csha-w- c:\windows\system32\dds_trash_log.cmd2012-05-08 18:33:07 50704 -c--a-w- c:\windows\system32\drivers\npf.sys2012-05-08 18:33:07 281104 -c--a-w- c:\windows\system32\wpcap.dll2012-05-08 18:33:07 100880 -c--a-w- c:\windows\system32\Packet.dll2012-05-04 17:40:03 419488 -c--a-w- c:\windows\system32\FlashPlayerApp.exe2012-05-04 17:40:02 70304 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2012-04-11 13:14:41 2148352 -c--a-w- c:\windows\system32\ntoskrnl.exe2012-04-11 13:12:06 1862272 -c--a-w- c:\windows\system32\win32k.sys2012-04-11 12:35:51 2026496 -c--a-w- c:\windows\system32\ntkrnlpa.exe2012-04-04 20:56:40 22344 -c--a-w- c:\windows\system32\drivers\mbam.sys2012-03-20 18:11:32 151880 -c--a-w- c:\windows\system32\mfevtps.exe.============= FINISH: 12:11:57.42 ===============.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume1Install Date: 11/6/2006 2:52:58 PMSystem Uptime: 6/13/2012 11:55:25 AM (1 hours ago).Motherboard: Intel Corporation | | DQ965MTProcessor: Intel® Core2 CPU 6300 @ 1.86GHz | | 1864/266mhz.==== Disk Partitions =========================.A: is RemovableC: is FIXED (NTFS) - 70 GiB total, 7.902 GiB free.D: is FIXED (FAT32) - 4 GiB total, 1.513 GiB free.E: is CDROM ().==== Disabled Device Manager Items =============.Class GUID:Description: Audio Device on High Definition Audio BusDevice ID: HDAUDIO\FUNC_01&VEN_8384&DEV_7618&SUBSYS_107B5058&REV_1002\4&22347350&0&0201Manufacturer:Name: Audio Device on High Definition Audio BusPNP Device ID: HDAUDIO\FUNC_01&VEN_8384&DEV_7618&SUBSYS_107B5058&REV_1002\4&22347350&0&0201Service:.Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}Description: Parallel DeviceDevice ID: ROOT\LEGACY_HPFECP15\0000Manufacturer:Name: Parallel DevicePNP Device ID: ROOT\LEGACY_HPFECP15\0000Service: HPFECP15.==== System Restore Points ===================..==== Installed Programs ======================.Add or Remove Adobe Creative Suite 3 Design PremiumAdobe Acrobat 8 ProfessionalAdobe Acrobat 8.1.4 ProfessionalAdobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)Adobe Anchor Service CS3Adobe Asset Services CS3Adobe Bridge CS3Adobe Bridge Start MeetingAdobe BridgeTalk Plugin CS3Adobe Camera Raw 4.0Adobe CMapsAdobe Color - Photoshop SpecificAdobe Color Common SettingsAdobe Color EU Extra SettingsAdobe Color JA Extra SettingsAdobe Color NA Recommended SettingsAdobe Creative Suite 3 Design PremiumAdobe Default Language CS3Adobe Device Central CS3Adobe Dreamweaver CS3Adobe ExtendScript Toolkit 2Adobe Extension Manager CS3Adobe Flash CS3Adobe Flash Player 11 ActiveXAdobe Flash Player 9 PluginAdobe Flash Video EncoderAdobe Fonts AllAdobe Help Viewer CS3Adobe Illustrator CS3Adobe InDesign CS3Adobe InDesign CS3 Icon HandlerAdobe Linguistics CS3Adobe MotionPicture Color FilesAdobe PDF Library FilesAdobe Photoshop CS3Adobe Reader 8.2.0Adobe SetupAdobe Shockwave Player 11.5Adobe SING CS3Adobe Stock Photos CS3Adobe Type SupportAdobe Update Manager CS3Adobe Version Cue CS3 ClientAdobe Version Cue CS3 Server {ko_KR}Adobe WAS CS3Adobe WinSoft Linguistics PluginAdobe XMP Panels CS3AHV content for Acrobat and FlashAlignmentUtilityAlpha Five V7AnimationLab v3Apple Application SupportApple Mobile Device SupportApple Software UpdateBlackBerry Desktop Software 6.0BonjourBrowser Address Error RedirectorCarboniteCCCComcast High-Speed Internet Install WizardCompatibility Pack for the 2007 Office systemCorel ApplicationsCritical Update for Windows Media Player 11 (KB959772)Data Access Objects (DAO) 3.5Desktop DoctorDropboxDynex mini card readerEmotion 3D Web Edition 1.5Facebook Plug-InFinale NotePad 2008FloorPlan 3D v8FormsComponentFOSSGearDrvsGoogle EarthGoogle Talk (remove only)Google Toolbar for Internet ExplorerGoogle Update HelperHandBrake 0.9.5High Definition Audio Driver Package - KB888111Hotfix 2050 for SQL Server 2000 ENU (KB948110)Hotfix 2055 for SQL Server 2000 ENU (KB960082)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)Hotfix for Windows Internet Explorer 7 (KB947864)Hotfix for Windows Media Format 11 SDK (KB929399)Hotfix for Windows Media Player 11 (KB939683)Hotfix for Windows XP (KB2158563)Hotfix for Windows XP (KB2443685)Hotfix for Windows XP (KB2570791)Hotfix for Windows XP (KB2633952)Hotfix for Windows XP (KB952287)Hotfix for Windows XP (KB954550-v5)Hotfix for Windows XP (KB961118)Hotfix for Windows XP (KB970653-v3)Hotfix for Windows XP (KB976098-v2)Hotfix for Windows XP (KB979306)Hotfix for Windows XP (KB981793)HP Business Inkjet 1200HP Deskjet 6900 seriesHP PrecisionScan Pro 3.0i960 EmulatorICCHelpIntel Audio StudioIntel® Active Management Technology LMS Service and SOL DriverIntel® Graphics Media Accelerator DriverIntel® Management Engine InterfaceIntel® PRO Network Connections DriversiTunesJava Auto UpdaterJava 6 Update 25Junk Mail filter updateLogitech SetPointMalwarebytes Anti-Malware version 1.61.0.1400McAfee Internet SecurityMediaLifeMicrosoft .NET Framework 1.1Microsoft .NET Framework 1.1 Security Update (KB2656353)Microsoft .NET Framework 1.1 Security Update (KB2656370)Microsoft .NET Framework 1.1 Security Update (KB979906)Microsoft .NET Framework 2.0 Service Pack 2Microsoft .NET Framework 3.0 Service Pack 2Microsoft .NET Framework 3.5 SP1Microsoft Application Error ReportingMicrosoft Choice GuardMicrosoft Compression Client Pack 1.0 for Windows XPMicrosoft Internationalized Domain Names Mitigation APIsMicrosoft National Language Support Downlevel APIsMicrosoft Office Small Business Edition 2003Microsoft SilverlightMicrosoft SQL Server Desktop Engine (UPSWSDBSERVER)Microsoft User-Mode Driver Framework Feature Pack 1.0Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161MSICheckerMSNMSVCRTMSXML 4.0 SP2 (KB927978)MSXML 4.0 SP2 (KB936181)MSXML 4.0 SP2 (KB954430)MSXML 4.0 SP2 (KB973688)Musicmatch® JukeboxNA1MessengerNero BurnRightsNero OEMNetWaitingNRFOctoshape add-in for Adobe Flash PlayerOGA Notifier 2.0.0048.0OmniForm 4.0PDF SettingsPolicyManagerPowerDVDQFolderQuickTimeRealPlayerReconcilerRecovery Software Suite GatewayRegCure 1.5.0.1ReportServerRhapsody Player EngineSafariScan Manager 5.1Security Update for CAPICOM (KB931906)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)Security Update for Microsoft Windows (KB2564958)Security Update for Step By Step Interactive Training (KB898458)Security Update for Windows Internet Explorer 7 (KB928090)Security Update for Windows Internet Explorer 7 (KB929969)Security Update for Windows Internet Explorer 7 (KB931768)Security Update for Windows Internet Explorer 7 (KB933566)Security Update for Windows Internet Explorer 7 (KB937143)Security Update for Windows Internet Explorer 7 (KB938127)Security Update for Windows Internet Explorer 7 (KB939653)Security Update for Windows Internet Explorer 7 (KB942615)Security Update for Windows Internet Explorer 7 (KB944533)Security Update for Windows Internet Explorer 7 (KB950759)Security Update for Windows Internet Explorer 7 (KB953838)Security Update for Windows Internet Explorer 7 (KB956390)Security Update for Windows Internet Explorer 7 (KB958215)Security Update for Windows Internet Explorer 7 (KB960714)Security Update for Windows Internet Explorer 7 (KB961260)Security Update for Windows Internet Explorer 7 (KB963027)Security Update for Windows Internet Explorer 7 (KB969897)Security Update for Windows Internet Explorer 7 (KB972260)Security Update for Windows Internet Explorer 8 (KB2183461)Security Update for Windows Internet Explorer 8 (KB2360131)Security Update for Windows Internet Explorer 8 (KB2416400)Security Update for Windows Internet Explorer 8 (KB2482017)Security Update for Windows Internet Explorer 8 (KB2497640)Security Update for Windows Internet Explorer 8 (KB2510531)Security Update for Windows Internet Explorer 8 (KB2530548)Security Update for Windows Internet Explorer 8 (KB2544521)Security Update for Windows Internet Explorer 8 (KB2559049)Security Update for Windows Internet Explorer 8 (KB2586448)Security Update for Windows Internet Explorer 8 (KB2618444)Security Update for Windows Internet Explorer 8 (KB2647516)Security Update for Windows Internet Explorer 8 (KB2675157)Security Update for Windows Internet Explorer 8 (KB971961)Security Update for Windows Internet Explorer 8 (KB972260)Security Update for Windows Internet Explorer 8 (KB974455)Security Update for Windows Internet Explorer 8 (KB976325)Security Update for Windows Internet Explorer 8 (KB978207)Security Update for Windows Internet Explorer 8 (KB981332)Security Update for Windows Internet Explorer 8 (KB982381)Security Update for Windows Media Player (KB2378111)Security Update for Windows Media Player (KB911564)Security Update for Windows Media Player (KB952069)Security Update for Windows Media Player (KB954155)Security Update for Windows Media Player (KB968816)Security Update for Windows Media Player (KB973540)Security Update for Windows Media Player (KB975558)Security Update for Windows Media Player (KB978695)Security Update for Windows Media Player 10 (KB911565)Security Update for Windows Media Player 10 (KB917734)Security Update for Windows Media Player 11 (KB936782)Security Update for Windows Media Player 11 (KB954154)Security Update for Windows Media Player 6.4 (KB925398)Security Update for Windows XP (KB2079403)Security Update for Windows XP (KB2115168)Security Update for Windows XP (KB2121546)Security Update for Windows XP (KB2160329)Security Update for Windows XP (KB2229593)Security Update for Windows XP (KB2259922)Security Update for Windows XP (KB2279986)Security Update for Windows XP (KB2286198)Security Update for Windows XP (KB2296011)Security Update for Windows XP (KB2296199)Security Update for Windows XP (KB2347290)Security Update for Windows XP (KB2360937)Security Update for Windows XP (KB2387149)Security Update for Windows XP (KB2393802)Security Update for Windows XP (KB2412687)Security Update for Windows XP (KB2419632)Security Update for Windows XP (KB2423089)Security Update for Windows XP (KB2436673)Security Update for Windows XP (KB2440591)Security Update for Windows XP (KB2443105)Security Update for Windows XP (KB2476490)Security Update for Windows XP (KB2476687)Security Update for Windows XP (KB2478960)Security Update for Windows XP (KB2478971)Security Update for Windows XP (KB2479628)Security Update for Windows XP (KB2479943)Security Update for Windows XP (KB2481109)Security Update for Windows XP (KB2483185)Security Update for Windows XP (KB2485376)Security Update for Windows XP (KB2485663)Security Update for Windows XP (KB2491683)Security Update for Windows XP (KB2503658)Security Update for Windows XP (KB2503665)Security Update for Windows XP (KB2506212)Security Update for Windows XP (KB2506223)Security Update for Windows XP (KB2507618)Security Update for Windows XP (KB2507938)Security Update for Windows XP (KB2508272)Security Update for Windows XP (KB2508429)Security Update for Windows XP (KB2509553)Security Update for Windows XP (KB2511455)Security Update for Windows XP (KB2524375)Security Update for Windows XP (KB2535512)Security Update for Windows XP (KB2536276-v2)Security Update for Windows XP (KB2536276)Security Update for Windows XP (KB2544893-v2)Security Update for Windows XP (KB2544893)Security Update for Windows XP (KB2555917)Security Update for Windows XP (KB2562937)Security Update for Windows XP (KB2566454)Security Update for Windows XP (KB2567053)Security Update for Windows XP (KB2567680)Security Update for Windows XP (KB2570222)Security Update for Windows XP (KB2570947)Security Update for Windows XP (KB2584146)Security Update for Windows XP (KB2585542)Security Update for Windows XP (KB2592799)Security Update for Windows XP (KB2598479)Security Update for Windows XP (KB2603381)Security Update for Windows XP (KB2618451)Security Update for Windows XP (KB2619339)Security Update for Windows XP (KB2620712)Security Update for Windows XP (KB2621440)Security Update for Windows XP (KB2624667)Security Update for Windows XP (KB2631813)Security Update for Windows XP (KB2633171)Security Update for Windows XP (KB2639417)Security Update for Windows XP (KB2641653)Security Update for Windows XP (KB2646524)Security Update for Windows XP (KB2647518)Security Update for Windows XP (KB2653956)Security Update for Windows XP (KB2659262)Security Update for Windows XP (KB2660465)Security Update for Windows XP (KB2661637)Security Update for Windows XP (KB2676562)Security Update for Windows XP (KB2686509)Security Update for Windows XP (KB2695962)Security Update for Windows XP (KB913433)Security Update for Windows XP (KB923561)Security Update for Windows XP (KB923689)Security Update for Windows XP (KB938464-v2)Security Update for Windows XP (KB938464)Security Update for Windows XP (KB941569)Security Update for Windows XP (KB946648)Security Update for Windows XP (KB950760)Security Update for Windows XP (KB950762)Security Update for Windows XP (KB950974)Security Update for Windows XP (KB951066)Security Update for Windows XP (KB951376-v2)Security Update for Windows XP (KB951376)Security Update for Windows XP (KB951698)Security Update for Windows XP (KB951748)Security Update for Windows XP (KB952004)Security Update for Windows XP (KB952954)Security Update for Windows XP (KB953839)Security Update for Windows XP (KB954211)Security Update for Windows XP (KB954459)Security Update for Windows XP (KB954600)Security Update for Windows XP (KB955069)Security Update for Windows XP (KB956391)Security Update for Windows XP (KB956572)Security Update for Windows XP (KB956744)Security Update for Windows XP (KB956802)Security Update for Windows XP (KB956803)Security Update for Windows XP (KB956841)Security Update for Windows XP (KB956844)Security Update for Windows XP (KB957095)Security Update for Windows XP (KB957097)Security Update for Windows XP (KB958644)Security Update for Windows XP (KB958687)Security Update for Windows XP (KB958690)Security Update for Windows XP (KB958869)Security Update for Windows XP (KB959426)Security Update for Windows XP (KB960225)Security Update for Windows XP (KB960715)Security Update for Windows XP (KB960803)Security Update for Windows XP (KB960859)Security Update for Windows XP (KB961371)Security Update for Windows XP (KB961373)Security Update for Windows XP (KB961501)Security Update for Windows XP (KB968537)Security Update for Windows XP (KB969059)Security Update for Windows XP (KB969898)Security Update for Windows XP (KB969947)Security Update for Windows XP (KB970238)Security Update for Windows XP (KB970430)Security Update for Windows XP (KB971468)Security Update for Windows XP (KB971486)Security Update for Windows XP (KB971557)Security Update for Windows XP (KB971633)Security Update for Windows XP (KB971657)Security Update for Windows XP (KB972270)Security Update for Windows XP (KB973346)Security Update for Windows XP (KB973354)Security Update for Windows XP (KB973507)Security Update for Windows XP (KB973525)Security Update for Windows XP (KB973869)Security Update for Windows XP (KB973904)Security Update for Windows XP (KB974112)Security Update for Windows XP (KB974318)Security Update for Windows XP (KB974392)Security Update for Windows XP (KB974571)Security Update for Windows XP (KB975025)Security Update for Windows XP (KB975467)Security Update for Windows XP (KB975560)Security Update for Windows XP (KB975561)Security Update for Windows XP (KB975562)Security Update for Windows XP (KB975713)Security Update for Windows XP (KB977165)Security Update for Windows XP (KB977816)Security Update for Windows XP (KB977914)Security Update for Windows XP (KB978037)Security Update for Windows XP (KB978251)Security Update for Windows XP (KB978262)Security Update for Windows XP (KB978338)Security Update for Windows XP (KB978542)Security Update for Windows XP (KB978601)Security Update for Windows XP (KB978706)Security Update for Windows XP (KB979309)Security Update for Windows XP (KB979482)Security Update for Windows XP (KB979559)Security Update for Windows XP (KB979683)Security Update for Windows XP (KB979687)Security Update for Windows XP (KB980195)Security Update for Windows XP (KB980218)Security Update for Windows XP (KB980232)Security Update for Windows XP (KB980436)Security Update for Windows XP (KB981322)Security Update for Windows XP (KB981852)Security Update for Windows XP (KB981957)Security Update for Windows XP (KB981997)Security Update for Windows XP (KB982132)Security Update for Windows XP (KB982214)Security Update for Windows XP (KB982665)Security Update for Windows XP (KB982802)Segoe UISibelius Scorch (ActiveX Only)Spelling Dictionaries Support For Adobe Reader 8SUPERAntiSpywareSupportUtilitySymantec Technical Support Advanced Chat ControlsSystemTurboCAD Professional v10.5UnifiedPrintingUpdate for Microsoft .NET Framework 3.5 SP1 (KB963707)Update for Windows Internet Explorer 8 (KB972636)Update for Windows Internet Explorer 8 (KB976662)Update for Windows Internet Explorer 8 (KB976749)Update for Windows Internet Explorer 8 (KB980182)Update for Windows XP (KB2141007)Update for Windows XP (KB2345886)Update for Windows XP (KB2467659)Update for Windows XP (KB2541763)Update for Windows XP (KB2607712)Update for Windows XP (KB2616676)Update for Windows XP (KB2641690)Update for Windows XP (KB951072-v2)Update for Windows XP (KB951978)Update for Windows XP (KB955759)Update for Windows XP (KB955839)Update for Windows XP (KB967715)Update for Windows XP (KB968389)Update for Windows XP (KB971029)Update for Windows XP (KB971737)Update for Windows XP (KB973687)Update for Windows XP (KB973815)UPS WorldShipUPSDBUPSICCUPSlinkHTTPUPSVC2008MMUPSVCMMVocalocity DesktopWebFldrs XPWebHelpWebShopWindows Genuine Advantage Notifications (KB905474)Windows Genuine Advantage Validation Tool (KB892130)Windows Internet Explorer 7Windows Internet Explorer 8Windows Live Communications PlatformWindows Live EssentialsWindows Live MailWindows Live Sign-in AssistantWindows Live Upload ToolWindows Media Format 11 runtimeWindows Media Player 11Windows XP Service Pack 3WorldShipWSSharedYahoo! Music JukeboxZoom V.92 PCI Voice Faxmodem.==== Event Viewer Messages From Past Week ========.6/8/2012 5:41:26 PM, error: Service Control Manager [7023] - The Network Location Awareness (NLA) service terminated with the following error: The specified procedure could not be found.6/12/2012 1:11:20 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee Scanner service to connect.6/12/2012 1:11:20 PM, error: Service Control Manager [7000] - The McAfee Scanner service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.6/12/2012 1:11:20 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service MCODS with arguments "" in order to run the server: {C98F04D7-CD30-4BB0-B7D7-8DD7448520F2}6/12/2012 1:03:12 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: abp480n5 ACPIEC adpu160m agp440 agpCPQ Aha154x aic78u2 aic78xx AliIde alim1541 amdagp amsint asc asc3350p asc3550 cbidf cd20xrnt CmdIde Cpqarray dac2w2k dac960nt dpti2o hpn i2omp ini910u IntelIde mraid35x Pcmcia perc2 perc2hib ql1080 Ql10wnt ql12160 ql1240 ql1280 sisagp Sparrow symc810 symc8xx sym_hi sym_u3 TosIde ultra viaagp ViaIde6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The WaveFDE service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The Was service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The Vstor2 service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The Vcsw service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The Speakerphone service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The S116mdfl service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The PCDCODEC service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The Oracle_load_balancer_60_server-forms6i service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The Omniusb service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The NuidFltr service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The Kbdhid service terminated with the following error: The specified module could not be found.6/12/2012 1:03:12 PM, error: Service Control Manager [7023] - The Admjoy service terminated with the following error: The specified module could not be found..==== End Of File ===========================That should do it. Link to post Share on other sites More sharing options...
jeffaward Posted June 13, 2012 Author ID:560209 Share Posted June 13, 2012 Depending on your advise from the attached logs, would you recommend removing the trojan with an in-place reinstall or a complete uninstall and then reinstall? I am a little confused on what is necessary to get me back to a neutral computer. Link to post Share on other sites More sharing options...
Maniac Posted June 14, 2012 ID:560468 Share Posted June 14, 2012 What we can offer here is to clean up malware and preventions can offer, but we can not guarantee that everything is absolutely clean and never likely to happen again as a result of this malware, and by something new. I already warned you. Take a look at my second post.http://forums.malwarebytes.org/index.php?showtopic=111043&view=findpost&p=559943Good article from Microsoft Security Team:http://technet.microsoft.com/en-us/library/cc512587.aspxhttp://technet.microsoft.com/en-us/library/cc512595.aspxIf you want to proceed:Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofix* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Please include the C:\ComboFix.txt in your next reply for further review. Link to post Share on other sites More sharing options...
LDTate Posted June 19, 2012 ID:561985 Share Posted June 19, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts