Jump to content

browsers hijacked, please help


dworth
 Share

Recommended Posts

All my browsers have been hijacked and running Malwarebytes, Spybot S & D, nor Panda Anti-Virus fixes the problem. Here are the log files:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22

Run by Library #3 at 18:24:33 on 2011-11-13

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3323.1797 [GMT -7:00]

.

AV: Panda Global Protection 2011 *Enabled/Updated* {8BF935E7-731F-4115-B7A5-789FF5087595}

AV: Microsoft Security Essentials *Disabled/Outdated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

FW: Panda Personal Firewall 2011 *Enabled*

.

============== Running Processes ===============

.

C:\windows\system32\svchost -k DcomLaunch

svchost.exe

C:\windows\system32\svchost.exe -k netsvcs

C:\Program Files\Panda Security\Panda Global Protection 2011\TPSrv.exe

C:\Program Files\WTouch\WTouchService.exe

C:\windows\system32\svchost.exe -k WudfServiceGroup

C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2011\WebProxy.exe

svchost.exe

svchost.exe

C:\windows\system32\spoolsv.exe

C:\windows\system32\rundll32.exe

C:\windows\Explorer.EXE

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Napster\napster.exe

C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Program Files\Epson Software\Event Manager\EEventManager.exe

C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe

C:\Program Files\Panda Security\Panda Global Protection 2011\APVXDWIN.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Nuance\PDF Professional 7\pdfpro7hook.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\windows\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\LTCM Client\ltcmScheduler.exe

C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\WinZip\WZQKPICK32.EXE

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

svchost.exe

C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe

C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE

C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE

C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpctrl.exe

C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\windows\system32\nvsvc32.exe

C:\Program Files\Panda Security\Panda Global Protection 2011\PsCtrls.exe

C:\Program Files\Panda Security\Panda Global Protection 2011\PavFnSvr.exe

C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe

C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe

C:\Program Files\Portrait Displays\Pivot Pro Plugin\floater.exe

C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe

C:\WINDOWS\system32\HPZipm12.exe

c:\program files\panda security\panda global protection 2011\firewall\PSHOST.EXE

C:\Program Files\Panda Security\Panda Global Protection 2011\PsImSvc.exe

C:\Program Files\Panda Security\Panda Global Protection 2011\PskSvc.exe

C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\Pen_Tablet.exe

C:\Program Files\Panda Security\Panda Global Protection 2011\pavsrvx86.exe

C:\Program Files\Panda Security\Panda Global Protection 2011\AVENGINE.EXE

C:\windows\system32\WTablet\Pen_TabletUser.exe

C:\windows\system32\Pen_Tablet.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\windows\System32\svchost.exe -k HTTPFilter

C:\Program Files\Panda Security\Panda Global Protection 2011\SRVLOAD.EXE

C:\Program Files\Panda Security\Panda Global Protection 2011\PavBckPT.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\WTouch\WTouchUser.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: PlusIEEventHelper Class: {551a852f-39a6-44a7-9c13-afbec9185a9d} - c:\program files\nuance\pdf professional 7\bin\PlusIEContextMenu.dll

BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No File

BHO: ZeonIEEventHelper Class: {da986d7d-ccaf-47b2-84fe-bfa1549bebf9} - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Nuance PDF: {e3286bf1-e654-42ff-b4a6-5e111731df6b} - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll

TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [Radio365Agent]

uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe

uRun: [sansaDispatch] c:\documents and settings\library #3\application data\sandisk\sansa updater\SansaDispatch.exe

uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe

uRun: [ltcmScheduler] c:\program files\ltcm client\ltcmScheduler.exe

uRun: [EPSON Artisan 830 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatigxa.exe /fu "c:\windows\temp\E_S169.tmp" /EF "HKCU"

uRun: [iSUSPM] "c:\documents and settings\all users\application data\flexnet\connect\11\ISUSPM.exe" -scheduler

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [WinSys2] c:\windows\system32\winsys2.exe

mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"

mRun: [NapsterShell] c:\program files\napster\napster.exe /systray

mRun: [HP Software Update] c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe

mRun: [RestartNeroSetup] "c:\docume~1\librar~1\locals~1\temp\nero web\SetupXu.exe" MODE="update" STARTMODE="2" USERSEL="3" FAMILYNAME="Nero 7" RUNSETUPXU="1" UPGRADE="1"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin

mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe

mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"

mRun: [FUFAXSTM] "c:\program files\epson software\fax utility\FUFAXSTM.exe"

mRun: [LTCM Client] c:\program files\ltcm client\ltcmClient.exe /startup

mRun: [APVXDWIN] "c:\program files\panda security\panda global protection 2011\APVXDWIN.EXE" /s

mRun: [sCANINICIO] "c:\program files\panda security\panda global protection 2011\Inicio.exe"

mRun: [PivotSoftware] "c:\program files\portrait displays\pivot pro plugin\Pivot_startup.exe" -delay=10

mRun: [DT ACR] c:\program files\common files\portrait displays\shared\DT_startup.exe -ACR

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [PDFHook] c:\program files\nuance\pdf professional 7\pdfpro7hook.exe

mRun: [PDF7 Registry Controller] c:\program files\nuance\pdf professional 7\RegistryController.exe

mRun: [<NO NAME>]

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

StartupFolder: c:\docume~1\librar~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\audibl~1.lnk - c:\program files\audible\bin\AudibleDownloadHelper.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK32.EXE

IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append the content of the link to existing PDF file - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML

IE: Append the content of the selected links to existing PDF file - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML

IE: Append to existing PDF file - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML

IE: Create PDF file - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML

IE: Create PDF file from the content of the link - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML

IE: Create PDF files from the selected links - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Open with Nuance PDF Converter 7.0 - c:\program files\nuance\pdf professional 7\cnvres_eng.dll /100

IE: Open with PDF Professional 7 - c:\program files\nuance\pdf professional 7\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll

TCP: Interfaces\{AA0EB8CA-5825-471C-98C8-12AEAD3DB0D2} : NameServer = 204.117.214.10,65.39.96.30

Notify: avldr - avldr.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\library #3\application data\mozilla\firefox\profiles\n7a1d4mv.default\

FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxps://www.google.com

FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=

FF - plugin: c:\documents and settings\library #3\application data\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npstrlnk.dll

FF - plugin: c:\program files\nuance\pdf professional 7\bin\nppdf.dll

FF - plugin: c:\program files\nuance\pdf professional 7\bin\nppdf.dll

FF - plugin: c:\program files\tabletplugins\npwacom.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.homepage.dontask - true

FF - user.js: browser.sessionstore.resume_from_crash - false

.

============= SERVICES / DRIVERS ===============

.

R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [2011-2-15 26696]

R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [2011-2-15 76296]

R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [2011-2-15 53256]

R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [2011-2-15 22024]

R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [2011-2-15 193800]

R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 165648]

R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [2011-2-15 159112]

R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2011-2-15 37896]

R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [2011-2-15 46856]

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]

R2 AmFSM;AmFSM;c:\windows\system32\drivers\amm8651.sys [2011-2-15 59080]

R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50ST7.EXE [2010-11-15 153600]

R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50RP7.EXE [2010-11-15 121856]

R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2010-11-26 722616]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-6 366152]

R2 Panda Software Controller;Panda Software Controller;c:\program files\panda security\panda global protection 2011\PsCtrlS.exe [2011-2-15 173312]

R2 PAVFNSVR;Panda Function Service;c:\program files\panda security\panda global protection 2011\PavFnSvr.exe [2011-2-15 202048]

R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2011-2-15 163336]

R2 PavPrSrv;Panda Process Protection Service;c:\program files\common files\panda security\pavshld\PavPrSrv.exe [2011-2-15 62768]

R2 PAVSRV;Panda On-Access Anti-Malware Service;c:\program files\panda security\panda global protection 2011\pavsrvx86.exe [2011-2-15 314176]

R2 PdiService;Portrait Displays SDK Service;c:\program files\common files\portrait displays\drivers\pdisrvc.exe [2011-5-7 109168]

R2 PskSvcRetail;Panda PSK service;c:\program files\panda security\panda global protection 2011\psksvc.exe [2011-2-15 28992]

R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2010-12-26 4497704]

R2 WTouchService;WTouch Service;c:\program files\wtouch\WTouchService.exe [2010-12-26 113448]

R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-6 22216]

R3 NETIMFLT01060042;PANDA NDIS IM Filter Miniport v1.6.0.42;c:\windows\system32\drivers\neti1642.sys [2011-2-15 199688]

R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\pavsrk.sys --> c:\windows\system32\PavSRK.sys [?]

R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\pavtpk.sys --> c:\windows\system32\PavTPK.sys [?]

S0 oalcejkh;oalcejkh;c:\windows\system32\drivers\xhntdw.sys --> c:\windows\system32\drivers\xhntdw.sys [?]

S2 gupdate1c9fce3ebe73546;Google Update Service (gupdate1c9fce3ebe73546);c:\program files\google\update\GoogleUpdate.exe [2009-7-4 133104]

S3 cpuz132;cpuz132;\??\c:\docume~1\librar~1\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\librar~1\locals~1\temp\cpuz132\cpuz132_x32.sys [?]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-7-4 133104]

S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2010-12-26 16168]

S4 PDFProFiltSrv;PDFProFiltSrv;c:\program files\nuance\pdf professional 7\PDFProFiltSrv.exe [2010-10-16 134944]

.

=============== File Associations ===============

.

JSEFile=NOTEPAD.EXE %1

VBEFile=NOTEPAD.EXE %1

VBSFile=NOTEPAD.EXE %1

.

=============== Created Last 30 ================

.

2011-11-08 07:21:42 -------- d-----w- c:\program files\Microsoft Security Client

2011-11-08 01:45:21 -------- d-----w- c:\documents and settings\library #3\local settings\application data\WinZip

2011-11-06 21:03:08 -------- d-----w- c:\documents and settings\library #3\application data\Malwarebytes

2011-11-06 21:03:02 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-11-06 21:02:59 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-06 21:02:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-11-06 04:33:42 53184 ----a-w- c:\windows\system32\drivers\ftdibus.sys

2011-11-06 04:33:42 202048 ----a-w- c:\windows\system32\ftd2xx.dll

2011-11-06 04:33:42 111936 ----a-w- c:\windows\system32\ftbusui.dll

2011-11-06 04:29:51 -------- d-----w- c:\program files\Pazzles

2011-11-02 17:55:34 -------- d-----w- c:\program files\Bonjour

2011-10-31 06:02:06 74240 --sha-r- c:\windows\system32\lsassi.dll

2011-10-30 22:35:50 -------- d-----w- c:\program files\Silhouette Studio

2011-10-24 20:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2011-10-24 20:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts

2011-10-23 19:29:37 -------- d-----w- c:\documents and settings\library #3\application data\FLEXnet

2011-10-23 19:29:34 -------- d-----w- c:\documents and settings\library #3\application data\Nuance

.

==================== Find3M ====================

.

2011-11-07 05:52:59 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-26 17:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 17:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 17:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-08-31 05:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe

2011-08-31 05:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll

2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll

2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-08-22 23:48:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec

2011-08-17 13:49:54 138496 ----a-w- c:\windows\system32\drivers\afd.sys

2008-07-10 02:41:16 62841 ----a-w- c:\program files\Uninstall.exe

2008-05-09 20:37:54 85648 ----a-w- c:\program files\NapsterHelper.exe

2008-05-09 20:37:54 77456 ----a-w- c:\program files\NapsterRegReader.dll

2008-05-09 20:37:54 239760 ----a-w- c:\program files\xdetect.ocx

2008-05-09 20:37:54 169616 ----a-w- c:\program files\SNAPDRM.exe

2008-05-09 20:37:52 401040 ----a-w- c:\program files\DALI.dll

2008-05-09 20:37:52 3383952 ----a-w- c:\program files\NapsterUI.dll

2008-05-09 20:37:52 323216 ----a-w- c:\program files\napster.exe

2008-05-09 20:37:50 675472 ----a-w- c:\program files\NapsterResource.dll

2007-06-23 21:42:56 864256 ----a-w- c:\program files\Data Doctor Recovery - Pen Drive.exe

2007-06-23 21:42:56 53248 ----a-w- c:\program files\DataDoctor-HDD.exe

2007-06-23 21:42:56 106547 ----a-w- c:\program files\DataDoctor.dll

2007-03-12 20:31:52 674138 ----a-w- c:\program files\unins000.exe

2007-01-09 01:48:22 202240 ----a-w- c:\program files\lame.exe

2006-07-08 03:44:56 614400 ----a-w- c:\program files\GrafikRW.dll

2006-07-08 03:44:56 1681408 ----a-w- c:\program files\Poster4.exe

2006-07-01 05:44:15 625309 ----a-w- c:\program files\abreathing2006b.exe

2006-07-01 05:44:14 1169884 ----a-w- c:\program files\posterfull.exe

2005-11-23 01:43:54 32768 ----a-w- c:\program files\NMSubscriptionStub.dll

2005-11-14 20:53:08 5255168 ----a-w- c:\program files\audacity.exe

2004-08-13 02:07:50 4247552 ----a-w- c:\program files\DirectFTP.exe

2004-02-26 18:02:46 372736 ----a-w- c:\program files\puttytel.exe

.

============= FINISH: 18:25:49.68 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 8/8/2008 10:37:37 AM

System Uptime: 11/13/2011 11:57:25 AM (7 hours ago)

.

Motherboard: Intel Corporation | | DP35DP

Processor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz | J1PR | 2000/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 233 GiB total, 189.5 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is Removable

K: is Removable

M: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1: 11/2/2011 11:47:27 AM - System Checkpoint

RP2: 11/3/2011 11:50:44 AM - System Checkpoint

RP3: 11/4/2011 1:05:47 PM - System Checkpoint

RP4: 11/5/2011 2:03:01 PM - System Checkpoint

RP5: 11/5/2011 9:29:50 PM - Installed Pazzles Inspiration Studio

RP6: 11/5/2011 9:33:35 PM - Installed Microsoft Visual C++ 2005 Redistributable

RP7: 11/6/2011 9:36:18 PM - System Checkpoint

RP8: 11/7/2011 6:44:16 PM - Removed WinZip 15.5

RP9: 11/7/2011 6:44:29 PM - Installed WinZip 16.0

RP10: 11/7/2011 11:33:18 PM - Restore Operation

RP11: 11/8/2011 12:00:33 AM - Software Distribution Service 3.0

RP12: 11/8/2011 8:08:26 PM - Software Distribution Service 3.0

RP13: 11/9/2011 8:52:27 PM - System Checkpoint

RP14: 11/10/2011 10:04:27 PM - System Checkpoint

RP15: 11/10/2011 10:42:57 PM - Software Distribution Service 3.0

RP16: 11/10/2011 10:45:43 PM - Removed OverDrive Media Console

RP17: 11/10/2011 10:46:29 PM - Installed OverDrive Media Console

RP18: 11/12/2011 12:32:44 PM - System Checkpoint

RP19: 11/13/2011 12:51:20 PM - System Checkpoint

.

==== Installed Programs ======================

.

ABBYY FineReader 9.0 Sprint

Acer eDisplay Management

Acoustica Effects Pack

Acrobat.com

Adobe AIR

Adobe Community Help

Adobe Creative Suite 5 Design Premium

Adobe Digital Editions

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Media Player

Adobe Reader X (10.1.1)

Amazon MP3 Downloader 1.0.12

AnswerWorks 5.0 English Runtime

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Audacity 1.2.6

Audible Download Manager

Avanquest update

Bamboo

Bonjour

BufferChm

Craft ROBO Controller

Critical Update for Windows Media Player 11 (KB959772)

CustomerResearchQFolder

Destinations

DeviceManagementQFolder

EPSON Artisan 830 Series Printer Uninstall

Epson CreativeZone

Epson Event Manager

Epson FAX Utility

Epson PC-FAX Driver

Epson Print CD

EPSON Scan

eSupportQFolder

Facebook Plug-In

Gadwin PrintScreen

GIMP 2.6.11

Google Chrome

Google Earth

Google Update Helper

GX 3050N User Guide

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB915800-v4)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB970653-v3)

Hotfix for Windows XP (KB976098-v2)

Hotfix for Windows XP (KB979306)

Hotfix for Windows XP (KB981793)

HP Extended Capabilities 5.3

HP Imaging Device Functions 5.3

HP Memories Disc

HP Product Assistant

HP Solution Center & Imaging Support Tools 5.3

HP Update

HPProductAssistant

Img2CAD 7.0

Inkscape 0.48.0

Intel® Management Engine Interface

Intel® PRO Network Connections 12.1.12.0

iolo technologies' System Mechanic

IrfanView (remove only)

iTunes

Japanese Fonts Support For Adobe Reader 9

Jasc Paint Shop Pro 8

Java Auto Updater

Java 6 Update 22

Java 6 Update 3

KGLTRadio

LightScribe 1.4.136.1

LTCM Client

Malwarebytes' Anti-Malware version 1.51.2.1300

MarketResearch

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2572067)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Antimalware

Microsoft Application Error Reporting

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Internationalized Domain Names Mitigation APIs

Microsoft Kernel-Mode Driver Framework Feature Pack 1.5

Microsoft National Language Support Downlevel APIs

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 12

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Web Publishing Wizard 1.52

Microsoft Windows Media Video 9 VCM

Microsoft WinUsb 1.0

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

MobileMe Control Panel

Model Builder

Mozilla Firefox 8.0 (x86 en-US)

Mozilla Thunderbird (2.0.0.16)

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 4.0 SP2 Parser and SDK

MySoftware Fonts

Napster

Napster Burn Engine

Nero Suite

neroxml

Nuance PDF Converter Professional 7

NVIDIA Drivers

OGA Notifier 2.0.0048.0

OverDrive Media Console

Panda Global Protection 2011

Panda Secure Vault 5

Pazzles Inspiration Studio

PCsync

PDF Settings CS5

Pdf995

Pepakura Designer 3

Pivot Pro Plugin

Poster-Printery 4

PRS-500 USB driver

Quicken 2008

QuickTime

Radio365 2.0

Rapid Resizer

Rapid Resizer Compatibility Fix

ROBO Master for Silhouette

Safari

Sansa Updater

Scansoft PDF Professional

SDK

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 7 (KB950759)

Security Update for Windows Internet Explorer 7 (KB953838)

Security Update for Windows Internet Explorer 7 (KB956390)

Security Update for Windows Internet Explorer 7 (KB958215)

Security Update for Windows Internet Explorer 7 (KB960714)

Security Update for Windows Internet Explorer 7 (KB961260)

Security Update for Windows Internet Explorer 7 (KB963027)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB969897)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB972260)

Security Update for Windows Internet Explorer 8 (KB974455)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2079403)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2160329)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2286198)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2503665)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2536276)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2544893)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB938464)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950760)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951698)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB953839)

Security Update for Windows XP (KB954211)

Security Update for Windows XP (KB954459)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956391)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956841)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957095)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958690)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960715)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961373)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969898)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971486)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973525)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977165)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978251)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB980436)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981852)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982214)

Security Update for Windows XP (KB982665)

Security Update for Windows XP (KB982802)

Serif PagePlus X5

ShareIns

Shockwave

SigmaTel Audio

Silhouette Studio

SolutionCenter

Spell Checker For OE 2.1

Spelling Dictionaries Support For Adobe Reader 9

Spin It Again

Spotify

Spybot - Search & Destroy

Status

TrayApp

Unload

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB971180)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB976749)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB898461)

Update for Windows XP (KB942763)

Update for Windows XP (KB951072-v2)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB971737)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

WebFldrs XP

WebReg

WebTablet IE Plugin

WebTablet Netscape Plugin

Winamp

Windows Driver Package - Sony Corporation (PRSUSB) USB (08/08/2006 1.0.03.08080)

Windows Easy Transfer

Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray

Windows Genuine Advantage Notifications (KB905474)

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

WinZip 16.0

WorkFlows 3.2J

Xara Xtreme 3.2

.

==== Event Viewer Messages From Past Week ========

.

11/7/2011 6:40:04 PM, error: Service Control Manager [7000] - The MBAMSwissArmy service failed to start due to the following error: The system cannot find the file specified.

11/7/2011 5:06:02 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the TabletServicePen service to connect.

11/7/2011 5:06:02 PM, error: Service Control Manager [7000] - The TabletServicePen service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

11/7/2011 4:55:00 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Google Software Updater service to connect.

11/7/2011 11:32:45 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000243' while processing the file 'NetAdapt.cfg' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.

11/7/2011 11:32:43 PM, error: Print [19] - Sharing printer failed + 1722, Printer Microsoft Office Document Image Writer share name Printer7.

11/12/2011 8:40:41 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD APPFLT DSAFLT Fips FNETMON IDSFLT intelppm IPSec MpFilter MRxSmb NetBIOS NetBT NETFLTDI pavboot RasAcd Rdbss ShldDrv Tcpip WNMFLT

11/12/2011 8:40:41 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.

11/12/2011 8:40:41 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.

11/12/2011 8:40:41 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

11/12/2011 8:40:41 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.

11/12/2011 8:40:41 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

11/12/2011 8:40:41 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.

11/12/2011 8:40:06 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

11/12/2011 8:40:05 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}

11/12/2011 10:29:14 PM, error: Service Control Manager [7034] - The Panda TPSrv service terminated unexpectedly. It has done this 1 time(s).

11/12/2011 10:25:45 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

11/12/2011 10:25:45 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

11/12/2011 10:25:45 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

11/12/2011 10:25:45 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

11/12/2011 10:25:45 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

11/12/2011 10:25:44 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

11/12/2011 10:24:53 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: BIGCHEESE\Library #3 Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

11/12/2011 10:24:53 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiVirus Update Type: Full User: BIGCHEESE\Library #3 Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

11/12/2011 10:24:53 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: BIGCHEESE\Library #3 Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

11/12/2011 10:24:53 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Update Stage: Search Source Path: http://go.microsoft.com/fwlink/?LinkID=121721&clcid=0x409&arch=x86&eng=0.0.0.0&avdelta=0.0.0.0&asdelta=0.0.0.0∏=EDB4FA23-53B8-4AFA-8C5D-99752CCA7094 Signature Type: AntiSpyware Update Type: Full User: BIGCHEESE\Library #3 Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved

11/12/2011 10:24:52 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: Default URL Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x8007043c Error description: This service cannot be started in Safe Mode

11/12/2011 10:24:52 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

11/12/2011 10:19:14 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}

.

==== End Of File ===========================

Link to post
Share on other sites

Hello dworth! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/paste in your next reply.

Step 1

I see you are running Teatimer.

I suggest you to disable it because it can interfere with the changes you'll make on your system.

When everything is done and your log is clean again, you can enable it again.

If teatimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.

How to disable TeaTimer <== click me for instructions.

After you disabled Teatimer, download ResetTeaTimer.exe to your desktop.

Then run ResetTeaTimer.exe.

This will only take a few seconds.

Step 2

You have two installed and active antivirus programs on your system:

AV: Panda Global Protection 2011 *Enabled/Updated* {8BF935E7-731F-4115-B7A5-789FF5087595}

AV: Microsoft Security Essentials *Disabled/Outdated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

Two antivirus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs running at the same time can cause your computer to run very slow, become unstable and even, in rare cases, crash. Please remove one of them. Panda is an integrated solution (antivirus, firewall and etc.) and if you pay for it, the best option is to get rid of Microsoft Security Essentials. Otherwise, stay with the Microsoft Security Essentials and uninstall Panda Global Protection.

Step 3

Now it's time to clean the cache of Java, because of malware. Malware found in this cache directory are not associated with the Java that was downloaded and installed on the system. A cache directory is aa temporary storage location. When the browser runs an applet or application, Java stores files into its cache directory for better performance.

Click Start => Control Panel.

Double-click the Java icon in the control panel. The Java Control Panel appears.

plugin_cache1.jpg

Click Settings under Temporary Internet Files. The Temporary Files Settings dialog box appears.

plugin_cache2.jpg

Click Delete Files. The Delete Temporary Files dialog box appears.

plugin_cache3.jpg

Click OK on Delete Temporary Files window. Note: This deletes all the Downloaded Applications and Applets from the cache.

Click OK on Temporary Files Settings window. Note: If you want to delete a specific application and applet from the cache, click on View Application and View Applet options respectively.

Step 4

Download the latest version of TDSSKiller from here and save it to your Desktop.

  1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    tdss_1.jpg
  2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
    tdss_2.jpg
  3. Click the Start Scan button.
    tdss_3.jpg
  4. If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss_4.jpg
  5. If malicious objects are found, they will show in the Scan results and offer three (3) options.
  6. Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    tdss_5.jpg
  7. Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

In your next reply, please include the following log files:

  • TDSSKiller log
  • a new fresh DDS log with Attach.txt

Link to post
Share on other sites

Thank you for your help. I've done every thing you said except for the Teatimer reset. The link you provided took me to a site in a foreign language and the pictures didn't look right. I went to the Spybot site but couldn't find any info about resetting Teatimer, so I uninstalled Spybot and will re-install later. I hope I haven't screwed things up worse! Thanks again.

23:23:27.0625 5796 TDSS rootkit removing tool 2.6.19.0 Nov 16 2011 12:18:50

23:23:29.0625 5796 ============================================================

23:23:29.0625 5796 Current date / time: 2011/11/18 23:23:29.0625

23:23:29.0625 5796 SystemInfo:

23:23:29.0625 5796

23:23:29.0625 5796 OS Version: 5.1.2600 ServicePack: 3.0

23:23:29.0625 5796 Product type: Workstation

23:23:29.0625 5796 ComputerName: BIGCHEESE

23:23:29.0625 5796 UserName: Library #3

23:23:29.0625 5796 Windows directory: C:\windows

23:23:29.0625 5796 System windows directory: C:\windows

23:23:29.0625 5796 Processor architecture: Intel x86

23:23:29.0625 5796 Number of processors: 2

23:23:29.0625 5796 Page size: 0x1000

23:23:29.0625 5796 Boot type: Normal boot

23:23:29.0625 5796 ============================================================

23:23:31.0593 5796 Initialize success

23:24:10.0984 4100 ============================================================

23:24:10.0984 4100 Scan started

23:24:10.0984 4100 Mode: Manual; SigCheck; TDLFS;

23:24:10.0984 4100 ============================================================

23:24:11.0359 4100 Abiosdsk - ok

23:24:11.0359 4100 abp480n5 - ok

23:24:11.0421 4100 ACPI (8fd99680a539792a30e97944fdaecf17) C:\windows\system32\DRIVERS\ACPI.sys

23:24:12.0671 4100 ACPI - ok

23:24:12.0765 4100 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\windows\system32\drivers\ACPIEC.sys

23:24:12.0875 4100 ACPIEC - ok

23:24:12.0906 4100 adpu160m - ok

23:24:12.0953 4100 aec (8bed39e3c35d6a489438b8141717a557) C:\windows\system32\drivers\aec.sys

23:24:13.0093 4100 aec - ok

23:24:13.0125 4100 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\windows\System32\drivers\afd.sys

23:24:13.0203 4100 AFD - ok

23:24:13.0265 4100 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\windows\system32\drivers\AFS2K.sys

23:24:13.0328 4100 AFS2K - ok

23:24:13.0343 4100 Aha154x - ok

23:24:13.0359 4100 aic78u2 - ok

23:24:13.0359 4100 aic78xx - ok

23:24:13.0375 4100 AliIde - ok

23:24:13.0421 4100 AmFSM (ef9dd27aa5a3baaf2fd2b44c08a3e622) C:\windows\system32\DRIVERS\amm8651.sys

23:24:13.0515 4100 AmFSM - ok

23:24:13.0515 4100 amsint - ok

23:24:13.0562 4100 APPFLT (f57b596c8b6a143e9dc7ecc52b718a48) C:\windows\system32\Drivers\APPFLT.SYS

23:24:13.0578 4100 APPFLT - ok

23:24:13.0609 4100 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\windows\system32\DRIVERS\arp1394.sys

23:24:13.0718 4100 Arp1394 - ok

23:24:13.0734 4100 asc - ok

23:24:13.0750 4100 asc3350p - ok

23:24:13.0750 4100 asc3550 - ok

23:24:13.0781 4100 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\windows\system32\DRIVERS\asyncmac.sys

23:24:13.0906 4100 AsyncMac - ok

23:24:13.0921 4100 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\windows\system32\DRIVERS\atapi.sys

23:24:14.0031 4100 atapi - ok

23:24:14.0046 4100 Atdisk - ok

23:24:14.0046 4100 Atmarpc (9916c1225104ba14794209cfa8012159) C:\windows\system32\DRIVERS\atmarpc.sys

23:24:14.0171 4100 Atmarpc - ok

23:24:14.0187 4100 audstub (d9f724aa26c010a217c97606b160ed68) C:\windows\system32\DRIVERS\audstub.sys

23:24:14.0296 4100 audstub - ok

23:24:14.0312 4100 AvFlt - ok

23:24:14.0343 4100 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\windows\system32\drivers\Beep.sys

23:24:14.0453 4100 Beep - ok

23:24:14.0500 4100 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\windows\system32\drivers\cbidf2k.sys

23:24:14.0640 4100 cbidf2k - ok

23:24:14.0656 4100 cd20xrnt - ok

23:24:14.0687 4100 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\windows\system32\drivers\Cdaudio.sys

23:24:14.0796 4100 Cdaudio - ok

23:24:14.0812 4100 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\windows\system32\drivers\Cdfs.sys

23:24:14.0921 4100 Cdfs - ok

23:24:14.0953 4100 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\windows\system32\DRIVERS\cdrom.sys

23:24:15.0078 4100 Cdrom - ok

23:24:15.0078 4100 Changer - ok

23:24:15.0093 4100 CmdIde - ok

23:24:15.0109 4100 Cpqarray - ok

23:24:15.0234 4100 cpuz132 - ok

23:24:15.0234 4100 dac2w2k - ok

23:24:15.0250 4100 dac960nt - ok

23:24:15.0281 4100 Disk (044452051f3e02e7963599fc8f4f3e25) C:\windows\system32\DRIVERS\disk.sys

23:24:15.0406 4100 Disk - ok

23:24:15.0437 4100 dmboot (d992fe1274bde0f84ad826acae022a41) C:\windows\system32\drivers\dmboot.sys

23:24:15.0562 4100 dmboot - ok

23:24:15.0593 4100 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\windows\system32\drivers\dmio.sys

23:24:15.0734 4100 dmio - ok

23:24:15.0734 4100 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\windows\system32\drivers\dmload.sys

23:24:15.0859 4100 dmload - ok

23:24:15.0890 4100 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\windows\system32\drivers\DMusic.sys

23:24:16.0000 4100 DMusic - ok

23:24:16.0015 4100 dpti2o - ok

23:24:16.0031 4100 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\windows\system32\drivers\drmkaud.sys

23:24:16.0156 4100 drmkaud - ok

23:24:16.0187 4100 DSAFLT (5bb0f91ffd84057d094d106d9ff53298) C:\windows\system32\Drivers\DSAFLT.SYS

23:24:16.0203 4100 DSAFLT - ok

23:24:16.0250 4100 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\windows\system32\DRIVERS\e1e5132.sys

23:24:16.0265 4100 e1express - ok

23:24:16.0312 4100 Fastfat (38d332a6d56af32635675f132548343e) C:\windows\system32\drivers\Fastfat.sys

23:24:16.0421 4100 Fastfat - ok

23:24:16.0437 4100 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\windows\system32\DRIVERS\fdc.sys

23:24:16.0578 4100 Fdc - ok

23:24:16.0578 4100 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\windows\system32\drivers\Fips.sys

23:24:16.0703 4100 Fips - ok

23:24:16.0734 4100 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\windows\system32\drivers\Flpydisk.sys

23:24:16.0875 4100 Flpydisk - ok

23:24:16.0890 4100 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\windows\system32\DRIVERS\fltMgr.sys

23:24:17.0015 4100 FltMgr - ok

23:24:17.0031 4100 FNETMON (a38b9ba7a4c17f7dce9ec4e8f7870026) C:\windows\system32\Drivers\fnetmon.SYS

23:24:17.0046 4100 FNETMON - ok

23:24:17.0078 4100 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\windows\system32\drivers\Fs_Rec.sys

23:24:17.0187 4100 Fs_Rec - ok

23:24:17.0250 4100 FTDIBUS (a36e8beedb3aaca09bf55a1d17904bc8) C:\windows\system32\drivers\ftdibus.sys

23:24:17.0265 4100 FTDIBUS - ok

23:24:17.0281 4100 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\windows\system32\DRIVERS\ftdisk.sys

23:24:17.0390 4100 Ftdisk - ok

23:24:17.0453 4100 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys

23:24:17.0468 4100 GEARAspiWDM - ok

23:24:17.0468 4100 GMSIPCI - ok

23:24:17.0484 4100 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\windows\system32\DRIVERS\msgpc.sys

23:24:17.0609 4100 Gpc - ok

23:24:17.0625 4100 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\windows\system32\DRIVERS\HDAudBus.sys

23:24:17.0734 4100 HDAudBus - ok

23:24:17.0765 4100 HECI (cc2c8c23417cc7ddf5eddb17e60a14db) C:\windows\system32\DRIVERS\HECI.sys

23:24:17.0828 4100 HECI - ok

23:24:17.0859 4100 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\windows\system32\DRIVERS\hidusb.sys

23:24:17.0984 4100 hidusb - ok

23:24:17.0984 4100 hpn - ok

23:24:18.0031 4100 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\windows\system32\DRIVERS\HPZid412.sys

23:24:18.0109 4100 HPZid412 - ok

23:24:18.0109 4100 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\windows\system32\DRIVERS\HPZipr12.sys

23:24:18.0140 4100 HPZipr12 - ok

23:24:18.0156 4100 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\windows\system32\DRIVERS\HPZius12.sys

23:24:18.0187 4100 HPZius12 - ok

23:24:18.0234 4100 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\windows\system32\Drivers\HTTP.sys

23:24:18.0296 4100 HTTP - ok

23:24:18.0296 4100 i2omgmt - ok

23:24:18.0312 4100 i2omp - ok

23:24:18.0343 4100 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\windows\system32\drivers\i8042prt.sys

23:24:18.0468 4100 i8042prt - ok

23:24:18.0515 4100 IDSFLT (188eed48de6dc75e1067e78ed99d928a) C:\windows\system32\Drivers\IDSFLT.SYS

23:24:18.0531 4100 IDSFLT - ok

23:24:18.0546 4100 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\windows\system32\DRIVERS\imapi.sys

23:24:18.0656 4100 Imapi - ok

23:24:18.0671 4100 ini910u - ok

23:24:18.0687 4100 IntelIde - ok

23:24:18.0703 4100 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\windows\system32\DRIVERS\intelppm.sys

23:24:18.0828 4100 intelppm - ok

23:24:18.0859 4100 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\windows\system32\DRIVERS\Ip6Fw.sys

23:24:18.0968 4100 Ip6Fw - ok

23:24:19.0015 4100 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\windows\system32\DRIVERS\ipfltdrv.sys

23:24:19.0125 4100 IpFilterDriver - ok

23:24:19.0125 4100 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\windows\system32\DRIVERS\ipinip.sys

23:24:19.0250 4100 IpInIp - ok

23:24:19.0265 4100 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\windows\system32\DRIVERS\ipnat.sys

23:24:19.0375 4100 IpNat - ok

23:24:19.0375 4100 IPSec (23c74d75e36e7158768dd63d92789a91) C:\windows\system32\DRIVERS\ipsec.sys

23:24:19.0531 4100 IPSec - ok

23:24:19.0546 4100 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\windows\system32\DRIVERS\irenum.sys

23:24:19.0609 4100 IRENUM - ok

23:24:19.0640 4100 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\windows\system32\DRIVERS\isapnp.sys

23:24:19.0750 4100 isapnp - ok

23:24:19.0765 4100 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\windows\system32\DRIVERS\kbdclass.sys

23:24:19.0890 4100 Kbdclass - ok

23:24:19.0890 4100 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\windows\system32\DRIVERS\kbdhid.sys

23:24:20.0015 4100 kbdhid - ok

23:24:20.0062 4100 kmixer (692bcf44383d056aed41b045a323d378) C:\windows\system32\drivers\kmixer.sys

23:24:20.0203 4100 kmixer - ok

23:24:20.0218 4100 KSecDD (b467646c54cc746128904e1654c750c1) C:\windows\system32\drivers\KSecDD.sys

23:24:20.0296 4100 KSecDD - ok

23:24:20.0312 4100 lbrtfdc - ok

23:24:20.0343 4100 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\windows\system32\drivers\mbam.sys

23:24:20.0359 4100 MBAMProtector - ok

23:24:20.0390 4100 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\windows\system32\drivers\mnmdd.sys

23:24:20.0515 4100 mnmdd - ok

23:24:20.0546 4100 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\windows\system32\drivers\Modem.sys

23:24:20.0687 4100 Modem - ok

23:24:20.0703 4100 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\windows\system32\DRIVERS\mouclass.sys

23:24:20.0828 4100 Mouclass - ok

23:24:20.0828 4100 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\windows\system32\DRIVERS\mouhid.sys

23:24:20.0953 4100 mouhid - ok

23:24:20.0968 4100 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\windows\system32\drivers\MountMgr.sys

23:24:21.0078 4100 MountMgr - ok

23:24:21.0093 4100 mraid35x - ok

23:24:21.0109 4100 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\windows\system32\DRIVERS\mrxdav.sys

23:24:21.0218 4100 MRxDAV - ok

23:24:21.0265 4100 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\windows\system32\DRIVERS\mrxsmb.sys

23:24:21.0328 4100 MRxSmb - ok

23:24:21.0343 4100 Msfs (c941ea2454ba8350021d774daf0f1027) C:\windows\system32\drivers\Msfs.sys

23:24:21.0453 4100 Msfs - ok

23:24:21.0484 4100 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\windows\system32\drivers\MSKSSRV.sys

23:24:21.0593 4100 MSKSSRV - ok

23:24:21.0609 4100 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\windows\system32\drivers\MSPCLOCK.sys

23:24:21.0718 4100 MSPCLOCK - ok

23:24:21.0734 4100 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\windows\system32\drivers\MSPQM.sys

23:24:21.0859 4100 MSPQM - ok

23:24:21.0875 4100 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\windows\system32\DRIVERS\mssmbios.sys

23:24:21.0984 4100 mssmbios - ok

23:24:22.0000 4100 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\windows\system32\drivers\Mup.sys

23:24:22.0062 4100 Mup - ok

23:24:22.0078 4100 NDIS (1df7f42665c94b825322fae71721130d) C:\windows\system32\drivers\NDIS.sys

23:24:22.0218 4100 NDIS - ok

23:24:22.0250 4100 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\windows\system32\DRIVERS\ndistapi.sys

23:24:22.0265 4100 NdisTapi - ok

23:24:22.0312 4100 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\windows\system32\DRIVERS\ndisuio.sys

23:24:22.0437 4100 Ndisuio - ok

23:24:22.0453 4100 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\windows\system32\DRIVERS\ndiswan.sys

23:24:22.0578 4100 NdisWan - ok

23:24:22.0593 4100 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\windows\system32\drivers\NDProxy.sys

23:24:22.0625 4100 NDProxy - ok

23:24:22.0640 4100 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\windows\system32\DRIVERS\netbios.sys

23:24:22.0750 4100 NetBIOS - ok

23:24:22.0765 4100 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\windows\system32\DRIVERS\netbt.sys

23:24:22.0875 4100 NetBT - ok

23:24:22.0937 4100 NETFLTDI (d8f44fc13db193c9379297973ee42272) C:\windows\system32\Drivers\NETFLTDI.SYS

23:24:22.0953 4100 NETFLTDI - ok

23:24:23.0015 4100 NETIMFLT01060042 (9eeb6df1f5ffd878a3a44874607eaaef) C:\windows\system32\DRIVERS\neti1642.sys

23:24:23.0046 4100 NETIMFLT01060042 - ok

23:24:23.0078 4100 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\windows\system32\DRIVERS\nic1394.sys

23:24:23.0187 4100 NIC1394 - ok

23:24:23.0203 4100 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\windows\system32\drivers\Npfs.sys

23:24:23.0328 4100 Npfs - ok

23:24:23.0343 4100 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\windows\system32\drivers\Ntfs.sys

23:24:23.0468 4100 Ntfs - ok

23:24:23.0500 4100 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\windows\system32\drivers\Null.sys

23:24:23.0609 4100 Null - ok

23:24:23.0828 4100 nv (8c0456001b6900114bbb1c548bd8aaf5) C:\windows\system32\DRIVERS\nv4_mini.sys

23:24:24.0031 4100 nv ( UnsignedFile.Multi.Generic ) - warning

23:24:24.0031 4100 nv - detected UnsignedFile.Multi.Generic (1)

23:24:24.0062 4100 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\windows\system32\DRIVERS\nwlnkflt.sys

23:24:24.0171 4100 NwlnkFlt - ok

23:24:24.0187 4100 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\windows\system32\DRIVERS\nwlnkfwd.sys

23:24:24.0312 4100 NwlnkFwd - ok

23:24:24.0312 4100 oalcejkh - ok

23:24:24.0343 4100 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\windows\system32\DRIVERS\ohci1394.sys

23:24:24.0453 4100 ohci1394 - ok

23:24:24.0500 4100 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\windows\system32\drivers\Parport.sys

23:24:24.0609 4100 Parport - ok

23:24:24.0625 4100 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\windows\system32\drivers\PartMgr.sys

23:24:24.0734 4100 PartMgr - ok

23:24:24.0750 4100 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\windows\system32\drivers\ParVdm.sys

23:24:24.0859 4100 ParVdm - ok

23:24:24.0890 4100 pavboot (55d654258a9c509b671310c314bd30b4) C:\windows\system32\Drivers\pavboot.sys

23:24:24.0906 4100 pavboot - ok

23:24:24.0953 4100 PavProc (018f51f5757819fcd9f32162c9808565) C:\windows\system32\DRIVERS\PavProc.sys

23:24:24.0968 4100 PavProc - ok

23:24:24.0984 4100 PavSRK.sys - ok

23:24:25.0000 4100 PavTPK.sys - ok

23:24:25.0031 4100 PCI (a219903ccf74233761d92bef471a07b1) C:\windows\system32\DRIVERS\pci.sys

23:24:25.0156 4100 PCI - ok

23:24:25.0156 4100 PCIDump - ok

23:24:25.0171 4100 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\windows\system32\DRIVERS\pciide.sys

23:24:25.0281 4100 PCIIde - ok

23:24:25.0296 4100 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\windows\system32\drivers\Pcmcia.sys

23:24:25.0421 4100 Pcmcia - ok

23:24:25.0421 4100 PDCOMP - ok

23:24:25.0437 4100 PDFRAME - ok

23:24:25.0500 4100 PdiPorts (089ca80ce0766b031164714b51df99bb) C:\windows\system32\Drivers\PdiPorts.sys

23:24:25.0500 4100 PdiPorts - ok

23:24:25.0515 4100 PDRELI - ok

23:24:25.0531 4100 PDRFRAME - ok

23:24:25.0546 4100 perc2 - ok

23:24:25.0546 4100 perc2hib - ok

23:24:25.0609 4100 Pivot (ec4f52692b5cf116ca6b0428d84a9aba) C:\windows\system32\drivers\pivot.sys

23:24:25.0625 4100 Pivot ( UnsignedFile.Multi.Generic ) - warning

23:24:25.0625 4100 Pivot - detected UnsignedFile.Multi.Generic (1)

23:24:25.0656 4100 pivotmou (7d72ac1abda06ff42fd57345d0d75523) C:\windows\System32\drivers\pivotmou.sys

23:24:25.0671 4100 pivotmou ( UnsignedFile.Multi.Generic ) - warning

23:24:25.0671 4100 pivotmou - detected UnsignedFile.Multi.Generic (1)

23:24:25.0718 4100 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\windows\system32\DRIVERS\raspptp.sys

23:24:25.0843 4100 PptpMiniport - ok

23:24:25.0859 4100 PSched (09298ec810b07e5d582cb3a3f9255424) C:\windows\system32\DRIVERS\psched.sys

23:24:25.0968 4100 PSched - ok

23:24:26.0000 4100 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\windows\system32\DRIVERS\ptilink.sys

23:24:26.0125 4100 Ptilink - ok

23:24:26.0140 4100 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\windows\system32\Drivers\PxHelp20.sys

23:24:26.0156 4100 PxHelp20 - ok

23:24:26.0171 4100 ql1080 - ok

23:24:26.0171 4100 Ql10wnt - ok

23:24:26.0187 4100 ql12160 - ok

23:24:26.0203 4100 ql1240 - ok

23:24:26.0218 4100 ql1280 - ok

23:24:26.0250 4100 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\windows\system32\DRIVERS\rasacd.sys

23:24:26.0359 4100 RasAcd - ok

23:24:26.0375 4100 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\windows\system32\DRIVERS\rasl2tp.sys

23:24:26.0484 4100 Rasl2tp - ok

23:24:26.0500 4100 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\windows\system32\DRIVERS\raspppoe.sys

23:24:26.0609 4100 RasPppoe - ok

23:24:26.0625 4100 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\windows\system32\DRIVERS\raspti.sys

23:24:26.0734 4100 Raspti - ok

23:24:26.0781 4100 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\windows\system32\DRIVERS\rdbss.sys

23:24:26.0906 4100 Rdbss - ok

23:24:26.0937 4100 RDPCDD (4912d5b403614ce99c28420f75353332) C:\windows\system32\DRIVERS\RDPCDD.sys

23:24:27.0078 4100 RDPCDD - ok

23:24:27.0109 4100 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\windows\system32\DRIVERS\rdpdr.sys

23:24:27.0218 4100 rdpdr - ok

23:24:27.0250 4100 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\windows\system32\drivers\RDPWD.sys

23:24:27.0296 4100 RDPWD - ok

23:24:27.0312 4100 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\windows\system32\DRIVERS\redbook.sys

23:24:27.0421 4100 redbook - ok

23:24:27.0468 4100 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\DRIVERS\secdrv.sys

23:24:27.0531 4100 Secdrv - ok

23:24:27.0578 4100 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\windows\system32\DRIVERS\serenum.sys

23:24:27.0687 4100 serenum - ok

23:24:27.0703 4100 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\windows\system32\DRIVERS\serial.sys

23:24:27.0796 4100 Serial - ok

23:24:27.0828 4100 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\windows\system32\drivers\Sfloppy.sys

23:24:27.0937 4100 Sfloppy - ok

23:24:27.0984 4100 sfng32 (76bd55922b3179fa7b5bd528839e6fb4) C:\windows\system32\drivers\sfng32.sys

23:24:28.0015 4100 sfng32 - ok

23:24:28.0078 4100 ShldDrv (a2f0bf07cac43a11555c173f7b1ad28a) C:\windows\system32\DRIVERS\ShlDrv51.sys

23:24:28.0093 4100 ShldDrv - ok

23:24:28.0109 4100 Simbad - ok

23:24:28.0171 4100 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\windows\system32\DRIVERS\SONYPVU1.SYS

23:24:28.0296 4100 SONYPVU1 - ok

23:24:28.0312 4100 Sparrow - ok

23:24:28.0343 4100 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\windows\system32\drivers\splitter.sys

23:24:28.0484 4100 splitter - ok

23:24:28.0515 4100 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\windows\system32\DRIVERS\sr.sys

23:24:28.0562 4100 sr - ok

23:24:28.0609 4100 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\windows\system32\DRIVERS\srv.sys

23:24:28.0656 4100 Srv - ok

23:24:28.0703 4100 STHDA (527fd7d6919734c2a61c8aa3d5740e61) C:\windows\system32\drivers\sthda.sys

23:24:28.0828 4100 STHDA - ok

23:24:28.0859 4100 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\windows\system32\DRIVERS\swenum.sys

23:24:28.0968 4100 swenum - ok

23:24:28.0984 4100 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\windows\system32\drivers\swmidi.sys

23:24:29.0109 4100 swmidi - ok

23:24:29.0125 4100 symc810 - ok

23:24:29.0140 4100 symc8xx - ok

23:24:29.0140 4100 sym_hi - ok

23:24:29.0156 4100 sym_u3 - ok

23:24:29.0171 4100 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\windows\system32\drivers\sysaudio.sys

23:24:29.0281 4100 sysaudio - ok

23:24:29.0343 4100 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\windows\system32\DRIVERS\tcpip.sys

23:24:29.0468 4100 Tcpip - ok

23:24:29.0515 4100 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\windows\system32\drivers\TDPIPE.sys

23:24:29.0640 4100 TDPIPE - ok

23:24:29.0656 4100 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\windows\system32\drivers\TDTCP.sys

23:24:29.0765 4100 TDTCP - ok

23:24:29.0812 4100 TermDD (88155247177638048422893737429d9e) C:\windows\system32\DRIVERS\termdd.sys

23:24:29.0921 4100 TermDD - ok

23:24:29.0937 4100 TosIde - ok

23:24:30.0000 4100 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\windows\system32\drivers\Udfs.sys

23:24:30.0109 4100 Udfs - ok

23:24:30.0125 4100 ultra - ok

23:24:30.0156 4100 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\windows\system32\DRIVERS\update.sys

23:24:30.0265 4100 Update - ok

23:24:30.0328 4100 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\windows\system32\Drivers\usbaapl.sys

23:24:30.0390 4100 USBAAPL - ok

23:24:30.0421 4100 usbaudio (e919708db44ed8543a7c017953148330) C:\windows\system32\drivers\usbaudio.sys

23:24:30.0546 4100 usbaudio - ok

23:24:30.0578 4100 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\windows\system32\DRIVERS\usbccgp.sys

23:24:30.0703 4100 usbccgp - ok

23:24:30.0750 4100 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\windows\system32\DRIVERS\usbehci.sys

23:24:30.0875 4100 usbehci - ok

23:24:30.0906 4100 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\windows\system32\DRIVERS\usbhub.sys

23:24:31.0031 4100 usbhub - ok

23:24:31.0078 4100 usbprint (a717c8721046828520c9edf31288fc00) C:\windows\system32\DRIVERS\usbprint.sys

23:24:31.0187 4100 usbprint - ok

23:24:31.0250 4100 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\windows\system32\DRIVERS\usbscan.sys

23:24:31.0343 4100 usbscan - ok

23:24:31.0390 4100 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\windows\system32\DRIVERS\USBSTOR.SYS

23:24:31.0484 4100 USBSTOR - ok

23:24:31.0515 4100 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\windows\system32\DRIVERS\usbuhci.sys

23:24:31.0640 4100 usbuhci - ok

23:24:31.0687 4100 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\windows\System32\drivers\vga.sys

23:24:31.0796 4100 VgaSave - ok

23:24:31.0812 4100 ViaIde - ok

23:24:31.0859 4100 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\windows\system32\drivers\VolSnap.sys

23:24:32.0000 4100 VolSnap - ok

23:24:32.0046 4100 wacmoumonitor (8724531219ae3f9e3729012b61dce527) C:\windows\system32\DRIVERS\wacmoumonitor.sys

23:24:32.0062 4100 wacmoumonitor - ok

23:24:32.0078 4100 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\windows\system32\DRIVERS\wacommousefilter.sys

23:24:32.0093 4100 wacommousefilter - ok

23:24:32.0140 4100 wacomvhid (51d580f30d1a1f2ea4965af6abc2bcb2) C:\windows\system32\DRIVERS\wacomvhid.sys

23:24:32.0156 4100 wacomvhid - ok

23:24:32.0171 4100 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\windows\system32\DRIVERS\wanarp.sys

23:24:32.0281 4100 Wanarp - ok

23:24:32.0343 4100 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\windows\system32\DRIVERS\Wdf01000.sys

23:24:32.0375 4100 Wdf01000 - ok

23:24:32.0375 4100 WDICA - ok

23:24:32.0421 4100 wdmaud (6768acf64b18196494413695f0c3a00f) C:\windows\system32\drivers\wdmaud.sys

23:24:32.0531 4100 wdmaud - ok

23:24:32.0593 4100 winusb (fd600b032e741eb6aab509fc630f7c42) C:\windows\system32\DRIVERS\WinUSB.SYS

23:24:32.0625 4100 winusb - ok

23:24:32.0671 4100 WNMFLT (0411d0433e8c48ad24b2ef32d7c97ae0) C:\windows\system32\Drivers\WNMFLT.SYS

23:24:32.0687 4100 WNMFLT - ok

23:24:32.0734 4100 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\windows\system32\DRIVERS\wpdusb.sys

23:24:32.0765 4100 WpdUsb - ok

23:24:32.0828 4100 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\windows\System32\drivers\ws2ifsl.sys

23:24:32.0937 4100 WS2IFSL - ok

23:24:32.0968 4100 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\windows\system32\DRIVERS\WudfPf.sys

23:24:33.0031 4100 WudfPf - ok

23:24:33.0046 4100 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\windows\system32\DRIVERS\wudfrd.sys

23:24:33.0062 4100 WudfRd - ok

23:24:33.0109 4100 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

23:24:33.0296 4100 \Device\Harddisk0\DR0 - ok

23:24:33.0296 4100 Boot (0x1200) (4ea46c89eca9be0fe407fa0809557ca0) \Device\Harddisk0\DR0\Partition0

23:24:33.0296 4100 \Device\Harddisk0\DR0\Partition0 - ok

23:24:33.0296 4100 ============================================================

23:24:33.0296 4100 Scan finished

23:24:33.0296 4100 ============================================================

23:24:33.0406 4740 Detected object count: 3

23:24:33.0406 4740 Actual detected object count: 3

23:25:26.0656 4740 nv ( UnsignedFile.Multi.Generic ) - skipped by user

23:25:26.0656 4740 nv ( UnsignedFile.Multi.Generic ) - User select action: Skip

23:25:26.0656 4740 Pivot ( UnsignedFile.Multi.Generic ) - skipped by user

23:25:26.0656 4740 Pivot ( UnsignedFile.Multi.Generic ) - User select action: Skip

23:25:26.0656 4740 pivotmou ( UnsignedFile.Multi.Generic ) - skipped by user

23:25:26.0656 4740 pivotmou ( UnsignedFile.Multi.Generic ) - User select action: Skip

23:26:07.0640 0120 ============================================================

23:26:07.0640 0120 Scan started

23:26:07.0640 0120 Mode: Manual; SigCheck; TDLFS;

23:26:07.0640 0120 ============================================================

23:26:08.0000 0120 Abiosdsk - ok

23:26:08.0015 0120 abp480n5 - ok

23:26:08.0062 0120 ACPI (8fd99680a539792a30e97944fdaecf17) C:\windows\system32\DRIVERS\ACPI.sys

23:26:08.0250 0120 ACPI - ok

23:26:08.0281 0120 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\windows\system32\drivers\ACPIEC.sys

23:26:08.0406 0120 ACPIEC - ok

23:26:08.0421 0120 adpu160m - ok

23:26:08.0453 0120 aec (8bed39e3c35d6a489438b8141717a557) C:\windows\system32\drivers\aec.sys

23:26:08.0562 0120 aec - ok

23:26:08.0625 0120 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\windows\System32\drivers\afd.sys

23:26:08.0671 0120 AFD - ok

23:26:08.0718 0120 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\windows\system32\drivers\AFS2K.sys

23:26:08.0765 0120 AFS2K - ok

23:26:08.0765 0120 Aha154x - ok

23:26:08.0781 0120 aic78u2 - ok

23:26:08.0781 0120 aic78xx - ok

23:26:08.0796 0120 AliIde - ok

23:26:08.0812 0120 AmFSM (ef9dd27aa5a3baaf2fd2b44c08a3e622) C:\windows\system32\DRIVERS\amm8651.sys

23:26:08.0828 0120 AmFSM - ok

23:26:08.0828 0120 amsint - ok

23:26:08.0875 0120 APPFLT (f57b596c8b6a143e9dc7ecc52b718a48) C:\windows\system32\Drivers\APPFLT.SYS

23:26:08.0890 0120 APPFLT - ok

23:26:08.0937 0120 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\windows\system32\DRIVERS\arp1394.sys

23:26:09.0031 0120 Arp1394 - ok

23:26:09.0046 0120 asc - ok

23:26:09.0046 0120 asc3350p - ok

23:26:09.0062 0120 asc3550 - ok

23:26:09.0093 0120 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\windows\system32\DRIVERS\asyncmac.sys

23:26:09.0218 0120 AsyncMac - ok

23:26:09.0234 0120 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\windows\system32\DRIVERS\atapi.sys

23:26:09.0359 0120 atapi - ok

23:26:09.0359 0120 Atdisk - ok

23:26:09.0375 0120 Atmarpc (9916c1225104ba14794209cfa8012159) C:\windows\system32\DRIVERS\atmarpc.sys

23:26:09.0500 0120 Atmarpc - ok

23:26:09.0515 0120 audstub (d9f724aa26c010a217c97606b160ed68) C:\windows\system32\DRIVERS\audstub.sys

23:26:09.0625 0120 audstub - ok

23:26:09.0625 0120 AvFlt - ok

23:26:09.0671 0120 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\windows\system32\drivers\Beep.sys

23:26:09.0781 0120 Beep - ok

23:26:09.0843 0120 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\windows\system32\drivers\cbidf2k.sys

23:26:09.0984 0120 cbidf2k - ok

23:26:09.0984 0120 cd20xrnt - ok

23:26:10.0015 0120 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\windows\system32\drivers\Cdaudio.sys

23:26:10.0125 0120 Cdaudio - ok

23:26:10.0140 0120 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\windows\system32\drivers\Cdfs.sys

23:26:10.0250 0120 Cdfs - ok

23:26:10.0265 0120 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\windows\system32\DRIVERS\cdrom.sys

23:26:10.0359 0120 Cdrom - ok

23:26:10.0375 0120 Changer - ok

23:26:10.0390 0120 CmdIde - ok

23:26:10.0406 0120 Cpqarray - ok

23:26:10.0515 0120 cpuz132 - ok

23:26:10.0531 0120 dac2w2k - ok

23:26:10.0546 0120 dac960nt - ok

23:26:10.0562 0120 Disk (044452051f3e02e7963599fc8f4f3e25) C:\windows\system32\DRIVERS\disk.sys

23:26:10.0687 0120 Disk - ok

23:26:10.0734 0120 dmboot (d992fe1274bde0f84ad826acae022a41) C:\windows\system32\drivers\dmboot.sys

23:26:10.0843 0120 dmboot - ok

23:26:10.0875 0120 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\windows\system32\drivers\dmio.sys

23:26:10.0984 0120 dmio - ok

23:26:10.0984 0120 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\windows\system32\drivers\dmload.sys

23:26:11.0093 0120 dmload - ok

23:26:11.0156 0120 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\windows\system32\drivers\DMusic.sys

23:26:11.0265 0120 DMusic - ok

23:26:11.0281 0120 dpti2o - ok

23:26:11.0312 0120 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\windows\system32\drivers\drmkaud.sys

23:26:11.0421 0120 drmkaud - ok

23:26:11.0437 0120 DSAFLT (5bb0f91ffd84057d094d106d9ff53298) C:\windows\system32\Drivers\DSAFLT.SYS

23:26:11.0453 0120 DSAFLT - ok

23:26:11.0515 0120 e1express (34aaa3b298a852b3663e6e0d94d12945) C:\windows\system32\DRIVERS\e1e5132.sys

23:26:11.0531 0120 e1express - ok

23:26:11.0578 0120 Fastfat (38d332a6d56af32635675f132548343e) C:\windows\system32\drivers\Fastfat.sys

23:26:11.0687 0120 Fastfat - ok

23:26:11.0718 0120 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\windows\system32\DRIVERS\fdc.sys

23:26:11.0843 0120 Fdc - ok

23:26:11.0875 0120 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\windows\system32\drivers\Fips.sys

23:26:12.0000 0120 Fips - ok

23:26:12.0031 0120 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\windows\system32\drivers\Flpydisk.sys

23:26:12.0171 0120 Flpydisk - ok

23:26:12.0187 0120 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\windows\system32\DRIVERS\fltMgr.sys

23:26:12.0296 0120 FltMgr - ok

23:26:12.0343 0120 FNETMON (a38b9ba7a4c17f7dce9ec4e8f7870026) C:\windows\system32\Drivers\fnetmon.SYS

23:26:12.0359 0120 FNETMON - ok

23:26:12.0375 0120 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\windows\system32\drivers\Fs_Rec.sys

23:26:12.0500 0120 Fs_Rec - ok

23:26:12.0546 0120 FTDIBUS (a36e8beedb3aaca09bf55a1d17904bc8) C:\windows\system32\drivers\ftdibus.sys

23:26:12.0562 0120 FTDIBUS - ok

23:26:12.0562 0120 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\windows\system32\DRIVERS\ftdisk.sys

23:26:12.0671 0120 Ftdisk - ok

23:26:12.0734 0120 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys

23:26:12.0750 0120 GEARAspiWDM - ok

23:26:12.0750 0120 GMSIPCI - ok

23:26:12.0765 0120 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\windows\system32\DRIVERS\msgpc.sys

23:26:12.0875 0120 Gpc - ok

23:26:12.0906 0120 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\windows\system32\DRIVERS\HDAudBus.sys

23:26:13.0015 0120 HDAudBus - ok

23:26:13.0046 0120 HECI (cc2c8c23417cc7ddf5eddb17e60a14db) C:\windows\system32\DRIVERS\HECI.sys

23:26:13.0093 0120 HECI - ok

23:26:13.0125 0120 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\windows\system32\DRIVERS\hidusb.sys

23:26:13.0234 0120 hidusb - ok

23:26:13.0250 0120 hpn - ok

23:26:13.0281 0120 HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\windows\system32\DRIVERS\HPZid412.sys

23:26:13.0328 0120 HPZid412 - ok

23:26:13.0343 0120 HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\windows\system32\DRIVERS\HPZipr12.sys

23:26:13.0359 0120 HPZipr12 - ok

23:26:13.0390 0120 HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\windows\system32\DRIVERS\HPZius12.sys

23:26:13.0406 0120 HPZius12 - ok

23:26:13.0453 0120 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\windows\system32\Drivers\HTTP.sys

23:26:13.0468 0120 HTTP - ok

23:26:13.0484 0120 i2omgmt - ok

23:26:13.0500 0120 i2omp - ok

23:26:13.0500 0120 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\windows\system32\drivers\i8042prt.sys

23:26:13.0625 0120 i8042prt - ok

23:26:13.0671 0120 IDSFLT (188eed48de6dc75e1067e78ed99d928a) C:\windows\system32\Drivers\IDSFLT.SYS

23:26:13.0687 0120 IDSFLT - ok

23:26:13.0703 0120 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\windows\system32\DRIVERS\imapi.sys

23:26:13.0812 0120 Imapi - ok

23:26:13.0828 0120 ini910u - ok

23:26:13.0843 0120 IntelIde - ok

23:26:13.0859 0120 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\windows\system32\DRIVERS\intelppm.sys

23:26:13.0968 0120 intelppm - ok

23:26:14.0000 0120 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\windows\system32\DRIVERS\Ip6Fw.sys

23:26:14.0125 0120 Ip6Fw - ok

23:26:14.0156 0120 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\windows\system32\DRIVERS\ipfltdrv.sys

23:26:14.0281 0120 IpFilterDriver - ok

23:26:14.0296 0120 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\windows\system32\DRIVERS\ipinip.sys

23:26:14.0406 0120 IpInIp - ok

23:26:14.0437 0120 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\windows\system32\DRIVERS\ipnat.sys

23:26:14.0562 0120 IpNat - ok

23:26:14.0578 0120 IPSec (23c74d75e36e7158768dd63d92789a91) C:\windows\system32\DRIVERS\ipsec.sys

23:26:14.0687 0120 IPSec - ok

23:26:14.0703 0120 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\windows\system32\DRIVERS\irenum.sys

23:26:14.0750 0120 IRENUM - ok

23:26:14.0765 0120 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\windows\system32\DRIVERS\isapnp.sys

23:26:14.0875 0120 isapnp - ok

23:26:14.0906 0120 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\windows\system32\DRIVERS\kbdclass.sys

23:26:15.0015 0120 Kbdclass - ok

23:26:15.0031 0120 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\windows\system32\DRIVERS\kbdhid.sys

23:26:15.0125 0120 kbdhid - ok

23:26:15.0187 0120 kmixer (692bcf44383d056aed41b045a323d378) C:\windows\system32\drivers\kmixer.sys

23:26:15.0312 0120 kmixer - ok

23:26:15.0328 0120 KSecDD (b467646c54cc746128904e1654c750c1) C:\windows\system32\drivers\KSecDD.sys

23:26:15.0343 0120 KSecDD - ok

23:26:15.0359 0120 lbrtfdc - ok

23:26:15.0390 0120 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\windows\system32\drivers\mbam.sys

23:26:15.0406 0120 MBAMProtector - ok

23:26:15.0437 0120 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\windows\system32\drivers\mnmdd.sys

23:26:15.0531 0120 mnmdd - ok

23:26:15.0578 0120 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\windows\system32\drivers\Modem.sys

23:26:15.0687 0120 Modem - ok

23:26:15.0718 0120 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\windows\system32\DRIVERS\mouclass.sys

23:26:15.0828 0120 Mouclass - ok

23:26:15.0843 0120 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\windows\system32\DRIVERS\mouhid.sys

23:26:15.0953 0120 mouhid - ok

23:26:15.0968 0120 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\windows\system32\drivers\MountMgr.sys

23:26:16.0078 0120 MountMgr - ok

23:26:16.0078 0120 mraid35x - ok

23:26:16.0093 0120 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\windows\system32\DRIVERS\mrxdav.sys

23:26:16.0187 0120 MRxDAV - ok

23:26:16.0250 0120 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\windows\system32\DRIVERS\mrxsmb.sys

23:26:16.0265 0120 MRxSmb - ok

23:26:16.0281 0120 Msfs (c941ea2454ba8350021d774daf0f1027) C:\windows\system32\drivers\Msfs.sys

23:26:16.0390 0120 Msfs - ok

23:26:16.0421 0120 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\windows\system32\drivers\MSKSSRV.sys

23:26:16.0531 0120 MSKSSRV - ok

23:26:16.0546 0120 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\windows\system32\drivers\MSPCLOCK.sys

23:26:16.0656 0120 MSPCLOCK - ok

23:26:16.0671 0120 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\windows\system32\drivers\MSPQM.sys

23:26:16.0781 0120 MSPQM - ok

23:26:16.0796 0120 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\windows\system32\DRIVERS\mssmbios.sys

23:26:16.0906 0120 mssmbios - ok

23:26:16.0921 0120 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\windows\system32\drivers\Mup.sys

23:26:16.0937 0120 Mup - ok

23:26:16.0968 0120 NDIS (1df7f42665c94b825322fae71721130d) C:\windows\system32\drivers\NDIS.sys

23:26:17.0078 0120 NDIS - ok

23:26:17.0125 0120 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\windows\system32\DRIVERS\ndistapi.sys

23:26:17.0140 0120 NdisTapi - ok

23:26:17.0187 0120 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\windows\system32\DRIVERS\ndisuio.sys

23:26:17.0296 0120 Ndisuio - ok

23:26:17.0312 0120 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\windows\system32\DRIVERS\ndiswan.sys

23:26:17.0421 0120 NdisWan - ok

23:26:17.0437 0120 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\windows\system32\drivers\NDProxy.sys

23:26:17.0453 0120 NDProxy - ok

23:26:17.0468 0120 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\windows\system32\DRIVERS\netbios.sys

23:26:17.0562 0120 NetBIOS - ok

23:26:17.0609 0120 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\windows\system32\DRIVERS\netbt.sys

23:26:17.0703 0120 NetBT - ok

23:26:17.0765 0120 NETFLTDI (d8f44fc13db193c9379297973ee42272) C:\windows\system32\Drivers\NETFLTDI.SYS

23:26:17.0781 0120 NETFLTDI - ok

23:26:17.0828 0120 NETIMFLT01060042 (9eeb6df1f5ffd878a3a44874607eaaef) C:\windows\system32\DRIVERS\neti1642.sys

23:26:17.0859 0120 NETIMFLT01060042 - ok

23:26:17.0875 0120 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\windows\system32\DRIVERS\nic1394.sys

23:26:17.0984 0120 NIC1394 - ok

23:26:17.0984 0120 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\windows\system32\drivers\Npfs.sys

23:26:18.0109 0120 Npfs - ok

23:26:18.0125 0120 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\windows\system32\drivers\Ntfs.sys

23:26:18.0234 0120 Ntfs - ok

23:26:18.0265 0120 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\windows\system32\drivers\Null.sys

23:26:18.0390 0120 Null - ok

23:26:18.0578 0120 nv (8c0456001b6900114bbb1c548bd8aaf5) C:\windows\system32\DRIVERS\nv4_mini.sys

23:26:18.0765 0120 nv ( UnsignedFile.Multi.Generic ) - warning

23:26:18.0765 0120 nv - detected UnsignedFile.Multi.Generic (1)

23:26:18.0812 0120 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\windows\system32\DRIVERS\nwlnkflt.sys

23:26:18.0921 0120 NwlnkFlt - ok

23:26:18.0937 0120 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\windows\system32\DRIVERS\nwlnkfwd.sys

23:26:19.0046 0120 NwlnkFwd - ok

23:26:19.0046 0120 oalcejkh - ok

23:26:19.0078 0120 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\windows\system32\DRIVERS\ohci1394.sys

23:26:19.0171 0120 ohci1394 - ok

23:26:19.0218 0120 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\windows\system32\drivers\Parport.sys

23:26:19.0312 0120 Parport - ok

23:26:19.0328 0120 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\windows\system32\drivers\PartMgr.sys

23:26:19.0437 0120 PartMgr - ok

23:26:19.0468 0120 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\windows\system32\drivers\ParVdm.sys

23:26:19.0578 0120 ParVdm - ok

23:26:19.0625 0120 pavboot (55d654258a9c509b671310c314bd30b4) C:\windows\system32\Drivers\pavboot.sys

23:26:19.0640 0120 pavboot - ok

23:26:19.0671 0120 PavProc (018f51f5757819fcd9f32162c9808565) C:\windows\system32\DRIVERS\PavProc.sys

23:26:19.0687 0120 PavProc - ok

23:26:19.0703 0120 PavSRK.sys - ok

23:26:19.0718 0120 PavTPK.sys - ok

23:26:19.0750 0120 PCI (a219903ccf74233761d92bef471a07b1) C:\windows\system32\DRIVERS\pci.sys

23:26:19.0843 0120 PCI - ok

23:26:19.0859 0120 PCIDump - ok

23:26:19.0875 0120 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\windows\system32\DRIVERS\pciide.sys

23:26:19.0984 0120 PCIIde - ok

23:26:19.0984 0120 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\windows\system32\drivers\Pcmcia.sys

23:26:20.0093 0120 Pcmcia - ok

23:26:20.0093 0120 PDCOMP - ok

23:26:20.0109 0120 PDFRAME - ok

23:26:20.0125 0120 PdiPorts (089ca80ce0766b031164714b51df99bb) C:\windows\system32\Drivers\PdiPorts.sys

23:26:20.0140 0120 PdiPorts - ok

23:26:20.0156 0120 PDRELI - ok

23:26:20.0171 0120 PDRFRAME - ok

23:26:20.0171 0120 perc2 - ok

23:26:20.0187 0120 perc2hib - ok

23:26:20.0234 0120 Pivot (ec4f52692b5cf116ca6b0428d84a9aba) C:\windows\system32\drivers\pivot.sys

23:26:20.0250 0120 Pivot ( UnsignedFile.Multi.Generic ) - warning

23:26:20.0250 0120 Pivot - detected UnsignedFile.Multi.Generic (1)

23:26:20.0281 0120 pivotmou (7d72ac1abda06ff42fd57345d0d75523) C:\windows\System32\drivers\pivotmou.sys

23:26:20.0281 0120 pivotmou ( UnsignedFile.Multi.Generic ) - warning

23:26:20.0281 0120 pivotmou - detected UnsignedFile.Multi.Generic (1)

23:26:20.0343 0120 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\windows\system32\DRIVERS\raspptp.sys

23:26:20.0437 0120 PptpMiniport - ok

23:26:20.0453 0120 PSched (09298ec810b07e5d582cb3a3f9255424) C:\windows\system32\DRIVERS\psched.sys

23:26:20.0562 0120 PSched - ok

23:26:20.0578 0120 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\windows\system32\DRIVERS\ptilink.sys

23:26:20.0687 0120 Ptilink - ok

23:26:20.0718 0120 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\windows\system32\Drivers\PxHelp20.sys

23:26:20.0734 0120 PxHelp20 - ok

23:26:20.0750 0120 ql1080 - ok

23:26:20.0750 0120 Ql10wnt - ok

23:26:20.0765 0120 ql12160 - ok

23:26:20.0781 0120 ql1240 - ok

23:26:20.0781 0120 ql1280 - ok

23:26:20.0796 0120 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\windows\system32\DRIVERS\rasacd.sys

23:26:20.0906 0120 RasAcd - ok

23:26:20.0937 0120 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\windows\system32\DRIVERS\rasl2tp.sys

23:26:21.0031 0120 Rasl2tp - ok

23:26:21.0046 0120 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\windows\system32\DRIVERS\raspppoe.sys

23:26:21.0156 0120 RasPppoe - ok

23:26:21.0171 0120 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\windows\system32\DRIVERS\raspti.sys

23:26:21.0265 0120 Raspti - ok

23:26:21.0281 0120 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\windows\system32\DRIVERS\rdbss.sys

23:26:21.0390 0120 Rdbss - ok

23:26:21.0390 0120 RDPCDD (4912d5b403614ce99c28420f75353332) C:\windows\system32\DRIVERS\RDPCDD.sys

23:26:21.0500 0120 RDPCDD - ok

23:26:21.0531 0120 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\windows\system32\DRIVERS\rdpdr.sys

23:26:21.0625 0120 rdpdr - ok

23:26:21.0671 0120 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\windows\system32\drivers\RDPWD.sys

23:26:21.0687 0120 RDPWD - ok

23:26:21.0718 0120 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\windows\system32\DRIVERS\redbook.sys

23:26:21.0828 0120 redbook - ok

23:26:21.0890 0120 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\DRIVERS\secdrv.sys

23:26:21.0937 0120 Secdrv - ok

23:26:21.0984 0120 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\windows\system32\DRIVERS\serenum.sys

23:26:22.0078 0120 serenum - ok

23:26:22.0109 0120 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\windows\system32\DRIVERS\serial.sys

23:26:22.0218 0120 Serial - ok

23:26:22.0234 0120 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\windows\system32\drivers\Sfloppy.sys

23:26:22.0343 0120 Sfloppy - ok

23:26:22.0375 0120 sfng32 (76bd55922b3179fa7b5bd528839e6fb4) C:\windows\system32\drivers\sfng32.sys

23:26:22.0390 0120 sfng32 - ok

23:26:22.0453 0120 ShldDrv (a2f0bf07cac43a11555c173f7b1ad28a) C:\windows\system32\DRIVERS\ShlDrv51.sys

23:26:22.0468 0120 ShldDrv - ok

23:26:22.0468 0120 Simbad - ok

23:26:22.0546 0120 SONYPVU1 (a1eceeaa5c5e74b2499eb51d38185b84) C:\windows\system32\DRIVERS\SONYPVU1.SYS

23:26:22.0656 0120 SONYPVU1 - ok

23:26:22.0656 0120 Sparrow - ok

23:26:22.0687 0120 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\windows\system32\drivers\splitter.sys

23:26:22.0781 0120 splitter - ok

23:26:22.0828 0120 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\windows\system32\DRIVERS\sr.sys

23:26:22.0875 0120 sr - ok

23:26:22.0906 0120 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\windows\system32\DRIVERS\srv.sys

23:26:22.0937 0120 Srv - ok

23:26:22.0984 0120 STHDA (527fd7d6919734c2a61c8aa3d5740e61) C:\windows\system32\drivers\sthda.sys

23:26:23.0031 0120 STHDA - ok

23:26:23.0062 0120 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\windows\system32\DRIVERS\swenum.sys

23:26:23.0171 0120 swenum - ok

23:26:23.0187 0120 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\windows\system32\drivers\swmidi.sys

23:26:23.0281 0120 swmidi - ok

23:26:23.0296 0120 symc810 - ok

23:26:23.0312 0120 symc8xx - ok

23:26:23.0312 0120 sym_hi - ok

23:26:23.0328 0120 sym_u3 - ok

23:26:23.0359 0120 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\windows\system32\drivers\sysaudio.sys

23:26:23.0468 0120 sysaudio - ok

23:26:23.0546 0120 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\windows\system32\DRIVERS\tcpip.sys

23:26:23.0562 0120 Tcpip - ok

23:26:23.0593 0120 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\windows\system32\drivers\TDPIPE.sys

23:26:23.0687 0120 TDPIPE - ok

23:26:23.0703 0120 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\windows\system32\drivers\TDTCP.sys

23:26:23.0796 0120 TDTCP - ok

23:26:23.0812 0120 TermDD (88155247177638048422893737429d9e) C:\windows\system32\DRIVERS\termdd.sys

23:26:23.0921 0120 TermDD - ok

23:26:23.0937 0120 TosIde - ok

23:26:23.0968 0120 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\windows\system32\drivers\Udfs.sys

23:26:24.0078 0120 Udfs - ok

23:26:24.0078 0120 ultra - ok

23:26:24.0109 0120 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\windows\system32\DRIVERS\update.sys

23:26:24.0218 0120 Update - ok

23:26:24.0265 0120 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\windows\system32\Drivers\usbaapl.sys

23:26:24.0296 0120 USBAAPL - ok

23:26:24.0328 0120 usbaudio (e919708db44ed8543a7c017953148330) C:\windows\system32\drivers\usbaudio.sys

23:26:24.0437 0120 usbaudio - ok

23:26:24.0468 0120 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\windows\system32\DRIVERS\usbccgp.sys

23:26:24.0562 0120 usbccgp - ok

23:26:24.0578 0120 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\windows\system32\DRIVERS\usbehci.sys

23:26:24.0687 0120 usbehci - ok

23:26:24.0703 0120 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\windows\system32\DRIVERS\usbhub.sys

23:26:24.0796 0120 usbhub - ok

23:26:24.0843 0120 usbprint (a717c8721046828520c9edf31288fc00) C:\windows\system32\DRIVERS\usbprint.sys

23:26:24.0953 0120 usbprint - ok

23:26:25.0015 0120 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\windows\system32\DRIVERS\usbscan.sys

23:26:25.0109 0120 usbscan - ok

23:26:25.0140 0120 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\windows\system32\DRIVERS\USBSTOR.SYS

23:26:25.0250 0120 USBSTOR - ok

23:26:25.0265 0120 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\windows\system32\DRIVERS\usbuhci.sys

23:26:25.0375 0120 usbuhci - ok

23:26:25.0390 0120 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\windows\System32\drivers\vga.sys

23:26:25.0484 0120 VgaSave - ok

23:26:25.0484 0120 ViaIde - ok

23:26:25.0531 0120 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\windows\system32\drivers\VolSnap.sys

23:26:25.0625 0120 VolSnap - ok

23:26:25.0687 0120 wacmoumonitor (8724531219ae3f9e3729012b61dce527) C:\windows\system32\DRIVERS\wacmoumonitor.sys

23:26:25.0703 0120 wacmoumonitor - ok

23:26:25.0718 0120 wacommousefilter (427a8bc96f16c40df81c2d2f4edd32dd) C:\windows\system32\DRIVERS\wacommousefilter.sys

23:26:25.0734 0120 wacommousefilter - ok

23:26:25.0781 0120 wacomvhid (51d580f30d1a1f2ea4965af6abc2bcb2) C:\windows\system32\DRIVERS\wacomvhid.sys

23:26:25.0796 0120 wacomvhid - ok

23:26:25.0812 0120 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\windows\system32\DRIVERS\wanarp.sys

23:26:25.0906 0120 Wanarp - ok

23:26:25.0968 0120 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\windows\system32\DRIVERS\Wdf01000.sys

23:26:26.0000 0120 Wdf01000 - ok

23:26:26.0000 0120 WDICA - ok

23:26:26.0031 0120 wdmaud (6768acf64b18196494413695f0c3a00f) C:\windows\system32\drivers\wdmaud.sys

23:26:26.0140 0120 wdmaud - ok

23:26:26.0203 0120 winusb (fd600b032e741eb6aab509fc630f7c42) C:\windows\system32\DRIVERS\WinUSB.SYS

23:26:26.0234 0120 winusb - ok

23:26:26.0281 0120 WNMFLT (0411d0433e8c48ad24b2ef32d7c97ae0) C:\windows\system32\Drivers\WNMFLT.SYS

23:26:26.0296 0120 WNMFLT - ok

23:26:26.0328 0120 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\windows\system32\DRIVERS\wpdusb.sys

23:26:26.0343 0120 WpdUsb - ok

23:26:26.0406 0120 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\windows\System32\drivers\ws2ifsl.sys

23:26:26.0500 0120 WS2IFSL - ok

23:26:26.0546 0120 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\windows\system32\DRIVERS\WudfPf.sys

23:26:26.0562 0120 WudfPf - ok

23:26:26.0578 0120 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\windows\system32\DRIVERS\wudfrd.sys

23:26:26.0593 0120 WudfRd - ok

23:26:26.0625 0120 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

23:26:26.0812 0120 \Device\Harddisk0\DR0 - ok

23:26:26.0812 0120 Boot (0x1200) (4ea46c89eca9be0fe407fa0809557ca0) \Device\Harddisk0\DR0\Partition0

23:26:26.0812 0120 \Device\Harddisk0\DR0\Partition0 - ok

23:26:26.0812 0120 ============================================================

23:26:26.0812 0120 Scan finished

23:26:26.0812 0120 ============================================================

23:26:26.0828 1916 Detected object count: 3

23:26:26.0828 1916 Actual detected object count: 3

23:26:41.0296 1916 HKLM\SYSTEM\ControlSet001\services\nv - will be deleted on reboot

23:26:41.0296 1916 HKLM\SYSTEM\ControlSet002\services\nv - will be deleted on reboot

23:26:41.0296 1916 HKLM\SYSTEM\ControlSet004\services\nv - will be deleted on reboot

23:26:41.0312 1916 C:\windows\system32\DRIVERS\nv4_mini.sys - will be deleted on reboot

23:26:41.0312 1916 nv ( UnsignedFile.Multi.Generic ) - User select action: Delete

23:26:41.0328 1916 HKLM\SYSTEM\ControlSet002\services\Pivot - will be deleted on reboot

23:26:41.0328 1916 HKLM\SYSTEM\ControlSet004\services\Pivot - will be deleted on reboot

23:26:41.0328 1916 C:\windows\system32\drivers\pivot.sys - will be deleted on reboot

23:26:41.0328 1916 Pivot ( UnsignedFile.Multi.Generic ) - User select action: Delete

23:26:41.0328 1916 HKLM\SYSTEM\ControlSet002\services\pivotmou - will be deleted on reboot

23:26:41.0328 1916 HKLM\SYSTEM\ControlSet004\services\pivotmou - will be deleted on reboot

23:26:41.0328 1916 C:\windows\System32\drivers\pivotmou.sys - will be deleted on reboot

23:26:41.0328 1916 pivotmou ( UnsignedFile.Multi.Generic ) - User select action: Delete

23:26:47.0421 5296 Deinitialize success

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22

Run by Library #3 at 23:45:58 on 2011-11-18

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3323.2397 [GMT -7:00]

.

AV: Panda Global Protection 2011 *Enabled/Updated* {8BF935E7-731F-4115-B7A5-789FF5087595}

FW: Panda Personal Firewall 2011 *Enabled*

.

============== Running Processes ===============

.

C:\windows\system32\svchost -k DcomLaunch

svchost.exe

C:\windows\system32\svchost.exe -k netsvcs

C:\Program Files\Panda Security\Panda Global Protection 2011\TPSrv.exe

C:\Program Files\WTouch\WTouchService.exe

C:\windows\system32\svchost.exe -k WudfServiceGroup

C:\PROGRAM FILES\PANDA SECURITY\PANDA GLOBAL PROTECTION 2011\WebProxy.exe

svchost.exe

svchost.exe

C:\windows\system32\spoolsv.exe

C:\windows\system32\rundll32.exe

svchost.exe

C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\Portrait Displays\Shared\dtsrvc.exe

C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50ST7.EXE

C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RP7.EXE

C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Panda Security\Panda Global Protection 2011\PsCtrls.exe

C:\Program Files\Panda Security\Panda Global Protection 2011\PavFnSvr.exe

C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe

C:\Program Files\Common Files\Portrait Displays\Drivers\pdisrvc.exe

C:\WINDOWS\system32\HPZipm12.exe

c:\program files\panda security\panda global protection 2011\firewall\PSHOST.EXE

C:\Program Files\Panda Security\Panda Global Protection 2011\PsImSvc.exe

C:\Program Files\Panda Security\Panda Global Protection 2011\PskSvc.exe

C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe

C:\windows\system32\svchost.exe -k imgsvc

C:\windows\system32\Pen_Tablet.exe

C:\Program Files\Panda Security\Panda Global Protection 2011\pavsrvx86.exe

C:\Program Files\Panda Security\Panda Global Protection 2011\AVENGINE.EXE

C:\Program Files\WTouch\WTouchUser.exe

C:\windows\Explorer.EXE

C:\windows\system32\WTablet\Pen_TabletUser.exe

C:\windows\system32\Pen_Tablet.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Napster\napster.exe

C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe

C:\Program Files\Epson Software\Event Manager\EEventManager.exe

C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe

C:\Program Files\Panda Security\Panda Global Protection 2011\APVXDWIN.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Nuance\PDF Professional 7\pdfpro7hook.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\windows\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\LTCM Client\ltcmScheduler.exe

C:\Program Files\Acer Display\eDisplay Management\DTHtml.exe

C:\Program Files\Audible\Bin\AudibleDownloadHelper.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\WinZip\WZQKPICK32.EXE

C:\Program Files\iTunes\iTunes.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Portrait Displays\Pivot Pro Plugin\wpctrl.exe

C:\Program Files\Common Files\Portrait Displays\Shared\HookManager.exe

C:\Program Files\Portrait Displays\Pivot Pro Plugin\floater.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe

C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe

C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\ATH.exe

C:\Program Files\Panda Security\Panda Global Protection 2011\SRVLOAD.EXE

C:\Program Files\Panda Security\Panda Global Protection 2011\PavBckPT.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uDefault_Search_URL = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = *.local

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: PlusIEEventHelper Class: {551a852f-39a6-44a7-9c13-afbec9185a9d} - c:\program files\nuance\pdf professional 7\bin\PlusIEContextMenu.dll

BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - No File

BHO: ZeonIEEventHelper Class: {da986d7d-ccaf-47b2-84fe-bfa1549bebf9} - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: Nuance PDF: {e3286bf1-e654-42ff-b4a6-5e111731df6b} - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll

TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [Radio365Agent]

uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe

uRun: [sansaDispatch] c:\documents and settings\library #3\application data\sandisk\sansa updater\SansaDispatch.exe

uRun: [ltcmScheduler] c:\program files\ltcm client\ltcmScheduler.exe

uRun: [EPSON Artisan 830 Series (Copy 1)] c:\windows\system32\spool\drivers\w32x86\3\e_fatigxa.exe /fu "c:\windows\temp\E_S169.tmp" /EF "HKCU"

uRun: [iSUSPM] "c:\documents and settings\all users\application data\flexnet\connect\11\ISUSPM.exe" -scheduler

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [nwiz] nwiz.exe /install

mRun: [WinSys2] c:\windows\system32\winsys2.exe

mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"

mRun: [NapsterShell] c:\program files\napster\napster.exe /systray

mRun: [HP Software Update] c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe

mRun: [RestartNeroSetup] "c:\docume~1\librar~1\locals~1\temp\nero web\SetupXu.exe" MODE="update" STARTMODE="2" USERSEL="3" FAMILYNAME="Nero 7" RUNSETUPXU="1" UPGRADE="1"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin

mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe

mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"

mRun: [FUFAXSTM] "c:\program files\epson software\fax utility\FUFAXSTM.exe"

mRun: [LTCM Client] c:\program files\ltcm client\ltcmClient.exe /startup

mRun: [APVXDWIN] "c:\program files\panda security\panda global protection 2011\APVXDWIN.EXE" /s

mRun: [sCANINICIO] "c:\program files\panda security\panda global protection 2011\Inicio.exe"

mRun: [PivotSoftware] "c:\program files\portrait displays\pivot pro plugin\Pivot_startup.exe" -delay=10

mRun: [DT ACR] c:\program files\common files\portrait displays\shared\DT_startup.exe -ACR

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [PDFHook] c:\program files\nuance\pdf professional 7\pdfpro7hook.exe

mRun: [PDF7 Registry Controller] c:\program files\nuance\pdf professional 7\RegistryController.exe

mRun: [<NO NAME>]

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

StartupFolder: c:\docume~1\librar~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\audibl~1.lnk - c:\program files\audible\bin\AudibleDownloadHelper.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK32.EXE

IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Append the content of the link to existing PDF file - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML

IE: Append the content of the selected links to existing PDF file - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTML

IE: Append to existing PDF file - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIEAppend.HTML

IE: Create PDF file - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML

IE: Create PDF file from the content of the link - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIECapture.HTML

IE: Create PDF files from the selected links - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTML

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: Open with Nuance PDF Converter 7.0 - c:\program files\nuance\pdf professional 7\cnvres_eng.dll /100

IE: Open with PDF Professional 7 - c:\program files\nuance\pdf professional 7\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll

TCP: DhcpNameServer = 65.39.96.30 204.117.214.10

TCP: Interfaces\{AA0EB8CA-5825-471C-98C8-12AEAD3DB0D2} : NameServer = 204.117.214.10,65.39.96.30

TCP: Interfaces\{AA0EB8CA-5825-471C-98C8-12AEAD3DB0D2} : DhcpNameServer = 65.39.96.30 204.117.214.10

Notify: avldr - avldr.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\library #3\application data\mozilla\firefox\profiles\n7a1d4mv.default\

FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxps://www.google.com

FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=

FF - plugin: c:\documents and settings\library #3\application data\facebook\npfbplugin_1_0_3.dll

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll

FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\microsoft silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npstrlnk.dll

FF - plugin: c:\program files\nuance\pdf professional 7\bin\nppdf.dll

FF - plugin: c:\program files\nuance\pdf professional 7\bin\nppdf.dll

FF - plugin: c:\program files\tabletplugins\npwacom.dll

.

---- FIREFOX POLICIES ----

FF - user.js: yahoo.homepage.dontask - true

FF - user.js: browser.sessionstore.resume_from_crash - false

.

============= SERVICES / DRIVERS ===============

.

R0 pavboot;Panda boot driver;c:\windows\system32\drivers\pavboot.sys [2011-2-15 26696]

R1 APPFLT;App Filter Plugin;c:\windows\system32\drivers\APPFLT.SYS [2011-2-15 76296]

R1 DSAFLT;DSA Filter Plugin;c:\windows\system32\drivers\dsaflt.sys [2011-2-15 53256]

R1 FNETMON;NetMon Filter Plugin;c:\windows\system32\drivers\fnetmon.sys [2011-2-15 22024]

R1 IDSFLT;Ids Filter Plugin;c:\windows\system32\drivers\idsflt.sys [2011-2-15 193800]

R1 NETFLTDI;Panda Net Driver [TDI Layer];c:\windows\system32\drivers\NETFLTDI.SYS [2011-2-15 159112]

R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\drivers\ShlDrv51.sys [2011-2-15 37896]

R1 WNMFLT;Wifi Monitor Filter Plugin;c:\windows\system32\drivers\wnmflt.sys [2011-2-15 46856]

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]

R2 AmFSM;AmFSM;c:\windows\system32\drivers\amm8651.sys [2011-2-15 59080]

R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50ST7.EXE [2010-11-15 153600]

R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);c:\program files\common files\epson\epw!3 ssrp\E_S50RP7.EXE [2010-11-15 121856]

R2 ioloSystemService;iolo System Service;c:\program files\iolo\common\lib\ioloServiceManager.exe [2010-11-26 722616]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-11-6 366152]

R2 Panda Software Controller;Panda Software Controller;c:\program files\panda security\panda global protection 2011\PsCtrlS.exe [2011-2-15 173312]

R2 PAVFNSVR;Panda Function Service;c:\program files\panda security\panda global protection 2011\PavFnSvr.exe [2011-2-15 202048]

R2 PavProc;Panda Process Protection Driver;c:\windows\system32\drivers\PavProc.sys [2011-2-15 163336]

R2 PavPrSrv;Panda Process Protection Service;c:\program files\common files\panda security\pavshld\PavPrSrv.exe [2011-2-15 62768]

R2 PAVSRV;Panda On-Access Anti-Malware Service;c:\program files\panda security\panda global protection 2011\pavsrvx86.exe [2011-2-15 314176]

R2 PdiService;Portrait Displays SDK Service;c:\program files\common files\portrait displays\drivers\pdisrvc.exe [2011-5-7 109168]

R2 PskSvcRetail;Panda PSK service;c:\program files\panda security\panda global protection 2011\psksvc.exe [2011-2-15 28992]

R2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2010-12-26 4497704]

R2 WTouchService;WTouch Service;c:\program files\wtouch\WTouchService.exe [2010-12-26 113448]

R3 AvFlt;Antivirus Filter Driver;c:\windows\system32\drivers\av5flt.sys --> c:\windows\system32\drivers\av5flt.sys [?]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-11-6 22216]

R3 NETIMFLT01060042;PANDA NDIS IM Filter Miniport v1.6.0.42;c:\windows\system32\drivers\neti1642.sys [2011-2-15 199688]

R3 PavSRK.sys;PavSRK.sys;\??\c:\windows\system32\pavsrk.sys --> c:\windows\system32\PavSRK.sys [?]

R3 PavTPK.sys;PavTPK.sys;\??\c:\windows\system32\pavtpk.sys --> c:\windows\system32\PavTPK.sys [?]

S0 oalcejkh;oalcejkh;c:\windows\system32\drivers\xhntdw.sys --> c:\windows\system32\drivers\xhntdw.sys [?]

S2 gupdate1c9fce3ebe73546;Google Update Service (gupdate1c9fce3ebe73546);c:\program files\google\update\GoogleUpdate.exe [2009-7-4 133104]

S3 cpuz132;cpuz132;\??\c:\docume~1\librar~1\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\librar~1\locals~1\temp\cpuz132\cpuz132_x32.sys [?]

S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-7-4 133104]

S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 wacmoumonitor;Wacom Mode Helper;c:\windows\system32\drivers\wacmoumonitor.sys [2010-12-26 16168]

S4 PDFProFiltSrv;PDFProFiltSrv;c:\program files\nuance\pdf professional 7\PDFProFiltSrv.exe [2010-10-16 134944]

.

=============== File Associations ===============

.

JSEFile=NOTEPAD.EXE %1

VBEFile=NOTEPAD.EXE %1

VBSFile=NOTEPAD.EXE %1

.

=============== Created Last 30 ================

.

2011-11-08 01:45:21 -------- d-----w- c:\documents and settings\library #3\local settings\application data\WinZip

2011-11-06 21:03:08 -------- d-----w- c:\documents and settings\library #3\application data\Malwarebytes

2011-11-06 21:03:02 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2011-11-06 21:02:59 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-11-06 21:02:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-11-06 04:33:42 53184 ----a-w- c:\windows\system32\drivers\ftdibus.sys

2011-11-06 04:33:42 202048 ----a-w- c:\windows\system32\ftd2xx.dll

2011-11-06 04:33:42 111936 ----a-w- c:\windows\system32\ftbusui.dll

2011-11-06 04:29:51 -------- d-----w- c:\program files\Pazzles

2011-11-02 17:55:34 -------- d-----w- c:\program files\Bonjour

2011-10-31 06:02:06 74240 --sha-r- c:\windows\system32\lsassi.dll

2011-10-30 22:35:50 -------- d-----w- c:\program files\Silhouette Studio

2011-10-24 20:29:02 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2011-10-24 20:29:02 69632 ----a-w- c:\windows\system32\QuickTime.qts

2011-10-23 19:29:37 -------- d-----w- c:\documents and settings\library #3\application data\FLEXnet

2011-10-23 19:29:34 -------- d-----w- c:\documents and settings\library #3\application data\Nuance

.

==================== Find3M ====================

.

2011-11-14 19:01:51 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-10 14:22:41 692736 ----a-w- c:\windows\system32\inetcomm.dll

2011-09-28 07:06:50 599040 ----a-w- c:\windows\system32\crypt32.dll

2011-09-26 17:41:20 611328 ----a-w- c:\windows\system32\uiautomationcore.dll

2011-09-26 17:41:20 220160 ----a-w- c:\windows\system32\oleacc.dll

2011-09-26 17:41:14 20480 ----a-w- c:\windows\system32\oleaccrc.dll

2011-09-06 13:20:51 1858944 ----a-w- c:\windows\system32\win32k.sys

2011-08-31 05:05:04 83816 ----a-w- c:\windows\system32\dns-sd.exe

2011-08-31 05:05:04 73064 ----a-w- c:\windows\system32\dnssd.dll

2011-08-22 23:48:55 916480 ----a-w- c:\windows\system32\wininet.dll

2011-08-22 23:48:54 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-08-22 23:48:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2011-08-22 11:56:39 385024 ----a-w- c:\windows\system32\html.iec

2008-07-10 02:41:16 62841 ----a-w- c:\program files\Uninstall.exe

2008-05-09 20:37:54 85648 ----a-w- c:\program files\NapsterHelper.exe

2008-05-09 20:37:54 77456 ----a-w- c:\program files\NapsterRegReader.dll

2008-05-09 20:37:54 239760 ----a-w- c:\program files\xdetect.ocx

2008-05-09 20:37:54 169616 ----a-w- c:\program files\SNAPDRM.exe

2008-05-09 20:37:52 401040 ----a-w- c:\program files\DALI.dll

2008-05-09 20:37:52 3383952 ----a-w- c:\program files\NapsterUI.dll

2008-05-09 20:37:52 323216 ----a-w- c:\program files\napster.exe

2008-05-09 20:37:50 675472 ----a-w- c:\program files\NapsterResource.dll

2007-06-23 21:42:56 864256 ----a-w- c:\program files\Data Doctor Recovery - Pen Drive.exe

2007-06-23 21:42:56 53248 ----a-w- c:\program files\DataDoctor-HDD.exe

2007-06-23 21:42:56 106547 ----a-w- c:\program files\DataDoctor.dll

2007-03-12 20:31:52 674138 ----a-w- c:\program files\unins000.exe

2007-01-09 01:48:22 202240 ----a-w- c:\program files\lame.exe

2006-07-08 03:44:56 614400 ----a-w- c:\program files\GrafikRW.dll

2006-07-08 03:44:56 1681408 ----a-w- c:\program files\Poster4.exe

2006-07-01 05:44:15 625309 ----a-w- c:\program files\abreathing2006b.exe

2006-07-01 05:44:14 1169884 ----a-w- c:\program files\posterfull.exe

2005-11-23 01:43:54 32768 ----a-w- c:\program files\NMSubscriptionStub.dll

2005-11-14 20:53:08 5255168 ----a-w- c:\program files\audacity.exe

2004-08-13 02:07:50 4247552 ----a-w- c:\program files\DirectFTP.exe

2004-02-26 18:02:46 372736 ----a-w- c:\program files\puttytel.exe

.

============= FINISH: 23:47:16.35 ===============

Link to post
Share on other sites

I hope I haven't screwed things up worse!

No, this is another good decision. :)

I always get redirected to Find-answers fast. Also, after doing all the stuff you suggested I'm still getting hijacked, dang!

Sorry about that, but I think we have some progress.

Now follow the instructions here:

www.bleepingcomputer.com/combofix/how-to-use-combofix#use

Post the results in your next reply.

Link to post
Share on other sites

  • 3 weeks later...
  • 2 weeks later...
  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.