Jump to content

Need Virus Removal Help


Recommended Posts

On the 24th a website came up in a popup and automatically downloaded an .exe file to my computer. I deleted the .exe but my friend told me I should be wary of other things the popup had done to my computer. Multiple full scans with Malware Bytes told me that my computer was clean. Recently I have been having "Successfully blocked a potentially malicious ip" popups from Malware Bytes. I checked MSE and in the quarantine was this: http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=TrojanDownloader%3AJava%2FOpenStream.CL It told me that I should remove the trojan as soon as possible. I clicked the remove button on the bottom in attempt to remove the trojan but I think it just removed the item from quarantine. :(

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.3.0

Run by Julien at 16:00:04 on 2013-01-01

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3037.1982 [GMT -7:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

============== Running Processes ================

.

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Razer\Synapse\RzSynapse.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\igfxsrvc.exe

C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

C:\Documents and Settings\Julien\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Julien\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Julien\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Julien\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Julien\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\WINDOWS\System32\svchost.exe -k HTTPFilter

.

============== Pseudo HJT Report ===============

.

uStart Page = about:Tabs

uInternet Connection Wizard,ShellNext = "c:\program files\outlook express\msimn.exe" //mailurl:mailto:nostarchpr@oreilly.com?subject=Review%20request%20for%20Badass%20LEGO%20Guns

BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [Google Update] "c:\documents and settings\julien\local settings\application data\google\update\GoogleUpdate.exe" /c

uRun: [steam] "c:\program files\steam\steam.exe" -silent

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [Alcmtr] ALCMTR.EXE

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [Razer Synapse] "c:\program files\razer\synapse\RzSynapse.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

dRunOnce: [RunNarrator] Narrator.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1355190858500

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: NameServer = 192.168.0.1 205.171.2.25

TCP: Interfaces\{5F2EBDD7-CDED-4F4D-84F7-AD8EC46CFEF8} : NameServer = 192.168.0.1,205.171.3.25

TCP: Interfaces\{5F2EBDD7-CDED-4F4D-84F7-AD8EC46CFEF8} : DHCPNameServer = 192.168.0.1 205.171.2.25

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll

Notify: igfxcui - igfxdev.dll

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 193552]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-27 398184]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-4-3 682344]

R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-11-22 3290304]

R3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer;c:\windows\system32\drivers\hidkmdf.sys [2012-4-8 6656]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2011-2-6 110080]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-4-3 21104]

R3 rzdaendpt;Razer DeathAdder end point;c:\windows\system32\drivers\rzdaendpt.sys [2012-6-10 22400]

R3 rzkbdhid;Razer HID Keyboard Driver Service;c:\windows\system32\drivers\rzkbdhid.sys [2012-6-10 3456]

R3 rzudd;Razer Mouse Driver;c:\windows\system32\drivers\rzudd.sys [2012-6-10 94592]

R3 rzvkeyboard;Razer Virtual Keyboard Driver;c:\windows\system32\drivers\rzvkeyboard.sys [2012-6-10 19968]

R3 VKbms;Razer Gaming Device;c:\windows\system32\drivers\VKbms.sys [2012-4-8 10240]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

S0 cerc6;cerc6; [x]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]

S3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [2012-4-8 11136]

.

=============== Created Last 30 ================

.

2013-01-01 22:47:36 6812136 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{9c361562-ef41-41d9-bb03-fd10a1490551}\mpengine.dll

2012-12-31 23:32:09 6812136 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2012-12-28 22:23:25 710504 ----a-w- c:\windows\isRS-000.tmp

2012-12-12 10:40:27 16363960 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

.

==================== Find3M ====================

.

2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-12-14 23:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-12 10:40:33 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-12 10:40:33 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-11-21 04:29:49 499712 ----a-w- c:\windows\system32\msvcp71.dll

2012-11-21 04:29:49 348160 ----a-w- c:\windows\system32\msvcr71.dll

2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys

2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll

2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:17:54 43520 ------w- c:\windows\system32\licmgr10.dll

2012-11-01 12:17:54 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35:34 385024 ------w- c:\windows\system32\html.iec

2012-10-29 02:19:02 148480 ----a-w- c:\windows\system32\rztouchdll.dll

2012-10-29 02:18:58 617472 ----a-w- c:\windows\system32\rzdevicedll.dll

2012-10-29 02:18:56 165888 ----a-w- c:\windows\system32\rzaudiodll.dll

2012-10-25 02:13:16 22400 ----a-w- c:\windows\system32\drivers\rzdaendpt.sys

2012-10-25 02:13:14 3456 ----a-w- c:\windows\system32\drivers\rzkbdhid.sys

2012-10-25 02:13:14 19968 ----a-w- c:\windows\system32\drivers\rzvkeyboard.sys

2012-10-25 02:13:10 94592 ----a-w- c:\windows\system32\drivers\rzudd.sys

.

============= FINISH: 16:00:36.13 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume2

Install Date: 2/6/2011 1:54:54 PM

System Uptime: 12/28/2012 4:17:29 PM (96 hours ago)

.

Motherboard: Dell Inc. | | 0P301D

Processor: Intel Pentium III Xeon processor | Socket 775 | 2992/333mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 466 GiB total, 409.117 GiB free.

D: is CDROM ()

E: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP771: 10/3/2012 10:01:04 PM - Software Distribution Service 3.0

RP772: 10/4/2012 9:58:54 PM - Software Distribution Service 3.0

RP773: 10/5/2012 9:58:32 PM - Software Distribution Service 3.0

RP774: 10/6/2012 9:58:43 PM - Software Distribution Service 3.0

RP775: 10/7/2012 1:58:00 AM - Software Distribution Service 3.0

RP776: 10/7/2012 9:57:47 PM - Software Distribution Service 3.0

RP777: 10/8/2012 9:58:04 PM - Software Distribution Service 3.0

RP778: 10/9/2012 9:57:15 PM - Software Distribution Service 3.0

RP779: 10/10/2012 10:17:56 PM - System Checkpoint

RP780: 10/11/2012 3:00:33 AM - Software Distribution Service 3.0

RP781: 10/11/2012 3:30:00 AM - Software Distribution Service 3.0

RP782: 10/12/2012 3:29:09 AM - Software Distribution Service 3.0

RP783: 10/13/2012 3:26:54 AM - Software Distribution Service 3.0

RP784: 10/14/2012 1:33:00 AM - Software Distribution Service 3.0

RP785: 10/14/2012 3:24:23 AM - Software Distribution Service 3.0

RP786: 10/15/2012 3:20:50 AM - Software Distribution Service 3.0

RP787: 10/16/2012 3:40:52 AM - System Checkpoint

RP788: 10/16/2012 9:46:30 PM - Software Distribution Service 3.0

RP789: 10/17/2012 9:44:12 PM - Software Distribution Service 3.0

RP790: 10/18/2012 9:43:30 PM - Software Distribution Service 3.0

RP791: 10/19/2012 10:28:46 PM - System Checkpoint

RP792: 10/20/2012 11:36:39 AM - Software Distribution Service 3.0

RP793: 10/21/2012 1:54:04 AM - Software Distribution Service 3.0

RP794: 10/21/2012 11:36:52 AM - Software Distribution Service 3.0

RP795: 10/22/2012 4:24:47 PM - System Checkpoint

RP796: 10/22/2012 7:57:17 PM - Software Distribution Service 3.0

RP797: 10/23/2012 11:12:54 PM - System Checkpoint

RP798: 10/24/2012 7:31:52 PM - Software Distribution Service 3.0

RP799: 10/25/2012 7:30:41 PM - Software Distribution Service 3.0

RP800: 10/26/2012 9:33:05 PM - Software Distribution Service 3.0

RP801: 10/27/2012 9:28:44 PM - Software Distribution Service 3.0

RP802: 10/28/2012 1:53:09 AM - Software Distribution Service 3.0

RP803: 10/28/2012 9:27:33 PM - Software Distribution Service 3.0

RP804: 10/29/2012 9:25:48 PM - Software Distribution Service 3.0

RP805: 10/30/2012 9:21:04 PM - Software Distribution Service 3.0

RP806: 10/31/2012 9:18:41 PM - Software Distribution Service 3.0

RP807: 11/1/2012 9:14:41 PM - Software Distribution Service 3.0

RP808: 11/2/2012 9:13:04 PM - Software Distribution Service 3.0

RP809: 11/3/2012 10:45:04 PM - System Checkpoint

RP810: 11/4/2012 12:50:19 AM - Software Distribution Service 3.0

RP811: 11/4/2012 2:56:19 PM - Software Distribution Service 3.0

RP812: 11/5/2012 2:54:20 PM - Software Distribution Service 3.0

RP813: 11/6/2012 2:52:25 PM - Software Distribution Service 3.0

RP814: 11/7/2012 2:51:21 PM - Software Distribution Service 3.0

RP815: 11/8/2012 2:49:26 PM - Software Distribution Service 3.0

RP816: 11/9/2012 2:46:37 PM - Software Distribution Service 3.0

RP817: 11/10/2012 2:43:29 PM - Software Distribution Service 3.0

RP818: 11/11/2012 1:50:26 AM - Software Distribution Service 3.0

RP819: 11/11/2012 2:40:22 PM - Software Distribution Service 3.0

RP820: 11/11/2012 9:21:42 PM - Software Distribution Service 3.0

RP821: 11/12/2012 9:23:40 PM - Software Distribution Service 3.0

RP822: 11/13/2012 3:00:14 AM - Software Distribution Service 3.0

RP823: 11/13/2012 9:19:58 PM - Software Distribution Service 3.0

RP824: 11/14/2012 9:24:40 PM - Software Distribution Service 3.0

RP825: 11/15/2012 3:00:17 AM - Software Distribution Service 3.0

RP826: 11/16/2012 3:22:30 AM - System Checkpoint

RP827: 11/16/2012 3:30:20 AM - Software Distribution Service 3.0

RP828: 11/17/2012 3:26:00 AM - Software Distribution Service 3.0

RP829: 11/18/2012 2:12:26 AM - Software Distribution Service 3.0

RP830: 11/18/2012 11:46:42 AM - Removed Apple Application Support

RP831: 11/18/2012 11:47:19 AM - Removed Apple Mobile Device Support

RP832: 11/18/2012 11:55:15 AM - Removed REALTEK GbE & FE Ethernet PCI-E NIC Driver

RP833: 11/18/2012 11:55:33 AM - Removed Realtek High Definition Audio Driver

RP834: 11/18/2012 1:35:55 PM - Restore Operation

RP835: 11/19/2012 2:03:40 PM - System Checkpoint

RP836: 11/19/2012 4:47:21 PM - Software Distribution Service 3.0

RP837: 11/19/2012 6:58:49 PM - Installed iTunes

RP838: 11/20/2012 4:51:56 PM - Software Distribution Service 3.0

RP839: 11/21/2012 4:37:42 PM - Software Distribution Service 3.0

RP840: 11/22/2012 5:29:37 PM - System Checkpoint

RP841: 11/22/2012 7:37:19 PM - Software Distribution Service 3.0

RP842: 11/23/2012 7:35:12 PM - Software Distribution Service 3.0

RP843: 11/24/2012 7:31:32 PM - Software Distribution Service 3.0

RP844: 11/25/2012 1:56:37 AM - Software Distribution Service 3.0

RP845: 11/26/2012 2:49:37 AM - System Checkpoint

RP846: 11/26/2012 6:08:08 PM - Software Distribution Service 3.0

RP847: 11/27/2012 7:05:01 PM - Software Distribution Service 3.0

RP848: 11/28/2012 7:01:40 PM - Software Distribution Service 3.0

RP849: 11/29/2012 7:04:29 PM - System Checkpoint

RP850: 11/30/2012 6:55:25 PM - Software Distribution Service 3.0

RP851: 12/2/2012 12:02:24 AM - System Checkpoint

RP852: 12/2/2012 1:38:06 AM - Software Distribution Service 3.0

RP853: 12/3/2012 2:06:58 AM - System Checkpoint

RP854: 12/3/2012 9:14:38 PM - Software Distribution Service 3.0

RP855: 12/4/2012 11:40:45 PM - System Checkpoint

RP856: 12/5/2012 2:08:48 AM - Software Distribution Service 3.0

RP857: 12/5/2012 9:04:57 PM - Software Distribution Service 3.0

RP858: 12/6/2012 9:05:21 PM - Software Distribution Service 3.0

RP859: 12/7/2012 10:20:27 PM - System Checkpoint

RP860: 12/8/2012 8:27:36 PM - Software Distribution Service 3.0

RP861: 12/9/2012 2:01:42 AM - Software Distribution Service 3.0

RP862: 12/10/2012 2:14:45 AM - System Checkpoint

RP863: 12/10/2012 6:59:24 PM - Software Distribution Service 3.0

RP864: 12/10/2012 7:00:24 PM - Software Distribution Service 3.0

RP865: 12/11/2012 7:17:33 PM - Software Distribution Service 3.0

RP866: 12/12/2012 3:00:19 AM - Software Distribution Service 3.0

RP867: 12/13/2012 3:29:04 AM - Software Distribution Service 3.0

RP868: 12/14/2012 3:28:56 AM - Software Distribution Service 3.0

RP869: 12/15/2012 4:11:46 AM - System Checkpoint

RP870: 12/15/2012 8:22:10 PM - Software Distribution Service 3.0

RP871: 12/16/2012 2:05:04 AM - Software Distribution Service 3.0

RP872: 12/16/2012 8:19:15 PM - Software Distribution Service 3.0

RP873: 12/17/2012 10:40:49 PM - System Checkpoint

RP874: 12/18/2012 3:59:20 PM - Software Distribution Service 3.0

RP875: 12/19/2012 4:02:39 PM - System Checkpoint

RP876: 12/19/2012 5:12:13 PM - Software Distribution Service 3.0

RP877: 12/20/2012 5:10:05 PM - Software Distribution Service 3.0

RP878: 12/21/2012 3:00:14 AM - Software Distribution Service 3.0

RP879: 12/22/2012 3:19:52 AM - System Checkpoint

RP880: 12/22/2012 3:27:26 AM - Software Distribution Service 3.0

RP881: 12/23/2012 2:13:03 AM - Software Distribution Service 3.0

RP882: 12/24/2012 2:31:51 AM - System Checkpoint

RP883: 12/24/2012 3:27:13 AM - Software Distribution Service 3.0

RP884: 12/25/2012 3:54:29 AM - System Checkpoint

RP885: 12/25/2012 12:02:00 PM - Software Distribution Service 3.0

RP886: 12/26/2012 12:01:02 PM - Software Distribution Service 3.0

RP887: 12/27/2012 12:00:59 PM - Software Distribution Service 3.0

RP888: 12/28/2012 12:00:55 PM - Software Distribution Service 3.0

RP889: 12/29/2012 12:46:12 PM - System Checkpoint

RP890: 12/29/2012 4:29:58 PM - Software Distribution Service 3.0

RP891: 12/30/2012 2:15:24 AM - Software Distribution Service 3.0

RP892: 12/30/2012 4:31:08 PM - Software Distribution Service 3.0

RP893: 12/31/2012 4:32:01 PM - Software Distribution Service 3.0

RP894: 1/1/2013 3:47:33 PM - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

32 Bit HP CIO Components Installer

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.4)

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Bonjour

BufferChm

C4600

Cockatrice

Dell Resource CD

Destinations

DeviceDiscovery

Far Cry

FL Studio 10

Google Chrome

GPBaseService2

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2756822)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB942288-v3)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB958655-v2)

HP Imaging Device Functions 13.0

HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5

HP Smart Web Printing 4.5

HP Solution Center 13.0

HP Update

HPProductAssistant

hpWLPGInstaller

IL Download Manager

Intel® Graphics Media Accelerator Driver

iTunes

Java Auto Updater

Java 6 Update 31

Java 7 Update 3

Java SE Development Kit 7 Update 3

Malwarebytes Anti-Malware version 1.70.0.1100

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft Application Error Reporting

Microsoft Help Viewer 1.0

Microsoft Kernel-Mode Driver Framework Feature Pack 1.9

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Software Update for Web Folders (English) 12

Microsoft SQL Server 2008 R2 Management Objects

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft SQL Server System CLR Types

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Pando Media Booster

PS_AIO_05_C4600_Software_Min

QuickTime

Razer Synapse 2.0

Realm of the Mad God

REALTEK GbE & FE Ethernet PCI-E NIC Driver

Realtek High Definition Audio Driver

Scan

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2416400)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2753842)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2761226)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2779030)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981349)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Skype Click to Call

Skype™ 5.10

SmartWebPrinting

SolutionCenter

Status

Steam

Team Fortress 2

Toolbox

TrayApp

Unity Web Player

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Windows Internet Explorer 8 (KB2447568)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB898461)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

WebFldrs XP

WebReg

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

WinRAR 4.01 (32-bit)

.

==== Event Viewer Messages From Past Week ========

.

12/28/2012 3:23:00 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).

.

==== End Of File ===========================

Link to post
Share on other sites

  • Staff

Hi and welcome to Malwarebytes.

Please update MBAM, run a Quick Scan, and post its log.

Next, please visit this webpage for instructions for running ComboFix:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

  • When the tool is finished, it will produce a report for you.
  • Please post the contents of C:\ComboFix.txt along with a new DDS log so we may continue cleaning the system.

Link to post
Share on other sites

The MBAM scan came out fine:

Malwarebytes Anti-Malware (Trial) 1.70.0.1100

www.malwarebytes.org

Database version: v2013.01.01.04

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Julien :: UPSTAIRS [administrator]

Protection: Enabled

1/1/2013 4:54:46 PM

mbam-log-2013-01-01 (16-54-46).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 292364

Time elapsed: 7 minute(s), 15 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

I downloaded ComboFix and did everything as instructed but during the scan (at around Stage 5) my computer crashed with a bluescreen. It said that "Plug and Play" had detected an error. Should I attempt another ComboFix scan? My computer is not very powerful (Vostro 220) and occasionally bluescreens when it has to process a lot of information. This may have been the cause but I have never had a bluescreen talk about "Plug and Play" before.

Link to post
Share on other sites

  • Staff

Hi,

Let's run ComboFix a different way. However, repeated blue screens could be a sign of hard drive failure.

Delete your copy of ComboFix. Grab a fresh copy and save it to your Desktop, but do not run it yet. Before you download it, rename it to sega.com (ensure that the Save As type is "All Files").

Please reboot to Safe Mode (tap the F8 key just before Windows starts to load and select the Safe Mode option from the menu).

Click Start --> Run, and enter this command exactly as shown:

"%userprofile%\desktop\sega.com" /killall

See if it will run successfully now. Stop it after half an hour of no activity.

Link to post
Share on other sites

Before you download it, rename it to sega.com (ensure that the Save As type is "All Files").

When I click the download link instead of being promoted with "Save As" it just downloads immediately to the bottom of my chrome browser. This is normal but I need to have the prompt in order to save it as sega.com. What do I do?

Link to post
Share on other sites

It ran successfully this time. I followed your directions exactly. Here is the log:

ComboFix 13-01-02.02 - Julien 01/02/2013 18:09:02.1.2 - x86 MINIMAL

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3037.2768 [GMT -7:00]

Running from: c:\documents and settings\Julien\desktop\sega.com

Command switches used :: /killall

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

.

((((((((((((((((((((((((( Files Created from 2012-12-03 to 2013-01-03 )))))))))))))))))))))))))))))))

.

.

2013-01-03 01:17 . 2013-01-03 01:17 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5C5FBDB2-3127-4911-ADE7-C90BA441902E}\MpKsl3e683b4a.sys

2013-01-03 01:01 . 2013-01-03 01:01 -------- d--h--w- c:\windows\PIF

2013-01-03 00:38 . 2012-11-08 18:00 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5C5FBDB2-3127-4911-ADE7-C90BA441902E}\mpengine.dll

2013-01-02 00:31 . 2012-11-08 18:00 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-12-12 10:40 . 2012-12-12 10:40 16363960 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-16 12:23 . 2008-04-13 23:00 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-12-14 23:49 . 2011-04-03 23:48 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-12 10:40 . 2012-10-24 00:56 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-12 10:40 . 2012-10-24 00:56 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-11-21 04:29 . 2009-05-22 03:21 499712 ----a-w- c:\windows\system32\msvcp71.dll

2012-11-21 04:29 . 2009-05-22 01:57 348160 ----a-w- c:\windows\system32\msvcr71.dll

2012-11-13 01:25 . 2008-04-13 23:00 1866368 ----a-w- c:\windows\system32\win32k.sys

2012-11-02 02:02 . 2008-04-13 23:00 375296 ----a-w- c:\windows\system32\dpnet.dll

2012-11-01 12:17 . 2008-04-13 23:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:17 . 2008-04-13 23:00 43520 ------w- c:\windows\system32\licmgr10.dll

2012-11-01 12:17 . 2008-04-13 23:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35 . 2008-04-13 23:00 385024 ------w- c:\windows\system32\html.iec

2012-10-29 02:19 . 2012-10-29 02:19 148480 ----a-w- c:\windows\system32\rztouchdll.dll

2012-10-29 02:18 . 2012-10-29 02:18 617472 ----a-w- c:\windows\system32\rzdevicedll.dll

2012-10-29 02:18 . 2012-10-29 02:18 165888 ----a-w- c:\windows\system32\rzaudiodll.dll

2012-10-25 02:13 . 2012-06-10 22:36 22400 ----a-w- c:\windows\system32\drivers\rzdaendpt.sys

2012-10-25 02:13 . 2012-06-10 22:37 3456 ----a-w- c:\windows\system32\drivers\rzkbdhid.sys

2012-10-25 02:13 . 2012-06-10 22:37 19968 ----a-w- c:\windows\system32\drivers\rzvkeyboard.sys

2012-10-25 02:13 . 2012-06-10 22:37 94592 ----a-w- c:\windows\system32\drivers\rzudd.sys

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Steam"="c:\program files\Steam\steam.exe" [2012-12-05 1354736]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"="RTHDCPL.EXE" [2008-07-31 16806912]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]

"Razer Synapse"="c:\program files\Razer\Synapse\RzSynapse.exe" [2012-11-16 336304]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-15 150040]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-15 178712]

"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-15 150040]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"RunNarrator"="Narrator.exe" [2008-04-13 53760]

.

c:\documents and settings\Dominique\Start Menu\Programs\Startup\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

c:\documents and settings\Kimberley\Start Menu\Programs\Startup\

OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2012-09-10 06:30 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=

"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\WINDOWS\\system32\\java.exe"=

"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=

"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

"c:\\Documents and Settings\\Julien\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\Steam\\Steam.exe"=

"c:\\Program Files\\Steam\\steamapps\\thephoenixofdoom\\team fortress 2\\hl2.exe"=

"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\FarCry\\Bin32\\FarCry.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\FarCry\\Bin32\\FarCryConfigurator.exe"=

"c:\\WINDOWS\\system32\\javaw.exe"=

"c:\\Program Files\\Steam\\steamapps\\common\\realm of the mad god\\Realm of the Mad God.exe"=

"c:\\Program Files\\Java\\jre7\\bin\\javaw.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"25565:TCP"= 25565:TCP:Minecraft

"59155:TCP"= 59155:TCP:Pando Media Booster

"59155:UDP"= 59155:UDP:Pando Media Booster

.

R1 MpKsl3e683b4a;MpKsl3e683b4a;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5C5FBDB2-3127-4911-ADE7-C90BA441902E}\MpKsl3e683b4a.sys [1/2/2013 6:17 PM 29904]

R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [9/27/2012 4:10 PM 398184]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [4/3/2011 4:48 PM 682344]

R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [11/22/2012 10:29 AM 3290304]

R3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer;c:\windows\system32\drivers\hidkmdf.sys [4/8/2012 1:46 PM 6656]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI Service;c:\windows\system32\drivers\IntcHdmi.sys [2/6/2011 2:35 PM 110080]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [4/3/2011 4:48 PM 21104]

R3 rzdaendpt;Razer DeathAdder end point;c:\windows\system32\drivers\rzdaendpt.sys [6/10/2012 3:36 PM 22400]

R3 rzkbdhid;Razer HID Keyboard Driver Service;c:\windows\system32\drivers\rzkbdhid.sys [6/10/2012 3:37 PM 3456]

R3 rzudd;Razer Mouse Driver;c:\windows\system32\drivers\rzudd.sys [6/10/2012 3:37 PM 94592]

R3 rzvkeyboard;Razer Virtual Keyboard Driver;c:\windows\system32\drivers\rzvkeyboard.sys [6/10/2012 3:37 PM 19968]

R3 VKbms;Razer Gaming Device;c:\windows\system32\drivers\VKbms.sys [4/8/2012 1:46 PM 10240]

S0 cerc6;cerc6; [x]

S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [7/13/2012 12:28 PM 160944]

S3 danewFltr;NewDeathAdder Mouse;c:\windows\system32\drivers\danew.sys [4/8/2012 1:46 PM 11136]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MPKSL3E683B4A

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

Contents of the 'Scheduled Tasks' folder

.

2013-01-03 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-24 10:40]

.

2012-12-28 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]

.

2013-01-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1957994488-1801674531-1003Core.job

- c:\documents and settings\Kimberley\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-01-02 18:07]

.

2013-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1957994488-1801674531-1003UA.job

- c:\documents and settings\Kimberley\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-01-02 18:07]

.

2013-01-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1957994488-1801674531-1004Core.job

- c:\documents and settings\Dominique\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-18 01:45]

.

2013-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1957994488-1801674531-1004UA.job

- c:\documents and settings\Dominique\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-18 01:45]

.

2013-01-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1957994488-1801674531-1005Core.job

- c:\documents and settings\Julien\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-04-04 00:46]

.

2013-01-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1417001333-1957994488-1801674531-1005UA.job

- c:\documents and settings\Julien\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-04-04 00:46]

.

2013-01-02 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 23:25]

.

.

------- Supplementary Scan -------

.

uStart Page = about:Tabs

uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe" //mailurl:mailto:nostarchpr@oreilly.com?subject=Review%20request%20for%20Badass%20LEGO%20Guns

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.0.1 205.171.2.25

TCP: Interfaces\{5F2EBDD7-CDED-4F4D-84F7-AD8EC46CFEF8}: NameServer = 192.168.0.1,205.171.3.25

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-01-02 18:17

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(2092)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\msi.dll

c:\windows\system32\webcheck.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\Microsoft Security Client\MsMpEng.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Java\jre7\bin\jqs.exe

c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe

c:\windows\system32\wscntfy.exe

c:\windows\RTHDCPL.EXE

c:\windows\system32\igfxsrvc.exe

c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

.

**************************************************************************

.

Completion time: 2013-01-02 18:23:28 - machine was rebooted

ComboFix-quarantined-files.txt 2013-01-03 01:23

.

Pre-Run: 439,247,282,176 bytes free

Post-Run: 440,757,960,704 bytes free

.

- - End Of File - - 9E02412463A9CE6D5C67B99B7ED9391C

Would you like for me to now reinstall dds and run it again?

Link to post
Share on other sites

Also two other important pieces of information: During the scan, after stage 3, a window appeared saying "PEV.exe has stopped running do to an unexpected error. Would you like to send in an error report?" I didn't click anything because it might interfere with the scan. The other important thing is that Windows Security Center reports that Microsoft Security Essentials is turned off. Microsoft Security Esentials is turned on and looks normal to me.

Link to post
Share on other sites

  • Staff

Looking better. :) Reboot and see if MSE is enabled now.

Run TFC by OldTimer to clear temporary files:

  • Please download TFC from here and save it to your desktop.
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.

  • Download the file TDSSKiller.zip and extract it into a folder on the infected PC.
  • Execute the file TDSSKiller.exe by double-clicking on it.
  • Wait for the scan and disinfection process to be over.
  • When its work is over, the utility prompts for a reboot to complete the disinfection.

By default, the utility outputs runtime log into the system disk root directory (the disk where the operating system is installed, C:\ as a rule).

The log is like UtilityName.Version_Date_Time_log.txt.

for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt.

Please post that log here.

Next, please run a free online scan with the ESET Online Scanner

Note: You will need to use Internet Explorer for this scan.

  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the ActiveX control to install
  4. Click Start
  5. Make sure that the options Remove found threats and the option Scan unwanted applications is checked
  6. Click Scan
    Wait for the scan to finish
  7. Export the threats found (if any), and post them here.

Next, please download AdwCleaner by Xplode onto your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A logfile will automatically open after the scan has finished.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.

Next, download my Security Check from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Let me know how things are running now and what issues remain.

-screen317

Link to post
Share on other sites

Looking better. :) Reboot and see if MSE is enabled now.

I rebooted and MSE is still running as it was before but Windows Security Center still doesn't recognize it. Should I just continue on to TFC? Also why do you think the thing about PEV.exe came up during my scan? Thanks for all the help so far.

Link to post
Share on other sites

I got everything squared away and completed all of the scans. Here are the logs:

TDSS Killer:

19:22:19.0406 2464 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

19:22:19.0859 2464 ============================================================

19:22:19.0859 2464 Current date / time: 2013/01/03 19:22:19.0859

19:22:19.0859 2464 SystemInfo:

19:22:19.0859 2464

19:22:19.0859 2464 OS Version: 5.1.2600 ServicePack: 3.0

19:22:19.0859 2464 Product type: Workstation

19:22:19.0859 2464 ComputerName: UPSTAIRS

19:22:19.0859 2464 UserName: Julien

19:22:19.0859 2464 Windows directory: C:\WINDOWS

19:22:19.0859 2464 System windows directory: C:\WINDOWS

19:22:19.0859 2464 Processor architecture: Intel x86

19:22:19.0859 2464 Number of processors: 2

19:22:19.0859 2464 Page size: 0x1000

19:22:19.0859 2464 Boot type: Normal boot

19:22:19.0859 2464 ============================================================

19:22:20.0546 2464 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

19:22:20.0546 2464 ============================================================

19:22:20.0546 2464 \Device\Harddisk0\DR0:

19:22:20.0546 2464 MBR partitions:

19:22:20.0546 2464 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x3A371830

19:22:20.0546 2464 ============================================================

19:22:20.0593 2464 C: <-> \Device\Harddisk0\DR0\Partition1

19:22:20.0593 2464 ============================================================

19:22:20.0593 2464 Initialize success

19:22:20.0593 2464 ============================================================

19:22:45.0421 3296 ============================================================

19:22:45.0421 3296 Scan started

19:22:45.0421 3296 Mode: Manual;

19:22:45.0421 3296 ============================================================

19:22:45.0515 3296 ================ Scan system memory ========================

19:22:45.0515 3296 System memory - ok

19:22:45.0515 3296 ================ Scan services =============================

19:22:45.0656 3296 Abiosdsk - ok

19:22:45.0671 3296 abp480n5 - ok

19:22:45.0734 3296 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:22:45.0734 3296 ACPI - ok

19:22:45.0812 3296 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

19:22:45.0812 3296 ACPIEC - ok

19:22:45.0937 3296 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

19:22:45.0953 3296 AdobeFlashPlayerUpdateSvc - ok

19:22:45.0953 3296 adpu160m - ok

19:22:46.0015 3296 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

19:22:46.0015 3296 aec - ok

19:22:46.0078 3296 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

19:22:46.0078 3296 AFD - ok

19:22:46.0093 3296 Aha154x - ok

19:22:46.0109 3296 aic78u2 - ok

19:22:46.0125 3296 aic78xx - ok

19:22:46.0171 3296 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

19:22:46.0171 3296 Alerter - ok

19:22:46.0203 3296 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

19:22:46.0203 3296 ALG - ok

19:22:46.0203 3296 AliIde - ok

19:22:46.0218 3296 amsint - ok

19:22:46.0390 3296 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:22:46.0390 3296 Apple Mobile Device - ok

19:22:46.0421 3296 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll

19:22:46.0421 3296 AppMgmt - ok

19:22:46.0437 3296 asc - ok

19:22:46.0453 3296 asc3350p - ok

19:22:46.0453 3296 asc3550 - ok

19:22:46.0562 3296 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

19:22:46.0593 3296 aspnet_state - ok

19:22:46.0625 3296 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:22:46.0625 3296 AsyncMac - ok

19:22:46.0687 3296 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\drivers\atapi.sys

19:22:46.0687 3296 atapi - ok

19:22:46.0703 3296 Atdisk - ok

19:22:46.0765 3296 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:22:46.0765 3296 Atmarpc - ok

19:22:46.0843 3296 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

19:22:46.0843 3296 AudioSrv - ok

19:22:46.0890 3296 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

19:22:46.0890 3296 audstub - ok

19:22:46.0953 3296 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

19:22:46.0953 3296 Beep - ok

19:22:47.0031 3296 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

19:22:47.0046 3296 BITS - ok

19:22:47.0140 3296 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

19:22:47.0156 3296 Bonjour Service - ok

19:22:47.0203 3296 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

19:22:47.0203 3296 Browser - ok

19:22:47.0218 3296 catchme - ok

19:22:47.0281 3296 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

19:22:47.0281 3296 cbidf2k - ok

19:22:47.0281 3296 cd20xrnt - ok

19:22:47.0296 3296 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

19:22:47.0296 3296 Cdaudio - ok

19:22:47.0312 3296 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

19:22:47.0312 3296 Cdfs - ok

19:22:47.0328 3296 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:22:47.0328 3296 Cdrom - ok

19:22:47.0343 3296 cerc6 - ok

19:22:47.0359 3296 Changer - ok

19:22:47.0406 3296 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

19:22:47.0421 3296 CiSvc - ok

19:22:47.0437 3296 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

19:22:47.0437 3296 ClipSrv - ok

19:22:47.0484 3296 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:22:47.0515 3296 clr_optimization_v4.0.30319_32 - ok

19:22:47.0515 3296 CmdIde - ok

19:22:47.0531 3296 COMSysApp - ok

19:22:47.0562 3296 Cpqarray - ok

19:22:47.0593 3296 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

19:22:47.0593 3296 CryptSvc - ok

19:22:47.0593 3296 dac2w2k - ok

19:22:47.0609 3296 dac960nt - ok

19:22:47.0656 3296 [ C512B618D0E19339572AD125E26B9CB5 ] danewFltr C:\WINDOWS\system32\drivers\danew.sys

19:22:47.0656 3296 danewFltr - ok

19:22:47.0687 3296 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

19:22:47.0703 3296 DcomLaunch - ok

19:22:47.0703 3296 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

19:22:47.0703 3296 Dhcp - ok

19:22:47.0718 3296 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

19:22:47.0718 3296 Disk - ok

19:22:47.0734 3296 dmadmin - ok

19:22:47.0796 3296 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

19:22:47.0812 3296 dmboot - ok

19:22:47.0875 3296 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

19:22:47.0875 3296 dmio - ok

19:22:47.0906 3296 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

19:22:47.0906 3296 dmload - ok

19:22:47.0906 3296 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

19:22:47.0906 3296 dmserver - ok

19:22:47.0953 3296 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

19:22:47.0953 3296 DMusic - ok

19:22:48.0015 3296 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

19:22:48.0015 3296 Dnscache - ok

19:22:48.0046 3296 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

19:22:48.0062 3296 Dot3svc - ok

19:22:48.0062 3296 dpti2o - ok

19:22:48.0078 3296 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

19:22:48.0078 3296 drmkaud - ok

19:22:48.0109 3296 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

19:22:48.0171 3296 EapHost - ok

19:22:48.0203 3296 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

19:22:48.0203 3296 ERSvc - ok

19:22:48.0265 3296 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

19:22:48.0265 3296 Eventlog - ok

19:22:48.0265 3296 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll

19:22:48.0265 3296 EventSystem - ok

19:22:48.0281 3296 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

19:22:48.0296 3296 Fastfat - ok

19:22:48.0343 3296 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

19:22:48.0359 3296 FastUserSwitchingCompatibility - ok

19:22:48.0406 3296 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys

19:22:48.0406 3296 Fdc - ok

19:22:48.0421 3296 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

19:22:48.0421 3296 Fips - ok

19:22:48.0437 3296 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys

19:22:48.0437 3296 Flpydisk - ok

19:22:48.0500 3296 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys

19:22:48.0500 3296 FltMgr - ok

19:22:48.0500 3296 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:22:48.0500 3296 Fs_Rec - ok

19:22:48.0515 3296 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:22:48.0531 3296 Ftdisk - ok

19:22:48.0578 3296 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

19:22:48.0578 3296 GEARAspiWDM - ok

19:22:48.0578 3296 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:22:48.0578 3296 Gpc - ok

19:22:48.0640 3296 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys

19:22:48.0640 3296 hamachi - ok

19:22:48.0703 3296 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

19:22:48.0703 3296 HDAudBus - ok

19:22:48.0781 3296 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

19:22:48.0781 3296 helpsvc - ok

19:22:48.0828 3296 [ BB1822838C0714B3C03EFE0F209D135D ] hidkmdf C:\WINDOWS\system32\DRIVERS\hidkmdf.sys

19:22:48.0843 3296 hidkmdf - ok

19:22:48.0890 3296 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll

19:22:48.0890 3296 HidServ - ok

19:22:48.0890 3296 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys

19:22:48.0906 3296 hidusb - ok

19:22:48.0921 3296 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

19:22:48.0921 3296 hkmsvc - ok

19:22:48.0937 3296 hpn - ok

19:22:49.0093 3296 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

19:22:49.0093 3296 hpqcxs08 - ok

19:22:49.0140 3296 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

19:22:49.0140 3296 hpqddsvc - ok

19:22:49.0171 3296 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys

19:22:49.0171 3296 HPZid412 - ok

19:22:49.0203 3296 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

19:22:49.0203 3296 HPZipr12 - ok

19:22:49.0218 3296 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys

19:22:49.0218 3296 HPZius12 - ok

19:22:49.0265 3296 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

19:22:49.0265 3296 HTTP - ok

19:22:49.0328 3296 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

19:22:49.0328 3296 HTTPFilter - ok

19:22:49.0328 3296 i2omgmt - ok

19:22:49.0343 3296 i2omp - ok

19:22:49.0359 3296 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys

19:22:49.0375 3296 i8042prt - ok

19:22:49.0531 3296 [ 2DA364EE62D4949620B6FAE4FFEA16A7 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

19:22:49.0562 3296 ialm - ok

19:22:49.0609 3296 [ 707C1692214B1C290271067197F075F6 ] iastor C:\WINDOWS\system32\drivers\iastor.sys

19:22:49.0609 3296 iastor - ok

19:22:49.0625 3296 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

19:22:49.0625 3296 Imapi - ok

19:22:49.0687 3296 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe

19:22:49.0687 3296 ImapiService - ok

19:22:49.0703 3296 ini910u - ok

19:22:49.0875 3296 [ 5C8F36CDCB489111B24003AF4DFE1FDC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

19:22:49.0906 3296 IntcAzAudAddService - ok

19:22:49.0953 3296 [ C9EF68BEE3B1A62F34125A9FBBAAC10C ] IntcHdmiAddService C:\WINDOWS\system32\drivers\IntcHdmi.sys

19:22:49.0968 3296 IntcHdmiAddService - ok

19:22:49.0984 3296 IntelIde - ok

19:22:50.0031 3296 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

19:22:50.0031 3296 intelppm - ok

19:22:50.0046 3296 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

19:22:50.0046 3296 Ip6Fw - ok

19:22:50.0109 3296 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:22:50.0109 3296 IpFilterDriver - ok

19:22:50.0109 3296 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:22:50.0109 3296 IpInIp - ok

19:22:50.0140 3296 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:22:50.0140 3296 IpNat - ok

19:22:50.0218 3296 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

19:22:50.0218 3296 iPod Service - ok

19:22:50.0281 3296 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:22:50.0281 3296 IPSec - ok

19:22:50.0312 3296 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

19:22:50.0312 3296 IRENUM - ok

19:22:50.0359 3296 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:22:50.0359 3296 isapnp - ok

19:22:50.0484 3296 [ D9B1E929F2464D4C23FA9CB47DF4A1D4 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe

19:22:50.0484 3296 JavaQuickStarterService - ok

19:22:50.0546 3296 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:22:50.0562 3296 Kbdclass - ok

19:22:50.0593 3296 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys

19:22:50.0671 3296 kbdhid - ok

19:22:50.0703 3296 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

19:22:50.0703 3296 kmixer - ok

19:22:50.0765 3296 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

19:22:50.0765 3296 KSecDD - ok

19:22:50.0812 3296 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll

19:22:50.0812 3296 LanmanServer - ok

19:22:50.0875 3296 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

19:22:50.0890 3296 lanmanworkstation - ok

19:22:50.0890 3296 lbrtfdc - ok

19:22:50.0968 3296 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

19:22:50.0968 3296 LmHosts - ok

19:22:51.0031 3296 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys

19:22:51.0031 3296 MBAMProtector - ok

19:22:51.0156 3296 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

19:22:51.0156 3296 MBAMScheduler - ok

19:22:51.0187 3296 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

19:22:51.0187 3296 MBAMService - ok

19:22:51.0234 3296 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

19:22:51.0234 3296 Messenger - ok

19:22:51.0265 3296 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

19:22:51.0265 3296 mnmdd - ok

19:22:51.0312 3296 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

19:22:51.0312 3296 mnmsrvc - ok

19:22:51.0343 3296 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

19:22:51.0343 3296 Modem - ok

19:22:51.0406 3296 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:22:51.0421 3296 Mouclass - ok

19:22:51.0421 3296 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

19:22:51.0437 3296 mouhid - ok

19:22:51.0500 3296 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

19:22:51.0500 3296 MountMgr - ok

19:22:51.0531 3296 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys

19:22:51.0531 3296 MpFilter - ok

19:22:51.0718 3296 [ A69630D039C38018689190234F866D77 ] MpKsl62943972 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{12ECC8D0-FAEE-429A-B92B-8DAC62B4A2E4}\MpKsl62943972.sys

19:22:51.0718 3296 MpKsl62943972 - ok

19:22:51.0734 3296 mraid35x - ok

19:22:51.0750 3296 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:22:51.0750 3296 MRxDAV - ok

19:22:51.0812 3296 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:22:51.0812 3296 MRxSmb - ok

19:22:51.0859 3296 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe

19:22:51.0859 3296 MSDTC - ok

19:22:51.0875 3296 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

19:22:51.0875 3296 Msfs - ok

19:22:51.0890 3296 MSIServer - ok

19:22:51.0937 3296 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:22:51.0937 3296 MSKSSRV - ok

19:22:52.0015 3296 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

19:22:52.0015 3296 MsMpSvc - ok

19:22:52.0031 3296 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:22:52.0031 3296 MSPCLOCK - ok

19:22:52.0031 3296 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

19:22:52.0031 3296 MSPQM - ok

19:22:52.0093 3296 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:22:52.0093 3296 mssmbios - ok

19:22:52.0140 3296 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

19:22:52.0156 3296 Mup - ok

19:22:52.0187 3296 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

19:22:52.0187 3296 napagent - ok

19:22:52.0218 3296 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

19:22:52.0234 3296 NDIS - ok

19:22:52.0296 3296 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:22:52.0296 3296 NdisTapi - ok

19:22:52.0359 3296 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:22:52.0359 3296 Ndisuio - ok

19:22:52.0359 3296 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:22:52.0359 3296 NdisWan - ok

19:22:52.0390 3296 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

19:22:52.0390 3296 NDProxy - ok

19:22:52.0437 3296 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll

19:22:52.0437 3296 Net Driver HPZ12 - ok

19:22:52.0500 3296 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

19:22:52.0500 3296 NetBIOS - ok

19:22:52.0515 3296 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

19:22:52.0515 3296 NetBT - ok

19:22:52.0562 3296 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

19:22:52.0578 3296 NetDDE - ok

19:22:52.0578 3296 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

19:22:52.0578 3296 NetDDEdsdm - ok

19:22:52.0625 3296 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

19:22:52.0625 3296 Netlogon - ok

19:22:52.0640 3296 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

19:22:52.0640 3296 Netman - ok

19:22:52.0687 3296 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

19:22:52.0718 3296 NetTcpPortSharing - ok

19:22:52.0781 3296 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

19:22:52.0781 3296 Nla - ok

19:22:52.0796 3296 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

19:22:52.0796 3296 Npfs - ok

19:22:52.0859 3296 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

19:22:52.0875 3296 Ntfs - ok

19:22:52.0875 3296 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

19:22:52.0875 3296 NtLmSsp - ok

19:22:52.0921 3296 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

19:22:52.0921 3296 NtmsSvc - ok

19:22:52.0953 3296 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

19:22:52.0953 3296 Null - ok

19:22:53.0031 3296 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:22:53.0031 3296 NwlnkFlt - ok

19:22:53.0031 3296 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:22:53.0031 3296 NwlnkFwd - ok

19:22:53.0187 3296 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

19:22:53.0187 3296 odserv - ok

19:22:53.0250 3296 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

19:22:53.0250 3296 ose - ok

19:22:53.0281 3296 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys

19:22:53.0281 3296 Parport - ok

19:22:53.0281 3296 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

19:22:53.0281 3296 PartMgr - ok

19:22:53.0359 3296 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

19:22:53.0359 3296 ParVdm - ok

19:22:53.0406 3296 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

19:22:53.0406 3296 PCI - ok

19:22:53.0421 3296 PCIDump - ok

19:22:53.0437 3296 PCIIde - ok

19:22:53.0484 3296 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

19:22:53.0484 3296 Pcmcia - ok

19:22:53.0500 3296 PDCOMP - ok

19:22:53.0515 3296 PDFRAME - ok

19:22:53.0515 3296 PDRELI - ok

19:22:53.0531 3296 PDRFRAME - ok

19:22:53.0546 3296 perc2 - ok

19:22:53.0562 3296 perc2hib - ok

19:22:53.0625 3296 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

19:22:53.0625 3296 PlugPlay - ok

19:22:53.0640 3296 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll

19:22:53.0640 3296 Pml Driver HPZ12 - ok

19:22:53.0640 3296 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

19:22:53.0640 3296 PolicyAgent - ok

19:22:53.0656 3296 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:22:53.0656 3296 PptpMiniport - ok

19:22:53.0671 3296 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

19:22:53.0671 3296 ProtectedStorage - ok

19:22:53.0687 3296 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

19:22:53.0687 3296 PSched - ok

19:22:53.0687 3296 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:22:53.0687 3296 Ptilink - ok

19:22:53.0703 3296 ql1080 - ok

19:22:53.0718 3296 Ql10wnt - ok

19:22:53.0734 3296 ql12160 - ok

19:22:53.0734 3296 ql1240 - ok

19:22:53.0750 3296 ql1280 - ok

19:22:53.0796 3296 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:22:53.0796 3296 RasAcd - ok

19:22:53.0828 3296 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

19:22:53.0843 3296 RasAuto - ok

19:22:53.0843 3296 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:22:53.0843 3296 Rasl2tp - ok

19:22:53.0875 3296 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

19:22:53.0875 3296 RasMan - ok

19:22:53.0875 3296 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:22:53.0875 3296 RasPppoe - ok

19:22:53.0890 3296 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

19:22:53.0890 3296 Raspti - ok

19:22:53.0937 3296 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:22:53.0937 3296 Rdbss - ok

19:22:53.0937 3296 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:22:53.0937 3296 RDPCDD - ok

19:22:54.0015 3296 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys

19:22:54.0015 3296 rdpdr - ok

19:22:54.0093 3296 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

19:22:54.0093 3296 RDPWD - ok

19:22:54.0156 3296 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

19:22:54.0156 3296 RDSessMgr - ok

19:22:54.0187 3296 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

19:22:54.0187 3296 redbook - ok

19:22:54.0218 3296 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

19:22:54.0218 3296 RemoteAccess - ok

19:22:54.0265 3296 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll

19:22:54.0265 3296 RemoteRegistry - ok

19:22:54.0296 3296 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe

19:22:54.0296 3296 RpcLocator - ok

19:22:54.0328 3296 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll

19:22:54.0343 3296 RpcSs - ok

19:22:54.0375 3296 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe

19:22:54.0375 3296 RSVP - ok

19:22:54.0421 3296 [ C6D34A1874CD2B212DC3E788091C64B4 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

19:22:54.0421 3296 RTLE8023xp - ok

19:22:54.0484 3296 [ A653DE9C49A436780BDE790A95E82B92 ] rzdaendpt C:\WINDOWS\system32\DRIVERS\rzdaendpt.sys

19:22:54.0515 3296 rzdaendpt - ok

19:22:54.0562 3296 [ 645148EE8581D7138C5B379DF46AA22D ] rzkbdhid C:\WINDOWS\system32\DRIVERS\rzkbdhid.sys

19:22:54.0578 3296 rzkbdhid - ok

19:22:54.0609 3296 [ 2C1FD81820BAE646B76C37F8790693D6 ] rzudd C:\WINDOWS\system32\DRIVERS\rzudd.sys

19:22:54.0625 3296 rzudd - ok

19:22:54.0625 3296 [ 9C7B7594A0444F7AFE41F4BE0F114409 ] rzvkeyboard C:\WINDOWS\system32\DRIVERS\rzvkeyboard.sys

19:22:54.0640 3296 rzvkeyboard - ok

19:22:54.0671 3296 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

19:22:54.0671 3296 SamSs - ok

19:22:54.0703 3296 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

19:22:54.0703 3296 SCardSvr - ok

19:22:54.0781 3296 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

19:22:54.0781 3296 Schedule - ok

19:22:54.0843 3296 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:22:54.0843 3296 Secdrv - ok

19:22:54.0890 3296 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

19:22:54.0906 3296 seclogon - ok

19:22:54.0906 3296 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

19:22:54.0906 3296 SENS - ok

19:22:54.0921 3296 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

19:22:54.0921 3296 serenum - ok

19:22:54.0921 3296 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

19:22:54.0937 3296 Serial - ok

19:22:54.0968 3296 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

19:22:54.0968 3296 Sfloppy - ok

19:22:54.0984 3296 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

19:22:54.0984 3296 SharedAccess - ok

19:22:55.0000 3296 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

19:22:55.0000 3296 ShellHWDetection - ok

19:22:55.0000 3296 Simbad - ok

19:22:55.0203 3296 [ 3740B83AEC21D981065D7E819BD7E878 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe

19:22:55.0218 3296 Skype C2C Service - ok

19:22:55.0281 3296 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe

19:22:55.0281 3296 SkypeUpdate - ok

19:22:55.0296 3296 Sparrow - ok

19:22:55.0359 3296 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

19:22:55.0359 3296 splitter - ok

19:22:55.0421 3296 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

19:22:55.0421 3296 Spooler - ok

19:22:55.0484 3296 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

19:22:55.0484 3296 sr - ok

19:22:55.0484 3296 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll

19:22:55.0500 3296 srservice - ok

19:22:55.0531 3296 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

19:22:55.0531 3296 Srv - ok

19:22:55.0578 3296 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

19:22:55.0578 3296 SSDPSRV - ok

19:22:55.0609 3296 Steam Client Service - ok

19:22:55.0656 3296 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

19:22:55.0656 3296 stisvc - ok

19:22:55.0656 3296 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

19:22:55.0656 3296 swenum - ok

19:22:55.0671 3296 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

19:22:55.0671 3296 swmidi - ok

19:22:55.0687 3296 SwPrv - ok

19:22:55.0703 3296 symc810 - ok

19:22:55.0703 3296 symc8xx - ok

19:22:55.0718 3296 sym_hi - ok

19:22:55.0734 3296 sym_u3 - ok

19:22:55.0750 3296 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

19:22:55.0750 3296 sysaudio - ok

19:22:55.0765 3296 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

19:22:55.0781 3296 SysmonLog - ok

19:22:55.0796 3296 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

19:22:55.0796 3296 TapiSrv - ok

19:22:55.0843 3296 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:22:55.0859 3296 Tcpip - ok

19:22:55.0906 3296 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

19:22:55.0906 3296 TDPIPE - ok

19:22:55.0921 3296 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

19:22:55.0921 3296 TDTCP - ok

19:22:55.0937 3296 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

19:22:55.0937 3296 TermDD - ok

19:22:55.0968 3296 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

19:22:55.0968 3296 TermService - ok

19:22:55.0984 3296 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

19:22:55.0984 3296 Themes - ok

19:22:56.0015 3296 [ A1124EBC672AA3AE1B327096C1DCC346 ] TIEHDUSB C:\WINDOWS\system32\drivers\tiehdusb.sys

19:22:56.0015 3296 TIEHDUSB - ok

19:22:56.0046 3296 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe

19:22:56.0046 3296 TlntSvr - ok

19:22:56.0046 3296 TosIde - ok

19:22:56.0093 3296 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

19:22:56.0109 3296 TrkWks - ok

19:22:56.0109 3296 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

19:22:56.0109 3296 Udfs - ok

19:22:56.0125 3296 ultra - ok

19:22:56.0187 3296 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

19:22:56.0203 3296 Update - ok

19:22:56.0234 3296 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

19:22:56.0234 3296 upnphost - ok

19:22:56.0265 3296 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

19:22:56.0265 3296 UPS - ok

19:22:56.0328 3296 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

19:22:56.0328 3296 usbccgp - ok

19:22:56.0375 3296 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:22:56.0390 3296 usbehci - ok

19:22:56.0390 3296 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:22:56.0390 3296 usbhub - ok

19:22:56.0406 3296 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

19:22:56.0406 3296 usbprint - ok

19:22:56.0406 3296 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

19:22:56.0421 3296 usbscan - ok

19:22:56.0421 3296 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

19:22:56.0421 3296 USBSTOR - ok

19:22:56.0453 3296 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys

19:22:56.0453 3296 usbuhci - ok

19:22:56.0453 3296 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

19:22:56.0453 3296 VgaSave - ok

19:22:56.0468 3296 ViaIde - ok

19:22:56.0484 3296 [ 07C20E596A0838809BC5FF5DE5A65973 ] VKbms C:\WINDOWS\system32\DRIVERS\VKbms.sys

19:22:56.0500 3296 VKbms - ok

19:22:56.0500 3296 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

19:22:56.0500 3296 VolSnap - ok

19:22:56.0546 3296 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

19:22:56.0562 3296 VSS - ok

19:22:56.0625 3296 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll

19:22:56.0625 3296 W32Time - ok

19:22:56.0640 3296 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:22:56.0640 3296 Wanarp - ok

19:22:56.0671 3296 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys

19:22:56.0687 3296 Wdf01000 - ok

19:22:56.0687 3296 WDICA - ok

19:22:56.0734 3296 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

19:22:56.0734 3296 wdmaud - ok

19:22:56.0796 3296 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

19:22:56.0796 3296 WebClient - ok

19:22:56.0906 3296 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

19:22:56.0906 3296 winmgmt - ok

19:22:56.0968 3296 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll

19:22:56.0968 3296 WmdmPmSN - ok

19:22:57.0015 3296 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll

19:22:57.0015 3296 Wmi - ok

19:22:57.0046 3296 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

19:22:57.0046 3296 WmiApSrv - ok

19:22:57.0171 3296 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

19:22:57.0171 3296 WPFFontCache_v0400 - ok

19:22:57.0234 3296 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys

19:22:57.0234 3296 WS2IFSL - ok

19:22:57.0296 3296 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

19:22:57.0296 3296 wscsvc - ok

19:22:57.0343 3296 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

19:22:57.0343 3296 wuauserv - ok

19:22:57.0390 3296 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

19:22:57.0390 3296 WZCSVC - ok

19:22:57.0437 3296 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

19:22:57.0437 3296 xmlprov - ok

19:22:57.0437 3296 ================ Scan global ===============================

19:22:57.0468 3296 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

19:22:57.0531 3296 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

19:22:57.0531 3296 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

19:22:57.0578 3296 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

19:22:57.0578 3296 [Global] - ok

19:22:57.0578 3296 ================ Scan MBR ==================================

19:22:57.0609 3296 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

19:22:57.0812 3296 \Device\Harddisk0\DR0 - ok

19:22:57.0812 3296 ================ Scan VBR ==================================

19:22:57.0828 3296 [ 985F8DAE336621894DD9E7489CA31816 ] \Device\Harddisk0\DR0\Partition1

19:22:57.0828 3296 \Device\Harddisk0\DR0\Partition1 - ok

19:22:57.0828 3296 ============================================================

19:22:57.0828 3296 Scan finished

19:22:57.0828 3296 ============================================================

19:22:57.0843 0496 Detected object count: 0

19:22:57.0843 0496 Actual detected object count: 0

19:26:28.0859 2028 Deinitialize success

ADW Cleaner:

# AdwCleaner v2.104 - Logfile created 01/03/2013 at 21:56:12

# Updated 29/12/2012 by Xplode

# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)

# User : Julien - UPSTAIRS

# Boot Mode : Normal

# Running from : C:\Documents and Settings\Julien\Desktop\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v [unable to get version]

File : C:\Documents and Settings\Kimberley\Application Data\Mozilla\Firefox\Profiles\6okjbwnv.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Dominique\Application Data\Mozilla\Firefox\Profiles\e4m8bmob.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\4fj8wr6n.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Documents and Settings\Kimberley\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Dominique\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Julien\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1456 octets] - [03/01/2013 21:56:12]

########## EOF - C:\AdwCleaner[R1].txt - [1516 octets] ##########

Security Check:

Results of screen317's Security Check version 0.99.56

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Microsoft Security Essentials

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.70.0.1100

Java 6 Update 31

Java 7 Update 3

Java SE Development Kit 7 Update 3

Java version out of Date!

Adobe Flash Player 11.5.502.135

Adobe Reader 10.1.4 Adobe Reader out of Date!

````````Process Check: objlist.exe by Laurent````````

Microsoft Security Essentials MSMpEng.exe

Microsoft Security Essentials msseces.exe

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

Malwarebytes' Anti-Malware mbamscheduler.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:: 27% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log``````````````````````

Link to post
Share on other sites

  • Staff

Hi,

Run TFC by OldTimer to clear temporary files:

  • Open TFC.exe if you already have it. If not, please download TFC from here and save it to your desktop.
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your Desktop or save it for later use for the cleaning of temporary files.

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with OK.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile in your reply.
  • You can find the logfile at C:\AdwCleaner[sn].txt as well - n is the order number

Navigate to Start --> Run, and type Combofix /uninstall in the box that appears. Click OK afterward. Notice the space between the X and the /uninstall

This uninstalls all of ComboFix's components.

Delete SecurityCheck and TDSSKiller.

After that, navigate to Start --> Control Panel --> Add or Remove Programs, and uninstall the following program (if present):

Java™ 6 Update 31

Java™ 7 Update 3

Java™ SE Development Kit 7 Update 3

Adobe Reader 10.1.4

Restart your computer.

Get the latest version of Java and Adobe Reader.

Go to http://update.micrsoft.com and install all available updates. Reboot.

Let me know what issues remain.

Link to post
Share on other sites

Below is the ADW Cleaner Log. There were no high-priority updates on update.microsoft.com but other optional updates were available. Is there any reason for me to install some of the optional updates? Also, in the past couple days malware bytes has been blocking various ip addresses all with the same stem. Here are a couple examples:

2013/01/05 18:48:29 -0700 UPSTAIRS Julien IP-BLOCK 66.150.164.227 (Type: outgoing)

2013/01/05 18:48:29 -0700 UPSTAIRS Julien IP-BLOCK 66.150.164.59 (Type: outgoing)

2013/01/05 18:48:29 -0700 UPSTAIRS Julien IP-BLOCK 66.150.164.224 (Type: outgoing)

2013/01/05 18:48:29 -0700 UPSTAIRS Julien IP-BLOCK 66.150.164.227 (Type: outgoing)

2013/01/06 20:05:04 -0700 UPSTAIRS Julien IP-BLOCK 66.151.138.85 (Type: outgoing)

I believe this may have to do with the game TF2 but I'm not sure. Also, my trial of MBAM ended today so I am unable to see whether these ips continue to get blocked without purchasing premium. I don't think I need premium because I use MSE and generally stay away from infection. Do you think it is worth it?

# AdwCleaner v2.104 - Logfile created 01/07/2013 at 17:41:56

# Updated 29/12/2012 by Xplode

# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)

# User : Julien - UPSTAIRS

# Boot Mode : Normal

# Running from : C:\Documents and Settings\Julien\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

***** [Registry] *****

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v [unable to get version]

File : C:\Documents and Settings\Kimberley\Application Data\Mozilla\Firefox\Profiles\6okjbwnv.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Dominique\Application Data\Mozilla\Firefox\Profiles\e4m8bmob.default\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Julien\Application Data\Mozilla\Firefox\Profiles\4fj8wr6n.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v23.0.1271.97

File : C:\Documents and Settings\Kimberley\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Dominique\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Documents and Settings\Julien\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1585 octets] - [03/01/2013 21:56:12]

AdwCleaner[s1].txt - [1516 octets] - [07/01/2013 17:41:56]

########## EOF - C:\AdwCleaner[s1].txt - [1576 octets] ##########

Link to post
Share on other sites

  • Staff

Hi,

My apologies for the delay.

Did the IP blocks ever occur when TF2 wasn't being played?

I highly recommend the PRO version of MBAM; with it, it's likely that this issue would have been prevented in the first place. It's a one-time fee for a lifetime (you read that correctly!) license. It is designed to complement your antivirus and catch what it misses. I use MSE and MBAM PRO, and haven't had an issue in a long time.

  • Please double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with Yes.

What optional updates were listed?

Let me know what issues remain.

Link to post
Share on other sites

I'm not sure if the IP blocks occured when it wasn't being played but I know that most of them happened when I was playing. I uninstalled ADW Cleaner and all that is left is DDS. There were a lot of optional updates with titles that seemed as if they would be normal updates for XP but they were optional. My computer is running fine as far as I know.

Link to post
Share on other sites

  • Staff

Hi,

What graphics card do you currently have?

'Download BlueScreenView and save it to your Desktop.

  • Double click on BlueScreenView.exe file to run the program.
  • When it finishes scanning, click Edit --> Select All.
  • Click File --> Save Selected Items
  • Save the report as BSOD.txt to your Desktop.
  • Post the contents of BSOD.txtin your next reply.

Install those optional updates.

Link to post
Share on other sites

Here you go:

==================================================

Dump File : Mini011213-01.dmp

Crash Time : 1/12/2013 3:54:59 PM

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0xbf8488a2

Parameter 3 : 0x9393dae4

Parameter 4 : 0x00000000

Caused By Driver : win32k.sys

Caused By Address : win32k.sys+488a2

File Description : Multi-User Win32 Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 5.1.2600.6322 (xpsp_sp3_gdr.121113-0419)

Processor : 32-bit

Crash Address : win32k.sys+488a2

Stack Address 1 : win32k.sys+48976

Stack Address 2 : win32k.sys+e82d2

Stack Address 3 : win32k.sys+e87ca

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini011213-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 98,304

==================================================

==================================================

Dump File : Mini010113-01.dmp

Crash Time : 1/1/2013 5:29:14 PM

Bug Check String : PNP_DETECTED_FATAL_ERROR

Bug Check Code : 0x000000ca

Parameter 1 : 0x00000004

Parameter 2 : 0x877b79a8

Parameter 3 : 0x00000000

Parameter 4 : 0x00000000

Caused By Driver : tcpip.sys

Caused By Address : tcpip.sys+adf7

File Description : TCP/IP Protocol Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)

Processor : 32-bit

Crash Address : ntoskrnl.exe+22f9f

Stack Address 1 : ntoskrnl.exe+1f1ba

Stack Address 2 : ntoskrnl.exe+bb3a1

Stack Address 3 : ntoskrnl.exe+bb752

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini010113-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 98,304

==================================================

==================================================

Dump File : Mini121712-01.dmp

Crash Time : 12/17/2012 3:48:35 PM

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000005

Parameter 2 : 0xbf82eafd

Parameter 3 : 0x91d8cb70

Parameter 4 : 0x00000000

Caused By Driver : win32k.sys

Caused By Address : win32k.sys+2eafd

File Description : Multi-User Win32 Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 5.1.2600.6322 (xpsp_sp3_gdr.121113-0419)

Processor : 32-bit

Crash Address : win32k.sys+2eafd

Stack Address 1 : win32k.sys+3a80f

Stack Address 2 : win32k.sys+15602e

Stack Address 3 : win32k.sys+14ce3f

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini121712-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 98,304

==================================================

==================================================

Dump File : Mini121112-01.dmp

Crash Time : 12/11/2012 6:28:42 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x000000ea

Parameter 1 : 0x88785068

Parameter 2 : 0x893fa1b8

Parameter 3 : 0x89a44b90

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+20fe9

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+20f9c

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini121112-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 69,908

==================================================

==================================================

Dump File : Mini121012-01.dmp

Crash Time : 12/10/2012 6:48:42 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x88738020

Parameter 2 : 0x89a45470

Parameter 3 : 0xba4e7cbc

Parameter 4 : 0x00000001

Caused By Driver : hal.dll

Caused By Address : hal.dll+29f5

File Description : Hardware Abstraction Layer DLL

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 5.1.2600.5512 (xpsp.080413-2111)

Processor : 32-bit

Crash Address : hal.dll+29f5

Stack Address 1 : hal.dll+2ef2

Stack Address 2 : hal.dll+2ae4

Stack Address 3 : ntoskrnl.exe+1a850

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini121012-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini120812-01.dmp

Crash Time : 12/8/2012 8:15:35 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x893be8d0

Parameter 2 : 0x8934faa0

Parameter 3 : 0xba4dbcbc

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+65d8

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+65d8

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini120812-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini120712-02.dmp

Crash Time : 12/7/2012 8:12:47 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x88a5c740

Parameter 2 : 0x8937d248

Parameter 3 : 0xba4ebcbc

Parameter 4 : 0x00000001

Caused By Driver : hal.dll

Caused By Address : hal.dll+f03

File Description : Hardware Abstraction Layer DLL

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 5.1.2600.5512 (xpsp.080413-2111)

Processor : 32-bit

Crash Address : ntoskrnl.exe+74720

Stack Address 1 : ntoskrnl.exe+1dc7c

Stack Address 2 : ntoskrnl.exe+288af

Stack Address 3 : hal.dll+2ef2

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini120712-02.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini120712-01.dmp

Crash Time : 12/7/2012 7:30:44 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x8860d208

Parameter 2 : 0x893e54e0

Parameter 3 : 0xba4ebcbc

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+65d8

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+65d8

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini120712-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini112612-01.dmp

Crash Time : 11/26/2012 7:46:16 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x000000ea

Parameter 1 : 0x8879e858

Parameter 2 : 0x89406490

Parameter 3 : 0x893e2288

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+6f4c

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+bd45

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini112612-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 69,908

==================================================

==================================================

Dump File : Mini112512-01.dmp

Crash Time : 11/25/2012 6:00:44 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x887c9b68

Parameter 2 : 0x8921d248

Parameter 3 : 0xba4e7cbc

Parameter 4 : 0x00000001

Caused By Driver : watchdog.sys

Caused By Address : watchdog.sys+a67

File Description : Watchdog Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 5.1.2600.5512 (xpsp.080413-2108)

Processor : 32-bit

Crash Address : ntoskrnl.exe+6ea06

Stack Address 1 : watchdog.sys+a67

Stack Address 2 : ntoskrnl.exe+288af

Stack Address 3 : hal.dll+2ef2

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini112512-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini112112-01.dmp

Crash Time : 11/21/2012 7:29:39 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x87fba020

Parameter 2 : 0x884ae080

Parameter 3 : 0xba4e7cbc

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+65ed

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+65ed

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini112112-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini111812-01.dmp

Crash Time : 11/18/2012 4:37:45 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x000000ea

Parameter 1 : 0x8877c110

Parameter 2 : 0x892efac8

Parameter 3 : 0x89980fd8

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+6f4c

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+bd45

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini111812-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 69,908

==================================================

==================================================

Dump File : Mini110312-01.dmp

Crash Time : 11/3/2012 2:45:28 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x88b0e7a0

Parameter 2 : 0x887c0de0

Parameter 3 : 0xba4e7cbc

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+65ed

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+65ed

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini110312-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini102512-01.dmp

Crash Time : 10/25/2012 8:16:54 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x000000ea

Parameter 1 : 0x88be06b0

Parameter 2 : 0x88d0a348

Parameter 3 : 0x893a66f8

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+6e4d

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+65ed

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini102512-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 69,908

==================================================

==================================================

Dump File : Mini102312-01.dmp

Crash Time : 10/23/2012 5:52:47 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x88947020

Parameter 2 : 0x892d19c0

Parameter 3 : 0xba4e3cbc

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+65ed

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+65ed

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini102312-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini102112-01.dmp

Crash Time : 10/21/2012 6:45:48 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x88963020

Parameter 2 : 0x8991ba38

Parameter 3 : 0xba4e3cbc

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+bc83

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+bc83

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini102112-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini101512-01.dmp

Crash Time : 10/15/2012 8:34:25 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x000000ea

Parameter 1 : 0x88905020

Parameter 2 : 0x893f5400

Parameter 3 : 0x89a5bbe8

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+6e4d

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+65c0

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini101512-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 69,908

==================================================

==================================================

Dump File : Mini101012-01.dmp

Crash Time : 10/10/2012 8:38:42 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x8865d020

Parameter 2 : 0x893fc558

Parameter 3 : 0xba4dbcbc

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+65ed

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+65ed

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini101012-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini100212-01.dmp

Crash Time : 10/2/2012 8:48:09 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x879c8b78

Parameter 2 : 0x893b97d8

Parameter 3 : 0xba4dfcbc

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+6d63

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+6d63

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini100212-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini093012-02.dmp

Crash Time : 9/30/2012 7:51:04 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x88ff2830

Parameter 2 : 0x893ad570

Parameter 3 : 0xba4e7cbc

Parameter 4 : 0x00000001

Caused By Driver : watchdog.sys

Caused By Address : watchdog.sys+a67

File Description : Watchdog Driver

Product Name : Microsoft® Windows® Operating System

Company : Microsoft Corporation

File Version : 5.1.2600.5512 (xpsp.080413-2108)

Processor : 32-bit

Crash Address : ntoskrnl.exe+6e9c6

Stack Address 1 : watchdog.sys+a67

Stack Address 2 : ntoskrnl.exe+2886f

Stack Address 3 : hal.dll+2ef2

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini093012-02.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini093012-01.dmp

Crash Time : 9/30/2012 5:04:41 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x870ae020

Parameter 2 : 0x89a4b388

Parameter 3 : 0xba4dfcbc

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+616b

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+616b

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini093012-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini092312-01.dmp

Crash Time : 9/23/2012 8:57:01 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x000000ea

Parameter 1 : 0x8876a020

Parameter 2 : 0x8949c868

Parameter 3 : 0x89a2a230

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+69b5

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+be87

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini092312-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 69,908

==================================================

==================================================

Dump File : Mini091412-01.dmp

Crash Time : 9/14/2012 8:42:16 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x88848640

Parameter 2 : 0x8949e9e0

Parameter 3 : 0xba4e7cbc

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+65ed

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+65ed

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini091412-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini091312-01.dmp

Crash Time : 9/13/2012 6:24:29 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x88960488

Parameter 2 : 0x8949eb08

Parameter 3 : 0xba4ebcbc

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+65ed

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+65ed

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini091312-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini091112-01.dmp

Crash Time : 9/11/2012 6:33:26 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x000000ea

Parameter 1 : 0x87d37020

Parameter 2 : 0x893bf230

Parameter 3 : 0x893f5d20

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+6f4c

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+bd68

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini091112-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 69,908

==================================================

==================================================

Dump File : Mini090212-01.dmp

Crash Time : 9/2/2012 3:33:07 PM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x100000ea

Parameter 1 : 0x88743768

Parameter 2 : 0x892908b0

Parameter 3 : 0xba4dfcbc

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+65ed

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+65ed

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini090212-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 106,496

==================================================

==================================================

Dump File : Mini061012-01.dmp

Crash Time : 6/10/2012 3:20:25 PM

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000047

Parameter 2 : 0x804fcf60

Parameter 3 : 0xba4d37b4

Parameter 4 : 0x00000000

Caused By Driver : danew.sys

Caused By Address : danew.sys+16a8

File Description : Razer DeathAdder USB Optical Mouse Driver

Product Name : Razer DeathAdder USB Optical Mouse

Company : Razer (Asia-Pacific) Pte Ltd

File Version : 1.0.0.3.0.0 built by: WinDDK

Processor : 32-bit

Crash Address : ntoskrnl.exe+25f60

Stack Address 1 : danew.sys+1124

Stack Address 2 : ntoskrnl.exe+1a6da

Stack Address 3 : USBPORT.SYS+a0d5

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini061012-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 98,304

==================================================

==================================================

Dump File : Mini060912-01.dmp

Crash Time : 6/9/2012 11:07:28 AM

Bug Check String : KERNEL_MODE_EXCEPTION_NOT_HANDLED

Bug Check Code : 0x1000008e

Parameter 1 : 0xc0000047

Parameter 2 : 0x804fcf60

Parameter 3 : 0xba4d37b4

Parameter 4 : 0x00000000

Caused By Driver : danew.sys

Caused By Address : danew.sys+16a8

File Description : Razer DeathAdder USB Optical Mouse Driver

Product Name : Razer DeathAdder USB Optical Mouse

Company : Razer (Asia-Pacific) Pte Ltd

File Version : 1.0.0.3.0.0 built by: WinDDK

Processor : 32-bit

Crash Address : ntoskrnl.exe+25f60

Stack Address 1 : danew.sys+1124

Stack Address 2 : ntoskrnl.exe+1a6da

Stack Address 3 : USBPORT.SYS+a0d5

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini060912-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 98,304

==================================================

==================================================

Dump File : Mini052812-01.dmp

Crash Time : 5/28/2012 8:18:21 AM

Bug Check String : THREAD_STUCK_IN_DEVICE_DRIVER

Bug Check Code : 0x000000ea

Parameter 1 : 0x888e4ba8

Parameter 2 : 0x88061a98

Parameter 3 : 0x889befd8

Parameter 4 : 0x00000001

Caused By Driver : igxpdv32.DLL

Caused By Address : igxpdv32.DLL+20f9c

File Description : Component GHAL Driver

Product Name : Intel Graphics Accelerator Drivers for Windows NT®

Company : Intel Corporation

File Version : 6.14.10.4977

Processor : 32-bit

Crash Address : igxpdv32.DLL+b24

Stack Address 1 :

Stack Address 2 :

Stack Address 3 :

Computer Name :

Full Path : C:\WINDOWS\Minidump\Mini052812-01.dmp

Processors Count : 2

Major Version : 15

Minor Version : 2600

Dump File Size : 69,908

==================================================

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.