Inactive Browser popups, multple iexplorer.exe processes per tab/window, and google redirect

Status
Not open for further replies.
L

lemmy law

- I initially had antivirus2010 virus but cleaned it up with MalwareBytes' anti-malware
- My browser is constantly popping up or redirecting the current window and I have noticed multiple iexplorer.exe processes, up to 2-3 per tab/window
- Additionally I have discovered that my search engines (not just google) get redirected to all kinds of sites, from porn to bogus antispyware/antivirus software sites.

I attached my HJS log and can run other scans if needed as well.

Thanks for any and all help you can give.
 

Attachments

  • hijackthis.log
    17.2 KB · Views: 1
OK so started the 8 step process so here is what I have so far.

- Ran my AVG scan and got nothing
- Ran TFC and rebooted
- Ran Malwarebytes' Anti-Malware again and here is the log:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5157

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11/20/2010 4:56:18 PM
mbam-log-2010-11-20 (16-56-18).txt

Scan type: Quick scan
Objects scanned: 190325
Time elapsed: 8 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

*******************************************
Will run GMER next and post in reply
 
Unable to run GMER even in safe mode so went on to DDS and here is the attach.txt:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-10.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 2/14/2006 11:45:24 PM
System Uptime: 11/20/2010 5:26:32 PM (0 hours ago)

Motherboard: Dell Inc. | | 0YC523
Processor: Intel(R) Pentium(R) D CPU 3.00GHz | Microprocessor | 2992/800mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 99 GiB total, 26.829 GiB free.
D: is CDROM (CDFS)
E: is CDROM ()
F: is FIXED (NTFS) - 45 GiB total, 30.336 GiB free.

==== Disabled Device Manager Items =============

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: VMware Virtual Ethernet Adapter for VMnet1
Device ID: ROOT\VMWARE\0000
Manufacturer: VMware, Inc.
Name: VMware Virtual Ethernet Adapter for VMnet1
PNP Device ID: ROOT\VMWARE\0000
Service: VMnetAdapter

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: VMware Virtual Ethernet Adapter for VMnet8
Device ID: ROOT\VMWARE\0001
Manufacturer: VMware, Inc.
Name: VMware Virtual Ethernet Adapter for VMnet8
PNP Device ID: ROOT\VMWARE\0001
Service: VMnetAdapter

==== System Restore Points ===================

RP1742: 11/16/2010 9:02:40 PM - System Checkpoint
RP1743: 11/17/2010 9:48:08 PM - System Checkpoint
RP1744: 11/18/2010 10:29:51 PM - System Checkpoint
RP1745: 11/19/2010 6:04:09 AM - Spyware Terminator - restore point
RP1746: 11/19/2010 6:55:08 PM - Restore Operation
RP1747: 11/20/2010 9:56:53 AM - Restore Operation

==== Installed Programs ======================


3DVIA player 4.1
ActivClient 6.1 x86
ActivIdentity Device Installer
Ad-Aware
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.1.0
Adobe Shockwave Player 11
AiO_Scan_CDA
AiOSoftwareNPI
Andrea VoiceCenter
APC PowerChute Personal Edition
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression
AutoUpdate
Avatar Bobble Battles
AVG Free 9.0
Banctec Service Agreement
BlackBerry Desktop Software 4.2
Bonjour
BufferChm
BulletProof FTP Server (remove only)
C5100
c5100_Help
CardRd81
CCScore
Comcast High-Speed Internet Install Wizard
Compatibility Pack for the 2007 Office system
CP_CalendarTemplates1
cp_OnlineProjectsConfig
CP_Package_Basic1
CP_Panorama1Config
cp_PosterPrintConfig
CR2
Creative MediaSource
Critical Update for Windows Media Player 11 (KB959772)
Cucusoft Ultimate DVD + Video Converter Suite 7.15.7.8
CueTour
CustomerResearchQFolder
CuteFTP 7 Professional
Daimonin Client 0.967
Dell Digital Jukebox Driver
Dell Driver Download Manager
Dell Driver Reset Tool
Dell System Restore
DellSupport
Destinations
Device Installer x86
DeviceManagementQFolder
Digital Content Portal
DirectX Media Runtime 5.1
DiscAPI (Studio 10)
DivX
DocProc
DocProcQFolder
DocumentViewer
DocumentViewerQFolder
DVD Decrypter (Remove Only)
DVD Shrink 3.2
ELIcon
ESSBrwr
ESSCDBK
ESScore
ESSCT
ESSEMAIL
ESSgui
ESShelp
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
ESSTUTOR
essvcpt
ESSvpaht
ESSvpot
eSupportQFolder
Ethereal 0.99.0
EZLive Monitor 2.0
EZMedia Box 2.0
EZVideo Mail
Fax_CDA
Free Realms
FullDPAppQFolder
Garmin City Navigator North America NT 2009 Update
Garmin WebUpdater
Google AFE
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
High Definition Audio Driver Package - KB835221
HLPIndex
HLPPDOCK
HLPSFO
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Format 11 SDK (KB973442)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Customer Participation Program 7.0
HP Document Viewer 7.0
HP Imaging Device Functions 7.0
HP Photosmart Premier Software 6.5
HP Photosmart, Officejet and Deskjet 7.0.A
HP Solution Center 7.0
HP Update
HPPhotoSmartExpress
HPProductAssistant
InstantShareDevices
InstantShareDevicesMFC
Intel Matrix Storage Manager
Intel(R) 537EP V9x DF PCI Modem
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet for Wired Connections
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2_03
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 22
Java(TM) SE Runtime Environment 6 Update 1
Kodak EasyShare software
KSU
Macromedia Flash Player
Malwarebytes' Anti-Malware
MarketResearch
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Default Manager
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office FrontPage 2003
Microsoft Office Professional Edition 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.9
Microsoft Visual C++ 2005 Redistributable
Microsoft Windows Media Video 9 VCM
Microsoft WinUsb 1.0
Mixer
MobileMe Control Panel
Modem Event Monitor
Move Media Player
Mozilla Firefox (3.0.11)
MSN Toolbar
MSN Toolbar Platform
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MyDVD
NavFit98A
Nero 6 Ultra Edition
NewCopy_CDA
Notifier
NVIDIA Drivers
NVIDIA nView Desktop Manager
OCR Software by I.R.I.S 7.0
OfotoXMI
ooVoo
OTOY
OTtBP
OTtBPSDK
PanoStandAlone
PartitionMagic
PC CameraQ
PhotoGallery
Pinnacle Instant DVD Recorder
PowerDVD 5.5
PowerQuest PartitionMagic 8.0
ProductContextNPI
QuickTime
RandMap
RAPID (Studio 10)
Reader Rabbit's Interactive Reading Journey for Grades K-1
Readme
RealPlayer
RollerCoaster Tycoon
Safari
Scan
ScannerCopy
ScanToWeb
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
SFR
SHASTA
SKIN0001
SkinsHP1
SKINXSDK
SlideShow
SmartSound Quicktracks Plugin
SolutionCenter
Sonic Advanced Decoder
Sonic DLA
Sonic Encoders
Sonic MyDVD LE
Sonic RecordNow
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Sound Blaster Audigy ADVANCED MB
Sound Blaster Audigy ADVANCED MB Demo
Sound Blaster Audigy ADVANCED MB Product Registration
Status
Studio 10
System Requirements Lab
Time to Play (TM) Pet Shop
Toolbox
TrayApp
Type to Learn
U.B. Funkeys
Unity Web Player
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
USB 2.0 Wireless LAN Card Utility
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VMware Workstation
VPRINTOL
WebCyberCoach 3.2 Dell
WebFldrs XP
WebReg
WildTangent Web Driver
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live ID Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows Mobile Device Updater Component
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinPcap 3.1
WinRAR archiver
WinZip
WIRELESS
Wizard101
Yahoo! BrowserPlus 2.9.8
Zoo Vet
Zune
Zune Language Pack (DEU)
Zune Language Pack (ESP)
Zune Language Pack (FRA)
Zune Language Pack (ITA)
Zune Language Pack (NLD)
Zune Language Pack (PTB)
Zune Language Pack (PTG)

==== Event Viewer Messages From Past Week ========

11/20/2010 9:15:21 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv

with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
11/20/2010 9:09:53 AM, error: Service Control Manager [7034] - The TCP/IP NetBIOS Helper service terminated

unexpectedly. It has done this 1 time(s).
11/20/2010 7:50:40 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service StiSvc

with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11/20/2010 4:15:36 PM, error: Service Control Manager [7034] - The VMware NAT Service service terminated

unexpectedly. It has done this 1 time(s).
11/20/2010 4:15:36 PM, error: Service Control Manager [7034] - The VMware DHCP Service service terminated

unexpectedly. It has done this 1 time(s).
11/20/2010 4:15:36 PM, error: Service Control Manager [7034] - The VMware Authorization Service service

terminated unexpectedly. It has done this 1 time(s).
11/20/2010 4:15:36 PM, error: Service Control Manager [7034] - The Viewpoint Manager Service service

terminated unexpectedly. It has done this 1 time(s).
11/20/2010 4:15:36 PM, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly.

It has done this 1 time(s).
11/20/2010 4:15:36 PM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated

unexpectedly. It has done this 1 time(s).
11/20/2010 4:15:36 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated

unexpectedly. It has done this 1 time(s).
11/20/2010 4:15:36 PM, error: Service Control Manager [7034] - The iPod Service service terminated

unexpectedly. It has done this 1 time(s).
11/20/2010 4:15:36 PM, error: Service Control Manager [7034] - The Intel(R) Matrix Storage Event Monitor

service terminated unexpectedly. It has done this 1 time(s).
11/20/2010 4:15:36 PM, error: Service Control Manager [7034] - The Creative Service for CDROM Access service

terminated unexpectedly. It has done this 1 time(s).
11/20/2010 4:15:36 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated

unexpectedly. It has done this 1 time(s).
11/20/2010 4:15:36 PM, error: Service Control Manager [7034] - The APC UPS Service service terminated

unexpectedly. It has done this 1 time(s).
11/20/2010 4:15:36 PM, error: Service Control Manager [7034] - The ActivClient Middleware Service service

terminated unexpectedly. It has done this 1 time(s).
11/20/2010 4:15:36 PM, error: Service Control Manager [7031] - The Windows Live ID Sign-in Assistant service

terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000

milliseconds: Restart the service.
11/20/2010 4:15:36 PM, error: Service Control Manager [7031] - The AVG Free WatchDog service terminated

unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds:

Restart the service.
11/20/2010 4:15:36 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated

unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000

milliseconds: Restart the service.
11/20/2010 4:15:24 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service

terminated unexpectedly. It has done this 1 time(s).
11/20/2010 10:53:08 AM, error: Service Control Manager [7031] - The Zune Bus Enumerator service terminated

unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds:

Restart the service.
11/20/2010 10:53:03 AM, error: Service Control Manager [7031] - The Zune Bus Enumerator service terminated

unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds:

Restart the service.
11/20/2010 10:07:49 AM, error: Service Control Manager [7034] - The SSDP Discovery Service service

terminated unexpectedly. It has done this 1 time(s).
11/20/2010 10:07:49 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the

Remote Registry service to connect.
11/20/2010 10:07:49 AM, error: Service Control Manager [7000] - The Remote Registry service failed to start

due to the following error: The service did not respond to the start or control request in a timely fashion.
11/20/2010 10:07:38 AM, error: Service Control Manager [7031] - The Remote Registry service terminated

unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000

milliseconds: Restart the service.
11/20/2010 10:07:36 AM, error: Service Control Manager [7034] - The WebClient service terminated

unexpectedly. It has done this 1 time(s).
11/20/2010 10:02:10 AM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup

of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15

minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
11/19/2010 9:26:12 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with

arguments "" in order to run the server: {943B6A75-BB5E-41A7-A6D3-A1A5E892B33B}
11/19/2010 9:25:04 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MDM with

arguments "" in order to run the server: {0C0A3666-30C9-11D0-8F20-00805F2CD064}
11/19/2010 9:16:11 PM, error: Service Control Manager [7026] - The following boot-start or system-start

driver(s) failed to load: AvgLdx86 AvgMfx86 Fips intelppm NPPTNT2 PCLEPCI
11/19/2010 7:39:24 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman

with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
11/19/2010 7:37:02 PM, error: Service Control Manager [7000] - The Lavasoft Ad-Aware Service service failed

to start due to the following error: Access is denied.
11/19/2010 7:36:56 PM, error: Service Control Manager [7031] - The Lavasoft Ad-Aware Service service

terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000

milliseconds: Restart the service.
11/19/2010 7:36:24 PM, error: Service Control Manager [7026] - The following boot-start or system-start

driver(s) failed to load: AFD AvgLdx86 AvgMfx86 AvgTdiX Fips intelppm IPSec MRxSmb NetBIOS NetBT NPPTNT2

PCLEPCI RasAcd Rdbss Tcpip
11/19/2010 7:36:24 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on

the AFD service which failed to start because of the following error: A device attached to the system is not

functioning.
11/19/2010 7:36:24 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the

IPSEC driver service which failed to start because of the following error: A device attached to the system

is not functioning.
11/19/2010 7:36:24 PM, error: Service Control Manager [7001] - The DHCP Client service depends on the

NetBios over Tcpip service which failed to start because of the following error: A device attached to the

system is not functioning.
11/19/2010 7:36:24 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the

TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to

the system is not functioning.
11/19/2010 7:36:24 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on

the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached

to the system is not functioning.
11/19/2010 6:54:06 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service

EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/19/2010 6:53:34 PM, error: Service Control Manager [7026] - The following boot-start or system-start

driver(s) failed to load: AvgLdx86 AvgMfx86 Fips intelppm NPPTNT2 PCLEPCI sp_rsdrv2
11/19/2010 5:18:47 AM, error: Service Control Manager [7000] - The Zune Bus Enumerator Driver service failed

to start due to the following error: The system cannot find the file specified.
11/18/2010 8:26:25 PM, error: Service Control Manager [7023] - The Uninterruptible Power Supply service

terminated with the following error: %%2482
11/18/2010 8:26:25 PM, error: Service Control Manager [7000] - The Smart Card Reader service failed to start

due to the following error: The system cannot find the device specified.
11/18/2010 8:26:25 PM, error: Service Control Manager [7000] - The npkcrypt service failed to start due to

the following error: The system cannot find the path specified.
11/18/2010 8:26:25 PM, error: Service Control Manager [7000] - The ASInsHelp service failed to start due to

the following error: The system cannot find the file specified.
11/18/2010 8:26:07 PM, error: UPS [2482] - The UPS service could not access the specified Comm Port.
11/18/2010 8:25:43 PM, error: ACTR [1] - Can't open COM1. It is either not available or used by another

device.
11/18/2010 8:25:17 PM, error: SCardSvr [602] - WDM Reader driver initialization cannot open reader device:

The system cannot find the path specified.
11/18/2010 7:56:00 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service

EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11/18/2010 7:29:54 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service winmgmt

with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
11/17/2010 9:25:00 PM, error: DCOM [10000] - Unable to start a DCOM Server: {5E248397-8614-4EC5-8926-

BD242DC9830A}. The error: "%2" Happened while starting this command: "C:\Program

Files\ActivIdentity\ActivClient\acevents.exe" -Embedding
11/14/2010 8:13:09 AM, error: Dhcp [1002] - The IP address lease 192.168.100.2 for the Network Card with

network address 0013720E86F5 has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a

DHCPNACK message).
11/14/2010 8:12:16 AM, error: Dhcp [1002] - The IP address lease 68.49.73.95 for the Network Card with

network address 0013720E86F5 has been denied by the DHCP server 192.168.100.1 (The DHCP Server sent a

DHCPNACK message).
11/13/2010 6:53:58 AM, error: System Error [1003] - Error code 100000d1, parameter1 90a30000, parameter2

00000002, parameter3 00000001, parameter4 a333c3bd.

==== End Of File ===========================
 
Here is the DDS.txt:


DDS (Ver_10-11-10.01) - NTFSx86
Run by Lemuel Lawrence at 17:37:05.87 on Sat 11/20/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2046.1255 [GMT -5:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Lavasoft Ad-Watch Live! Anti-Virus *On-access scanning disabled* (Updated) {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
FW: Norton Internet Worm Protection *disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ActivIdentity\ActivClient\accoca.exe
C:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\WINDOWS\system32\vmnat.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\ZuneBusEnum.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\PRISMSVR.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\MSN Toolbar\Platform\4.0.0379.0\mswinext.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\DOCUME~1\LEMUEL~1\LOCALS~1\Temp\clclean.0001
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
svchost.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Documents and Settings\Lemuel Lawrence\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Page_URL = hxxp://www.google.com/ig/dell?hl=en
uWindow Title = Windows Internet Explorer provided by Comcast
mSearch Bar = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/sb/sbcydsl/*http://www.yahoo.com/search/ie.html
mWindow Title = Windows Internet Explorer provided by Comcast
uInternet Connection Wizard,ShellNext = hxxp://www.soundblaster.com/MBupgrade/companion.asp?v=01a7&sv=CFD31B33F340&lg=1033
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://red.clientapps.yahoo.com/customize/ie/defaults/su/sbcydsl/*http://www.yahoo.com
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
mURLSearchHooks: H - No File
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5805.1910\swg.dll
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\googleafe\GoogleAE.dll
BHO: MSN Toolbar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\msn toolbar\platform\4.0.0379.0\npwinext.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: MSN Toolbar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\msn toolbar\platform\4.0.0379.0\npwinext.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
TB: {C4069E3A-68F1-403E-B40E-20066696354B} - No File
TB: {E7D38ED4-2933-43B8-B0B9-52D11CE9CA10} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [SetDefaultMIDI] MIDIDef.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockw~1\SWHELP~2.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; Comcast Install 1.0; GTB6.5; .NET CLR 1.0.3705; .NET CLR 1.1.4322; Media Center PC 4.0; InfoPath.1; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://spongebob.nick.com/games/play/sb_fliporflop/"
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [CTSysVol] c:\program files\creative\sbaudigy\surround mixer\CTSysVol.exe /r
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [PCLEUSBTip] c:\program files\pinnacle\shared files\programs\usbtip\USBTip.exe
mRun: [PinnacleDriverCheck] c:\windows\system32\\PSDrvCheck.exe
mRun: [USB2Check] RUNDLL32.EXE "c:\windows\system32\PCLECoInst.dll",CheckUSBController
mRun: [CTSVolFE] "c:\program files\creative\mixer\CTSVolFE.exe" /r
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [MBMon] Rundll32 CTMBHA.DLL,MBMon
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [IntelMeM] c:\program files\intel\modem event monitor\IntelMEM.exe
mRun: [USBToolTip] "c:\program files\pinnacle\shared files\\programs\usbtip\USBTip.exe"
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [accrdsub] "c:\program files\actividentity\activclient\accrdsub.exe"
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /install
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe
mRun: [MSN Toolbar] "c:\program files\msn toolbar\platform\4.0.0379.0\mswinext.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Zune Launcher] "c:\program files\zune\ZuneLauncher.exe"
dRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\activc~1.lnk - c:\program files\actividentity\activclient\acsagent.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\apcups~1.lnk - c:\program files\apc\apc powerchute personal edition\Display.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~4\office11\REFIEBAR.DLL
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02ECD07A-22D0-4AF0-BA0A-3F6B06086D08} - hxxp://www.gamescampus.com/luncher/GamesCampus.cab
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/betapit/PCPitStop.CAB
DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} - hxxp://www.ipix.com/viewers/ipixx.cab
DPF: {15B782AF-55D8-11D1-B477-006097098764} - hxxp://download.macromedia.com/pub/shockwave/cabs/authorware/awswaxd.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} - hxxp://download.games.yahoo.com/games/web_games/playfirst/trijinx/TriJinx.1.0.0.55.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper200711281.dll
DPF: {352797A0-EFD0-4FA6-B229-145120EA4B8A} - hxxps://disneyblast.go.com/v3/setup/activex/DIGHardwareControl.cab
DPF: {38AB6A6C-CC4C-4F9E-A3DD-3C5681EF18A1} - hxxp://www-cdn.freerealms.com/gamedata/plugins/1.0.3.133/FreeRealmsInstaller.cab?v=1059
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photos.walmart.com/WalmartActivia.cab
DPF: {48DD0448-9209-4F81-9F6D-D83562940134} - hxxp://lads.myspace.com/upload/MySpaceUploader.cab
DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
DPF: {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} - hxxp://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab
DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} - hxxp://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {C02226EB-A5D7-4B1F-BD7E-635E46C2288D} - hxxp://a.download.toontown.com/sv1.0.18.39/ttinst.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} - hxxp://3dlifeplayer.dl.3dvia.com/player/install/installer.exe
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://l.yimg.com/jh/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
DPF: {EF148DBB-5B6D-4130-B2A1-661571E86260} - hxxp://playgames.comcast.net/online2/mahjong_escape_ancient/PTGameLauncher.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll
Notify: ackpbsc - c:\windows\system32\ackpbsc.dll
Notify: acunlock - c:\program files\actividentity\activclient\acunlock.dll
Notify: avgrsstarter - avgrsstx.dll
Notify: ljJYOiHB - ljJYOiHB.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digeste.dll
Hosts: 91.212.127.226 osguard-pro.microsoft.com
Hosts: 91.212.127.226 osguard-pro.com
Hosts: 91.212.127.226 www.osguard-pro.com

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\lemuel~1\applic~1\mozilla\firefox\profiles\xhtxn5q8.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=VI2TDF&PC=VI2TDF&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=VI2TDF&PC=VI2TDF&q=
FF - prefs.js: network.proxy.type - 4
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\lemuel lawrence\application data\move networks\plugins\npqmp071705000014.dll
FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\virtools\3d life player\npvirtools.dll
FF - plugin: c:\windows\downloaded program files\npsoe.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-10-20 64288]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-10-13 216400]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-10-13 29584]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-10-13 243024]
R2 accoca;ActivClient Middleware Service;c:\program files\actividentity\activclient\accoca.exe [2007-5-15 182576]
R2 avg9wd;AVG Free WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-16 308136]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2008-3-20 24652]
R3 Actrpcsc;Actrpcsc;c:\windows\system32\drivers\actrpcsc.sys [2008-11-12 14784]
R3 aksbus;ActivIdentity Virtual Reader Enumerator;c:\windows\system32\drivers\aksbus.sys [2009-7-12 14639]
R3 akspcsc;ActivIdentity Virtual PC/SC Device Driver;c:\windows\system32\drivers\akspcsc.sys [2009-7-12 10193]
S2 ACTR;Smart Card Reader;c:\windows\system32\drivers\ACTR.SYS [2008-11-12 16472]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-9 135664]
S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-9-23 1375992]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-8-2 32512]
S3 SNDP106;Digital Spy Camera;c:\windows\system32\drivers\sndp106.sys [2009-3-29 227456]
S3 vsdatant;vsdatant;\??\c:\windows\system32\vsdatant.sys --> c:\windows\system32\vsdatant.sys [?]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\zune\WMZuneComm.exe [2010-9-24 268528]
S3 XDva002;XDva002;\??\c:\windows\system32\xdva002.sys --> c:\windows\system32\XDva002.sys [?]
S3 XDva007;XDva007;\??\c:\windows\system32\xdva007.sys --> c:\windows\system32\XDva007.sys [?]
S3 XDva009;XDva009;\??\c:\windows\system32\xdva009.sys --> c:\windows\system32\XDva009.sys [?]
S3 XDva010;XDva010;\??\c:\windows\system32\xdva010.sys --> c:\windows\system32\XDva010.sys [?]
S3 XDva012;XDva012;\??\c:\windows\system32\xdva012.sys --> c:\windows\system32\XDva012.sys [?]
S3 XDva013;XDva013;\??\c:\windows\system32\xdva013.sys --> c:\windows\system32\XDva013.sys [?]
S3 XDva014;XDva014;\??\c:\windows\system32\xdva014.sys --> c:\windows\system32\XDva014.sys [?]
S4 PRISMSVC;PRISMSVC;c:\windows\system32\PRISMSVC.exe [2006-2-8 57344]

=============== Created Last 30 ================

2010-11-20 20:11:24 -------- d-----w- c:\program files\trend micro
2010-11-20 15:12:04 -------- d-----w- c:\docume~1\lemuel~1\applic~1\Malwarebytes
2010-11-20 15:11:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-11-20 15:11:11 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-11-20 14:59:43 -------- d-----w- c:\windows\system32\wbem\repository\FS
2010-11-20 14:59:43 -------- d-----w- c:\windows\system32\wbem\Repository
2010-11-20 14:59:07 -------- d-----w- c:\program files\iTunes
2010-11-20 14:59:07 -------- d-----w- c:\program files\iPod
2010-11-20 14:58:16 -------- d-----w- c:\windows\system32\drivers\umdf\en-US
2010-11-20 14:58:03 -------- d-----w- c:\windows\system32\drivers\umdf\pt-PT
2010-11-20 14:58:03 -------- d-----w- c:\windows\system32\drivers\umdf\pt-BR
2010-11-20 14:58:03 -------- d-----w- c:\windows\system32\drivers\umdf\nl-NL
2010-11-20 14:58:03 -------- d-----w- c:\windows\system32\drivers\umdf\it-IT
2010-11-20 14:58:03 -------- d-----w- c:\windows\system32\drivers\umdf\fr-FR
2010-11-20 14:58:03 -------- d-----w- c:\windows\system32\drivers\umdf\es-ES
2010-11-20 14:58:03 -------- d-----w- c:\windows\system32\drivers\umdf\de-DE
2010-11-20 14:58:00 -------- d-----w- c:\docume~1\lemuel~1\locals~1\applic~1\Yahoo!
2010-11-20 14:57:58 -------- d-----w- c:\program files\MSN Toolbar
2010-11-20 14:57:57 -------- d-----w- c:\program files\MSN Toolbar Installer
2010-11-20 12:47:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-11-20 12:47:42 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-11-19 01:00:46 -------- d-----w- c:\docume~1\lemuel~1\applic~1\Spyware Terminator
2010-11-19 01:00:33 -------- d-----w- c:\program files\Spyware Terminator
2010-11-18 23:50:41 -------- d-----w- c:\docume~1\lemuel~1\applic~1\GetRightToGo
2010-11-18 23:42:07 -------- d-----w- c:\docume~1\lemuel~1\applic~1\whitesmoketoolbar
2010-11-18 13:13:17 -------- d-----w- c:\program files\whitesmoketoolbar
2010-11-18 13:12:51 -------- d-----w- c:\windows\system32\%APPDATA%
2010-11-14 15:18:51 -------- d-----w- c:\program files\iPod(2)
2010-11-14 15:18:48 -------- d-----w- c:\program files\iTunes(2)
2010-11-12 22:44:02 256 ----a-w- c:\windows\system32\pool.bin

==================== Find3M ====================

2010-10-19 21:00:08 294912 ----a-w- C:\gmer.exe
2010-09-24 17:19:16 444656 ----a-w- c:\windows\system32\ZuneWlanCfgSvc.exe
2010-09-24 17:19:08 57072 ----a-w- c:\windows\system32\ZuneBusEnum.exe
2010-09-24 16:11:44 65024 ----a-w- c:\windows\system32\ZuneTcp2Udp.dll
2010-09-24 16:11:44 58368 ----a-w- c:\windows\system32\ZuneRegUtil.dll
2010-09-24 16:11:44 46080 ----a-w- c:\windows\system32\ZunePTDNS.dll
2010-09-24 16:11:44 365056 ----a-w- c:\windows\system32\ZuneNetProxy.dll
2010-09-24 16:11:44 130560 ----a-w- c:\windows\system32\ZuneUsbTransport.dll
2010-09-24 16:11:42 205824 ----a-w- c:\windows\system32\ZuneCoInst.dll
2010-09-24 16:11:42 203776 ----a-w- c:\windows\system32\ZuneMTPZ.dll
2010-09-24 15:31:26 1837296 ----a-w- c:\windows\system32\WUDFUpdate_01009.dll
2010-09-24 15:31:24 581192 ----a-w- c:\windows\system32\WinUSBCoInstaller.dll
2010-09-24 15:31:24 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
2010-09-18 16:23:26 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53:25 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53:25 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53:25 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-15 08:50:37 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-15 06:29:49 73728 ----a-w- c:\windows\system32\javacpl.cpl
2010-09-10 05:58:08 916480 ----a-w- c:\windows\system32\wininet.dll
2010-09-10 05:58:06 43520 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-10 05:58:06 1469440 ------w- c:\windows\system32\inetcpl.cpl
2010-09-08 15:17:46 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2010-09-08 15:17:46 69632 ----a-w- c:\windows\system32\QuickTime.qts
2010-09-01 11:51:14 285824 ----a-w- c:\windows\system32\atmfd.dll
2010-08-31 13:42:52 1852800 ----a-w- c:\windows\system32\win32k.sys
2010-08-27 08:02:29 119808 ----a-w- c:\windows\system32\t2embed.dll
2010-08-27 05:57:43 99840 ----a-w- c:\windows\system32\srvsvc.dll
2010-08-26 12:52:45 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2010-08-23 16:12:04 617472 ----a-w- c:\windows\system32\comctl32.dll
2002-07-26 21:02:06 153088 ----a-w- c:\program files\UNWISE.EXE

=================== ROOTKIT ====================

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: ST316082 rev.8.03 -> Harddisk0\DR0 -> \Device\Ide\iaStor0

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8A42B446]<<
_asm { PUSH EBP; MOV EBP, ESP; PUSH ECX; MOV EAX, [EBP+0x8]; CMP EAX, [0x8a431504]; MOV EAX, [0x8a431580]; PUSH EBX; PUSH ESI; MOV ESI, [EBP+0xc]; MOV EBX, [ESI+0x60]; PUSH EDI; JNZ 0x20; MOV [EBP+0x8], EAX; }
1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8ADC5AB8]
3 CLASSPNP[0xB80E8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> [0x8A3DAC58]
\Driver\iastor[0x8AD5B4A8] -> IRP_MJ_CREATE -> 0x8A42B446
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; MOV ES, AX; MOV DS, AX; MOV SI, 0x7c00; MOV DI, 0x600; MOV CX, 0x200; CLD ; REP MOVSB ; PUSH AX; PUSH 0x61c; RETF ; STI ; PUSHA ; MOV CX, 0x137; MOV BP, 0x62a; ROR BYTE [BP+0x0], CL; INC BP; }
detected disk devices:
\Device\Ide\IAAStorageDevice-0 -> \??\IDE#DiskST3160828AS_____________________________8.03____#4&3203b792&0&0.0.0#{53f56307-b6bf-11d0-94f2-00a0c91efb8b} device not found
detected hooks:
\Driver\iaStor DriverStartIo -> 0x8A42B292
user != kernel MBR !!!
sectors 312499998 (+255): user != kernel
Warning: possible TDL4 rootkit infection !
TDL4 rootkit infection detected ! Use: "mbr.exe -f" to fix.

============= FINISH: 17:39:23.03 ===============
 
Is this the same system and the same problem as the other thread you started? It looks like it is. I'm going to delete that thread. All posts and logs for this system for this problem go here.

You have Rootkit malware infection. Please run the following:
  • Download the file TDSSKiller.zip and save to the desktop.
    (If you are unable to download the file for some reason, then TDSS may be blocking it. You would then need to download it first to a clean computer and then transfer it to the infected one using an external drive or USB flash drive.)
  • Right-click the tdsskiller.zip file> Select Extract All into a folder on the infected (or potentially infected) PC.
  • Double click on TDSSKiller.exe. to run the scan
  • When the scan is over, the utility outputs a list of detected objects with description.
    The utility automatically selects an action (Cure or Delete) for malicious objects.
    The utility prompts the user to select an action to apply to suspicious objects (Skip, by default).
  • Select the action Quarantine to quarantine detected objects.
    The default quarantine folder is in the system disk root folder, e.g.: C:\TDSSKiller_Quarantine\23.07.2010_15.31.43
  • After clicking Next, the utility applies selected actions and outputs the result.
  • A reboot is required after disinfection.

Note: When you open Notepad for a log, please click on Format first and uncheck Word Wrap.

Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
 
My appologies, didn't mean to start multiple threads.

Ran the TDSSKIller, rebooted, and here is the output:

2010/11/20 18:03:27.0296 TDSS rootkit removing tool 2.4.8.0 Nov 17 2010 07:23:12
2010/11/20 18:03:27.0296 ================================================================================
2010/11/20 18:03:27.0296 SystemInfo:
2010/11/20 18:03:27.0296
2010/11/20 18:03:27.0296 OS Version: 5.1.2600 ServicePack: 3.0
2010/11/20 18:03:27.0296 Product type: Workstation
2010/11/20 18:03:27.0296 ComputerName: DELLXPS
2010/11/20 18:03:27.0296 UserName: Lemuel Lawrence
2010/11/20 18:03:27.0296 Windows directory: C:\WINDOWS
2010/11/20 18:03:27.0296 System windows directory: C:\WINDOWS
2010/11/20 18:03:27.0296 Processor architecture: Intel x86
2010/11/20 18:03:27.0296 Number of processors: 2
2010/11/20 18:03:27.0296 Page size: 0x1000
2010/11/20 18:03:27.0296 Boot type: Normal boot
2010/11/20 18:03:27.0296 ================================================================================
2010/11/20 18:03:27.0546 Initialize success
2010/11/20 18:04:07.0593 ================================================================================
2010/11/20 18:04:07.0593 Scan started
2010/11/20 18:04:07.0593 Mode: Manual;
2010/11/20 18:04:07.0593 ================================================================================
2010/11/20 18:04:07.0953 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
2010/11/20 18:04:08.0000 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/11/20 18:04:08.0046 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/11/20 18:04:08.0078 ACTR (0e48c247e204c39cfebe18b55e929e0f) C:\WINDOWS\system32\drivers\ACTR.sys
2010/11/20 18:04:08.0109 Actrpcsc (71cc0e089a13f067cd30dc4ec46eff5e) C:\WINDOWS\system32\DRIVERS\actrpcsc.sys
2010/11/20 18:04:08.0140 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
2010/11/20 18:04:08.0171 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
2010/11/20 18:04:08.0218 AegisP (93034ce0cd3578d68da550fc2bca3080) C:\WINDOWS\system32\DRIVERS\AegisP.sys
2010/11/20 18:04:08.0265 AFD (7e775010ef291da96ad17ca4b17137d7) C:\WINDOWS\System32\drivers\afd.sys
2010/11/20 18:04:08.0312 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
2010/11/20 18:04:08.0328 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
2010/11/20 18:04:08.0359 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
2010/11/20 18:04:08.0375 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
2010/11/20 18:04:08.0406 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
2010/11/20 18:04:08.0453 aksbus (e2a0f989fb8ff405bae42e05200f957a) C:\WINDOWS\system32\DRIVERS\aksbus.sys
2010/11/20 18:04:08.0484 akspcsc (71f54ceb96d8a0cecafb008008618962) C:\WINDOWS\system32\DRIVERS\akspcsc.sys
2010/11/20 18:04:08.0531 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
2010/11/20 18:04:08.0546 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
2010/11/20 18:04:08.0578 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
2010/11/20 18:04:08.0593 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
2010/11/20 18:04:08.0656 ASAPIW2K (875f9079cabee679d34b49e466b61701) C:\WINDOWS\system32\Drivers\ASAPIW2K.sys
2010/11/20 18:04:08.0671 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
2010/11/20 18:04:08.0687 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
2010/11/20 18:04:08.0718 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
2010/11/20 18:04:08.0765 ASCTRM (d880831279ed91f9a4190a2db9539ea9) C:\WINDOWS\system32\drivers\ASCTRM.sys
2010/11/20 18:04:08.0828 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/11/20 18:04:08.0859 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/11/20 18:04:08.0921 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/11/20 18:04:08.0968 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/11/20 18:04:09.0015 AvgLdx86 (b8c187439d27aba430dd69fdcf1fa657) C:\WINDOWS\System32\Drivers\avgldx86.sys
2010/11/20 18:04:09.0046 AvgMfx86 (53b3f979930a786a614d29cafe99f645) C:\WINDOWS\System32\Drivers\avgmfx86.sys
2010/11/20 18:04:09.0093 AvgTdiX (22e3b793c3e61720f03d3a22351af410) C:\WINDOWS\System32\Drivers\avgtdix.sys
2010/11/20 18:04:09.0140 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/11/20 18:04:09.0187 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
2010/11/20 18:04:09.0203 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/11/20 18:04:09.0265 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
2010/11/20 18:04:09.0281 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
2010/11/20 18:04:09.0328 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/11/20 18:04:09.0343 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/11/20 18:04:09.0406 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/11/20 18:04:09.0468 CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
2010/11/20 18:04:09.0515 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys
2010/11/20 18:04:09.0562 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
2010/11/20 18:04:09.0640 ctsfm2k (8db84de3aab34a8b4c2f644eff41cd76) C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
2010/11/20 18:04:09.0671 CTUSFSYN (4ee8822adb764edd28ce44e808097995) C:\WINDOWS\system32\drivers\ctusfsyn.sys
2010/11/20 18:04:09.0703 CVirtA (72f820e457bc8a1c61aeb86df89dd41a) C:\WINDOWS\system32\DRIVERS\CVirtA.sys
2010/11/20 18:04:09.0734 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
2010/11/20 18:04:09.0765 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
2010/11/20 18:04:09.0812 DCamUSBEMPIA (5118ea8a2f55fa4d4295516500b78229) C:\WINDOWS\system32\DRIVERS\emDevice.sys
2010/11/20 18:04:09.0859 DcCam (1b269ed3eb2d81ec11cd5b0544e89962) C:\WINDOWS\system32\DRIVERS\DcCam.sys
2010/11/20 18:04:09.0890 DcFpoint (bd6ce20068159f9714ebe9e76decab2c) C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
2010/11/20 18:04:09.0921 DCFS2K (1315e0b5b6fc1fe930ee3498309700bd) C:\WINDOWS\system32\drivers\dcfs2k.sys
2010/11/20 18:04:09.0968 DcLps (5f5055efb3e0820f349924e7c5bd5af4) C:\WINDOWS\system32\DRIVERS\DcLps.sys
2010/11/20 18:04:10.0000 DcPTP (31689427da60a724b31a622b35ed21ec) C:\WINDOWS\system32\DRIVERS\DcPTP.sys
2010/11/20 18:04:10.0046 DELL_A02 (ac42d95803a473f4898297dafba8dc89) C:\WINDOWS\system32\DRIVERS\PRISMA02.sys
2010/11/20 18:04:10.0093 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/11/20 18:04:10.0171 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
2010/11/20 18:04:10.0234 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
2010/11/20 18:04:10.0250 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/11/20 18:04:10.0296 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
2010/11/20 18:04:10.0328 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
2010/11/20 18:04:10.0390 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/11/20 18:04:10.0421 drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
2010/11/20 18:04:10.0468 drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
2010/11/20 18:04:10.0578 DSproct (413f2d5f9d802688242c23b38f767ecb) C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
2010/11/20 18:04:10.0625 dsunidrv (dfeabb7cfffadea4a912ab95bdc3177a) C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
2010/11/20 18:04:10.0671 E100B (3fca03cbca11269f973b70fa483c88ef) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2010/11/20 18:04:10.0718 e1express (0849eacdc01487573add86f5e470806c) C:\WINDOWS\system32\DRIVERS\e1e5132.sys
2010/11/20 18:04:10.0781 emAudio (ffa45148a2d5d05dbb3c0997e579fc9c) C:\WINDOWS\system32\drivers\emAudio.sys
2010/11/20 18:04:10.0859 Exportit (f85ffdeae43f9e9a7c3f4e3cc5ef09eb) C:\WINDOWS\system32\DRIVERS\exportit.sys
2010/11/20 18:04:10.0906 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/11/20 18:04:10.0937 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/11/20 18:04:10.0984 FiltUSBEMPIA (6f87e4706f59463b74bc4fad0f67338f) C:\WINDOWS\system32\DRIVERS\emFilter.sys
2010/11/20 18:04:11.0015 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
2010/11/20 18:04:11.0046 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/11/20 18:04:11.0078 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/11/20 18:04:11.0125 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/11/20 18:04:11.0140 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/11/20 18:04:11.0187 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2010/11/20 18:04:11.0218 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/11/20 18:04:11.0265 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\WINDOWS\system32\drivers\grmnusb.sys
2010/11/20 18:04:11.0312 hcmon (9d4bff527040edf5dcc8707ee610f535) C:\WINDOWS\system32\Drivers\hcmon.sys
2010/11/20 18:04:11.0359 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
2010/11/20 18:04:11.0406 HidBatt (748031ff4fe45ccc47546294905feab8) C:\WINDOWS\system32\DRIVERS\HidBatt.sys
2010/11/20 18:04:11.0453 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
2010/11/20 18:04:11.0500 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
2010/11/20 18:04:11.0546 HPZid412 (d03d10f7ded688fecf50f8fbf1ea9b8a) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
2010/11/20 18:04:11.0578 HPZipr12 (89f41658929393487b6b7d13c8528ce3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
2010/11/20 18:04:11.0593 HPZius12 (abcb05ccdbf03000354b9553820e39f8) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
2010/11/20 18:04:11.0656 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/11/20 18:04:11.0703 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
2010/11/20 18:04:11.0734 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
2010/11/20 18:04:11.0750 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/11/20 18:04:11.0812 iastor (9a65e42664d1534b68512caad0efe963) C:\WINDOWS\system32\drivers\iastor.sys
2010/11/20 18:04:11.0875 imagedrv (0a7c49b48c772591a2d362daa00246c8) C:\WINDOWS\system32\Drivers\imagedrv.sys
2010/11/20 18:04:11.0906 imagesrv (549ba4f539e7b8d8129500b96dd7b27a) C:\WINDOWS\system32\DRIVERS\imagesrv.sys
2010/11/20 18:04:11.0953 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/11/20 18:04:12.0000 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
2010/11/20 18:04:12.0062 IntelC51 (7509c548400f4c9e0211e3f6e66abbe6) C:\WINDOWS\system32\DRIVERS\IntelC51.sys
2010/11/20 18:04:12.0140 IntelC52 (9584ffdd41d37f2c239681d0dac2513e) C:\WINDOWS\system32\DRIVERS\IntelC52.sys
2010/11/20 18:04:12.0187 IntelC53 (cf0b937710cec6ef39416edecd803cbb) C:\WINDOWS\system32\DRIVERS\IntelC53.sys
2010/11/20 18:04:12.0218 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
2010/11/20 18:04:12.0265 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/11/20 18:04:12.0296 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/11/20 18:04:12.0312 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/11/20 18:04:12.0359 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/11/20 18:04:12.0406 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/11/20 18:04:12.0437 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/11/20 18:04:12.0484 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/11/20 18:04:12.0515 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/11/20 18:04:12.0562 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/11/20 18:04:12.0578 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
2010/11/20 18:04:12.0625 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
2010/11/20 18:04:12.0671 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/11/20 18:04:12.0718 Lbd (b7c19ec8b0dd7efa58ad41ffeb8b8cda) C:\WINDOWS\system32\DRIVERS\Lbd.sys
2010/11/20 18:04:12.0796 MarvinBus (269c14d512b74cc28d2812ff7d1eb066) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys
2010/11/20 18:04:12.0859 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
2010/11/20 18:04:12.0906 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/11/20 18:04:12.0968 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
2010/11/20 18:04:12.0984 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2010/11/20 18:04:13.0015 mohfilt (59b8b11ff70728eec60e72131c58b716) C:\WINDOWS\system32\DRIVERS\mohfilt.sys
2010/11/20 18:04:13.0062 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/11/20 18:04:13.0109 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
2010/11/20 18:04:13.0140 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/11/20 18:04:13.0187 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
2010/11/20 18:04:13.0218 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/11/20 18:04:13.0250 MRxSmb (f3aefb11abc521122b67095044169e98) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/11/20 18:04:13.0296 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
2010/11/20 18:04:13.0328 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/11/20 18:04:13.0375 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/11/20 18:04:13.0406 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/11/20 18:04:13.0437 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/11/20 18:04:13.0468 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
2010/11/20 18:04:13.0515 Mup (2f625d11385b1a94360bfc70aaefdee1) C:\WINDOWS\system32\drivers\Mup.sys
2010/11/20 18:04:13.0546 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
2010/11/20 18:04:13.0593 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
2010/11/20 18:04:13.0625 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
2010/11/20 18:04:13.0656 NdisTapi (1ab3d00c991ab086e69db84b6c0ed78f) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/11/20 18:04:13.0687 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/11/20 18:04:13.0718 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/11/20 18:04:13.0734 NDProxy (6215023940cfd3702b46abc304e1d45a) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/11/20 18:04:13.0765 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/11/20 18:04:13.0796 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/11/20 18:04:13.0890 nm (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
2010/11/20 18:04:13.0921 NPF (d21fee8db254ba762656878168ac1db6) C:\WINDOWS\system32\drivers\npf.sys
2010/11/20 18:04:13.0953 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
2010/11/20 18:04:14.0046 NPPTNT2 (9131fe60adfab595c8da53ad6a06aa31) C:\WINDOWS\system32\npptNT2.sys
2010/11/20 18:04:14.0078 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/11/20 18:04:14.0156 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/11/20 18:04:14.0375 nv (4f15e1e56703f59c0ac00022162e5308) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
2010/11/20 18:04:14.0593 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/11/20 18:04:14.0609 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/11/20 18:04:14.0671 ossrv (103a9b117a7d9903111955cdafe65ac6) C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
2010/11/20 18:04:14.0718 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/11/20 18:04:14.0750 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/11/20 18:04:14.0781 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/11/20 18:04:14.0828 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/11/20 18:04:14.0890 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/11/20 18:04:14.0937 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys
2010/11/20 18:04:14.0968 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/11/20 18:04:15.0093 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
2010/11/20 18:04:15.0140 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
2010/11/20 18:04:15.0218 pfc (da86016f0672ada925f589ede715f185) C:\WINDOWS\system32\drivers\pfc.sys
2010/11/20 18:04:15.0250 PfModNT (d9ed17ac15720096a9f92ff4ea587b09) C:\WINDOWS\system32\drivers\PfModNT.sys
2010/11/20 18:04:15.0312 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/11/20 18:04:15.0343 PQNTDrv (4228630829c0e521c43d882a00533374) C:\WINDOWS\system32\drivers\PQNTDrv.sys
2010/11/20 18:04:15.0375 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/11/20 18:04:15.0406 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/11/20 18:04:15.0437 PxHelp20 (0c8da0a8b0d227319c285e0eae65defd) C:\WINDOWS\system32\Drivers\PxHelp20.sys
2010/11/20 18:04:15.0484 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
2010/11/20 18:04:15.0500 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
2010/11/20 18:04:15.0531 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
2010/11/20 18:04:15.0562 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
2010/11/20 18:04:15.0578 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
2010/11/20 18:04:15.0625 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/11/20 18:04:15.0671 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/11/20 18:04:15.0687 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/11/20 18:04:15.0718 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/11/20 18:04:15.0750 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/11/20 18:04:15.0781 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/11/20 18:04:15.0812 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
2010/11/20 18:04:15.0875 RDPWD (6728e45b66f93c08f11de2e316fc70dd) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/11/20 18:04:15.0906 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/11/20 18:04:15.0968 RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\WINDOWS\system32\DRIVERS\RimSerial.sys
2010/11/20 18:04:16.0000 ROOTMODEM (d8b0b4ade32574b2d9c5cc34dc0dbbe7) C:\WINDOWS\system32\Drivers\RootMdm.sys
2010/11/20 18:04:16.0078 ScanUSBEMPIA (f5a633609777c212ec5ff19927fc5955) C:\WINDOWS\system32\DRIVERS\emScan.sys
2010/11/20 18:04:16.0156 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/11/20 18:04:16.0218 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/11/20 18:04:16.0250 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/11/20 18:04:16.0296 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/11/20 18:04:16.0406 sigfilt (6bd3976b881888ac9a0ed3eb94e7fd38) C:\WINDOWS\system32\drivers\sigfilt.sys
2010/11/20 18:04:16.0515 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
2010/11/20 18:04:16.0531 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
2010/11/20 18:04:16.0578 SNDP106 (1847429455f9ea983494bea08f803c29) C:\WINDOWS\system32\DRIVERS\sndp106.sys
2010/11/20 18:04:16.0640 SoC PC-Camera Service (79ad3acffa28ec914f652081cad3df48) C:\WINDOWS\system32\DRIVERS\pfc027.sys
2010/11/20 18:04:16.0687 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
2010/11/20 18:04:16.0718 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
2010/11/20 18:04:16.0765 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/11/20 18:04:16.0812 Srv (0f6aefad3641a657e18081f52d0c15af) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/11/20 18:04:16.0859 sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
2010/11/20 18:04:16.0890 ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
2010/11/20 18:04:16.0921 STHDA (b95480c92c4c9c311be47b8a1ad73770) C:\WINDOWS\system32\drivers\sthda.sys
2010/11/20 18:04:16.0968 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
2010/11/20 18:04:17.0000 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/11/20 18:04:17.0031 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
2010/11/20 18:04:17.0078 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
2010/11/20 18:04:17.0109 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
2010/11/20 18:04:17.0140 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
2010/11/20 18:04:17.0171 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
2010/11/20 18:04:17.0218 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/11/20 18:04:17.0281 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/11/20 18:04:17.0312 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/11/20 18:04:17.0359 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/11/20 18:04:17.0390 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/11/20 18:04:17.0437 tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
2010/11/20 18:04:17.0468 tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
2010/11/20 18:04:17.0515 tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
2010/11/20 18:04:17.0562 tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
2010/11/20 18:04:17.0593 tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
2010/11/20 18:04:17.0625 tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
2010/11/20 18:04:17.0640 tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
2010/11/20 18:04:17.0671 tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
2010/11/20 18:04:17.0703 tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
2010/11/20 18:04:17.0750 TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
2010/11/20 18:04:17.0812 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
2010/11/20 18:04:17.0843 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
2010/11/20 18:04:17.0906 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
2010/11/20 18:04:17.0968 USBAAPL (4b8a9c16b6d9258ed99c512aecb8c555) C:\WINDOWS\system32\Drivers\usbaapl.sys
2010/11/20 18:04:18.0015 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
2010/11/20 18:04:18.0031 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/11/20 18:04:18.0062 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/11/20 18:04:18.0093 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/11/20 18:04:18.0140 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/11/20 18:04:18.0171 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/11/20 18:04:18.0203 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/11/20 18:04:18.0250 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
2010/11/20 18:04:18.0281 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
2010/11/20 18:04:18.0312 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
2010/11/20 18:04:18.0375 VMnetAdapter (fdfd74ab4d0f27b5d062c2a39cbb6d54) C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys
2010/11/20 18:04:18.0406 VMnetBridge (4ec4340134aaca930291a062a151cb2f) C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys
2010/11/20 18:04:18.0453 VMnetuserif (4f8c0447012c550c4c6a6a0e27190fd4) C:\WINDOWS\system32\drivers\vmnetuserif.sys
2010/11/20 18:04:18.0484 vmusb (4bd6bd4aa4a1cde612cb5254e62ca718) C:\WINDOWS\system32\Drivers\vmusb.sys
2010/11/20 18:04:18.0546 vmx86 (868724102e6a3431836c681ccbc951e7) C:\WINDOWS\system32\Drivers\vmx86.sys
2010/11/20 18:04:18.0578 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/11/20 18:04:18.0656 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/11/20 18:04:18.0734 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
2010/11/20 18:04:18.0781 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/11/20 18:04:18.0843 WinDriver6 (94e4312d546048bf31604a8b2ad13fc0) C:\WINDOWS\system32\drivers\windrvr6.sys
2010/11/20 18:04:18.0906 WinUSB (fd600b032e741eb6aab509fc630f7c42) C:\WINDOWS\system32\DRIVERS\WinUSB.sys
2010/11/20 18:04:19.0000 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
2010/11/20 18:04:19.0046 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
2010/11/20 18:04:19.0093 WudfPf (eaa6324f51214d2f6718977ec9ce0def) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/11/20 18:04:19.0156 WudfRd (f91ff1e51fca30b3c3981db7d5924252) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/11/20 18:04:19.0375 zumbus (337b9607f041b77824411750069aff2d) C:\WINDOWS\system32\DRIVERS\zumbus.sys
2010/11/20 18:04:19.0468 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2010/11/20 18:04:19.0468 ================================================================================
2010/11/20 18:04:19.0468 Scan finished
2010/11/20 18:04:19.0468 ================================================================================
2010/11/20 18:04:19.0500 Detected object count: 1
2010/11/20 18:05:10.0781 \HardDisk0 - will be cured after reboot
2010/11/20 18:05:10.0781 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure

********************************
Ready for the next step, and thank you very much for the assistance
 
Okay, good job! Please run the following:

Run Eset NOD32 Online AntiVirus scan HEREhttp://www.eset.eu/online-scanner
  1. Tick the box next to YES, I accept the Terms of Use.
  2. Click Start
  3. When asked, allow the Active X control to install
  4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
  5. Click Start
  6. Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
  7. Click Scan
  8. Wait for the scan to finish
  9. Re-enable your Antivirus software.
  10. A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
=====================================
Please download ComboFix from Here and save to your Desktop.

  • [1]. Do NOT rename Combofix unless instructed.
    [2].Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    [3].Close any open browsers.
    [4]. Double click combofix.exe & follow the prompts to run.
  • NOTE: Combofix will disconnect your machine from the Internet as soon as it starts. The connection is automatically restored before CF completes its run. If it does not, restart your computer to restore your connection.
    [5]. If Combofix asks you to install Recovery Console, please allow it.
    [6]. If Combofix asks you to update the program, always allow.
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    [7]. A report will be generated after the scan. Please paste the C:\ComboFix.txt in next reply.
Note: Do not mouseclick combofix's window while it's running. That may cause it to stall.
Note: Make sure you re-enable your security programs, when you're done with Combofix..

I will check you again later for the Rootkit.
 
Status
Not open for further replies.

Similar threads

Daniel Sims
Thousands of websites infected to redirect users in Google Ads view-pumping scam
Replies
5
Views
628
Feng Lengshun
F
midian182
Firefox 64 arrives with extension recommendations, improved tab management, and more
Replies
11
Views
2K
fktech
fktech
L
  • Locked
Inactive Browser redirect and other weirdness
Replies
22
Views
4K
Broni
Broni

Latest posts

Back