Monitor goes black

Inactive
By MontanaGallery
Oct 16, 2012
  1. My name is Cyndy. I use this computer daily. It is part of a network of computers in our home.

    This computer has slowly lost functionality of Internet Explorer. When online, pages do not load with colors and layout as source code is written. Most web pages load without color, only white, on any given site and text boxes with links often appear on top of each other making it impossible to click to a link. It is impossible to fill out forms such as US Postal website for creating labels for shipping.

    Then the problem became worse. The monitor began to flicker then began flashing black and to the screen. I replaced the monitor only to have the same issue re-occur. Hooking up an additional monitor to the computer enabled me to work to back up my files recently created, however, I discovered, after shutting down computer and leaving it off for a couple days, then turning it back on to try to back up some files that the original monitor would work again. Sometimes the monitor will randomly respond as if it is burning out, other times it will remain on and the monitor functions normally for a long period of time.

    I found some malware that I removed, but have not been able to correct the issues I have described. I am hopeful that it was a malware issue that has shut off the monitor. I have tried to update the driver for the monitor as well as other drivers. I cannot restore to previous time either.

    Most programs that I have attempted to download to run malware scans have been blocked from downloading or running. Those that do download, find no issues.

    I replaced this computer in the network with my laptop, only to find the monitor black as well. I am leary of installing any new computer on the network until the issue can be identified and resolved. Any help to correct issues would be greatly appreciated.



    I have followed the UPDATED 5-step Viruses/Spyware/Malware Preliminary Removal Instructions and included the results of the scans.


    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-07-16 11:44:38
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 WDC_WD800BB-75JHC0 rev.06.01C06
    Running: hbkc4b8e.exe; Driver: C:\DOCUME~1\FRONTD~1\LOCALS~1\Temp\uxlyapow.sys

    ---- System - GMER 1.0.15 ----
    SSDT 86941E58 ZwAlertResumeThread
    SSDT 86BC6A80 ZwAlertThread
    SSDT 86A27EA0 ZwAllocateVirtualMemory
    SSDT 86A07790 ZwAssignProcessToJobObject
    SSDT 86C0FA08 ZwConnectPort
    SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwCreateKey [0xF62A1980]
    SSDT 86BC4AF8 ZwCreateMutant
    SSDT 86A289B8 ZwCreateSymbolicLinkObject
    SSDT 86A36F28 ZwCreateThread
    SSDT 86BA9AD0 ZwDebugActiveProcess
    SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xF62A1C00]
    SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteValueKey [0xF62A1F10]
    SSDT 86BBD380 ZwDuplicateObject
    SSDT 86A08828 ZwFreeVirtualMemory
    SSDT 86BC6920 ZwImpersonateAnonymousToken
    SSDT 86BC6958 ZwImpersonateThread
    SSDT 86BAF290 ZwLoadDriver
    SSDT 86A08728 ZwMapViewOfSection
    SSDT 86BC4A18 ZwOpenEvent
    SSDT 86BDA3F0 ZwOpenProcess
    SSDT 86A27F90 ZwOpenProcessToken
    SSDT 86BC3578 ZwOpenSection
    SSDT 86BBD450 ZwOpenThread
    SSDT 86A076C0 ZwProtectVirtualMemory
    SSDT 86BE7CD0 ZwResumeThread
    SSDT 86C16BD0 ZwSetContextThread
    SSDT 86BC1AF0 ZwSetInformationProcess
    SSDT 86BA9BB0 ZwSetSystemInformation
    SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwSetValueKey [0xF62A2160]
    SSDT 86BC35F0 ZwSuspendProcess
    SSDT 86BE7DB0 ZwSuspendThread
    SSDT 86BD9970 ZwTerminateProcess
    SSDT 86C16AF0 ZwTerminateThread
    SSDT 86BC1BE0 ZwUnmapViewOfSection
    SSDT 86A0BDA0 ZwWriteVirtualMemory
    ---- Kernel code sections - GMER 1.0.15 ----
    ? SYMDS.SYS The system cannot find the file specified. !
    ? SYMEFA.SYS The system cannot find the file specified. !
    init C:\WINDOWS\system32\drivers\senfilt.sys entry point in "init" section [0xF5D53F80]
    ? C:\DOCUME~1\FRONTD~1\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !
    ? C:\DOCUME~1\FRONTD~1\LOCALS~1\Temp\uxlyapog.sys The system cannot find the file specified. !
    ---- User code sections - GMER 1.0.15 ----
    .text C:\program files\real\realplayer\update\realsched.exe[2036] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E1DF4C9 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E354846 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3547C7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E35480B C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E354753 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E35478D C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!DialogBoxIndirectParamA 7E456D7D 1 Byte [E9]
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E354881 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E20177A C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    .text C:\Program Files\Internet Explorer\IEXPLORE.EXE[3852] ole32.dll!OleLoadFromStream 7752983B 5 Bytes JMP 3E354A43 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
    ---- Devices - GMER 1.0.15 ----
    AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
    Device mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
    Device B040AD20
    AttachedDevice fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
    Device Cdfs.SYS (CD-ROM File System Driver/Microsoft Corporation)
    Device DLAIFS_M.SYS (Drive Letter Access Component/Sonic Solutions)
    ---- Files - GMER 1.0.15 ----
    File C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\NCW\ncwfoim.db-journal 0 bytes
    ---- EOF - GMER 1.0.15 ----
    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 7.0.5730.13
    Run by Front Desk User at 16:52:20 on 2012-07-13
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.395 [GMT -6:00]
    .
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\Program Files\HitmanPro\hmpsched.exe
    svchost.exe
    C:\WINDOWS\Explorer.EXE
    svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    svchost.exe
    C:\Program Files\Dell Network Assistant\hnm_svc.exe
    C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
    C:\WINDOWS\System32\svchost.exe -k HPZ12
    C:\WINDOWS\System32\snmp.exe
    C:\Program Files\Norton Internet Security\Engine\19.1.0.28\ccSvcHst.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    C:\program files\real\realplayer\update\realsched.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    .
    ============== Pseudo HJT Report ===============
    .
    uSearch Bar = hxxp://www.google.com/hws/sb/dell-inc/en/side.html?channel=us
    uStart Page = hxxp://www.google.com/
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
    BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\19.1.0.28\coIEPlg.dll
    BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\19.1.0.28\ips\IPSBHO.DLL
    BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    TB: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - No File
    TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\19.1.0.28\coIEPlg.dll
    TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [InstallIQUpdater] "c:\program files\w3i\installiqupdater\InstallIQUpdater.exe" /silent /autorun
    mRun: [ClamWin] "c:\program files\clamwin\bin\ClamTray.exe" --logon
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [Info Center] c:\program files\pcpitstop\info center\InfoCenter.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    mRun: [igfxtray] c:\windows\system32\igfxtray.exe
    mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
    mRun: [igfxpers] c:\windows\system32\igfxpers.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
    uPolicies-explorer: NoViewOnDrive = 0 (0x0)
    uPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
    uPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
    uPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
    uPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
    uPolicies-explorer: NoFile = 0 (0x0)
    uPolicies-explorer: HideClock = 0 (0x0)
    uPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
    uPolicies-explorer: NoDFSTab = 0 (0x0)
    uPolicies-explorer: NoWindowsUpdate = 0 (0x0)
    uPolicies-explorer: NoEncryptOnMove = 0 (0x0)
    uPolicies-explorer: NoResolveTrack = 0 (0x0)
    uPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
    uPolicies-system: NoDispAppearancePage = 0 (0x0)
    uPolicies-system: NoDispSettingsPage = 0 (0x0)
    mPolicies-explorer: NoViewOnDrive = 0 (0x0)
    mPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
    mPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
    mPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
    mPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
    mPolicies-explorer: NoFile = 0 (0x0)
    mPolicies-explorer: HideClock = 0 (0x0)
    mPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
    mPolicies-explorer: NoDFSTab = 0 (0x0)
    mPolicies-explorer: NoWindowsUpdate = 0 (0x0)
    mPolicies-explorer: NoEncryptOnMove = 0 (0x0)
    mPolicies-explorer: NoResolveTrack = 0 (0x0)
    mPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
    mPolicies-system: NoDispAppearancePage = 0 (0x0)
    mPolicies-system: NoDispSettingsPage = 0 (0x0)
    dPolicies-explorer: NoViewOnDrive = 0 (0x0)
    dPolicies-explorer: DisableLocalMachineRun = 0 (0x0)
    dPolicies-explorer: DisableLocalMachineRunOnce = 0 (0x0)
    dPolicies-explorer: DisableCurrentUserRun = 0 (0x0)
    dPolicies-explorer: DisableCurrentUserRunOnce = 0 (0x0)
    dPolicies-explorer: NoFile = 0 (0x0)
    dPolicies-explorer: HideClock = 0 (0x0)
    dPolicies-explorer: NoDevMgrUpdate = 0 (0x0)
    dPolicies-explorer: NoDFSTab = 0 (0x0)
    dPolicies-explorer: NoWindowsUpdate = 0 (0x0)
    dPolicies-explorer: NoEncryptOnMove = 0 (0x0)
    dPolicies-explorer: NoResolveTrack = 0 (0x0)
    dPolicies-explorer: NoStartMenuSubFolders = 0 (0x0)
    dPolicies-system: NoDispAppearancePage = 0 (0x0)
    dPolicies-system: NoDispSettingsPage = 0 (0x0)
    IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
    DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
    DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} - hxxps://picasaweb.google.com/s/v/71.37/uploader2.cab
    DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1343579813000
    DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342196884379
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.5.0.cab
    Notify: igfxcui - igfxdev.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    LSA: Notification Packages =
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1301000.01c\SymDS.sys [2012-7-21 340088]
    R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1301000.01c\SymEFA.sys [2012-7-21 897656]
    R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\bashdefs\20120804.001\BHDrvx86.sys [2012-8-8 821920]
    R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1301000.01c\ccSetx86.sys [2012-7-21 132744]
    R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1301000.01c\Ironx86.sys [2012-7-21 149624]
    R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\hitmanpro\hmpsched.exe [2012-7-21 105832]
    R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-7-12 399432]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-7-12 676936]
    R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.1.0.28\ccSvcHst.exe [2012-7-21 138760]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-8-10 106656]
    R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\ipsdefs\20120809.001\IDSXpx86.sys [2012-8-9 369632]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-7-12 22856]
    R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\virusdefs\20120810.001\NAVENG.SYS [2012-8-10 87928]
    R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.0.28\definitions\virusdefs\20120810.001\NAVEX15.SYS [2012-8-10 1589752]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2009-12-19 135664]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-29 250056]
    S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-12-19 135664]
    S3 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\pcpitstop\PCPitstopScheduleService.exe [2012-1-4 91816]
    .
    =============== File Associations ===============
    .
    JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
    .
    =============== Created Last 30 ================
    .
    2012-10-08 17:07:59 155648 ----a-w- c:\windows\system32\igfxsrvc.exe
    2012-10-08 17:07:59 143360 ----a-w- c:\windows\system32\igfxpph.dll
    2012-10-08 17:07:58 57344 ----a-w- c:\windows\system32\igfxsrvc.dll
    2012-10-08 17:07:56 73728 ----a-w- c:\windows\system32\hccutils.dll
    2012-10-08 17:07:54 876666 ----a-w- c:\windows\system32\ialmdd5.dll
    2012-10-08 17:07:52 194298 ----a-w- c:\windows\system32\ialmdev5.dll
    2012-10-08 17:07:51 110203 ----a-w- c:\windows\system32\ialmdnt5.dll
    2012-10-08 17:07:50 38014 ----a-w- c:\windows\system32\ialmrnt5.dll
    2012-10-08 17:07:49 830684 ----a-w- c:\windows\system32\drivers\ialmnt5.sys
    2012-09-26 20:14:24 -------- d-----w- c:\documents and settings\front desk user\application data\FinalMediaPlayer
    2012-08-14 15:03:13 114688 ----a-w- c:\windows\system32\SET5A.tmp
    2012-08-14 15:03:12 900218 ----a-w- c:\windows\system32\SET26.tmp
    2012-08-14 15:03:12 77824 ----a-w- c:\windows\system32\SET54.tmp
    2012-08-14 15:03:12 73728 ----a-w- c:\windows\system32\SET35.tmp
    2012-08-14 15:03:12 57344 ----a-w- c:\windows\system32\SET38.tmp
    2012-08-14 15:03:12 36990 ----a-w- c:\windows\system32\SET1D.tmp
    2012-08-14 15:03:12 213274 ----a-w- c:\windows\system32\SET23.tmp
    2012-08-14 15:03:12 1503232 ----a-w- c:\windows\system32\SET57.tmp
    2012-08-14 15:03:12 147456 ----a-w- c:\windows\system32\SET3E.tmp
    2012-08-14 15:03:12 118395 ----a-w- c:\windows\system32\SET20.tmp
    2012-08-14 14:34:19 -------- d-----w- c:\program files\SystemRequirementsLab
    2012-08-03 18:35:27 -------- d-----w- c:\program files\Free Window Registry Repair
    2012-07-27 20:51:30 184248 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
    2012-07-21 23:31:21 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL
    2012-07-21 23:31:21 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
    2012-07-21 23:31:20 -------- d-----w- c:\program files\Symantec
    2012-07-21 23:29:28 -------- d-----w- c:\program files\NortonInstaller
    2012-07-21 23:13:00 -------- d-----w- c:\program files\HitmanPro
    2012-07-21 23:12:02 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro
    2012-07-21 22:10:05 -------- d-----w- c:\documents and settings\front desk user\application data\Malwarebytes
    2012-07-21 22:09:50 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
    2012-07-21 19:55:31 -------- d-----w- c:\documents and settings\all users\application data\6F63A59FF10D56B7157AAD037B07D329
    2012-07-21 19:54:46 -------- d-----w- c:\documents and settings\front desk user\application data\Kaix
    2012-07-21 19:54:46 -------- d-----w- c:\documents and settings\front desk user\application data\Fydu
    2012-07-15 17:59:13 237072 ------w- c:\windows\system32\MpSigStub.exe
    2012-07-13 17:43:52 -------- d-----w- c:\documents and settings\front desk user\local settings\application data\Avg2013
    2012-07-13 17:43:50 -------- d-----w- c:\documents and settings\front desk user\local settings\application data\MFAData
    2012-07-12 17:32:50 711240 ----a-w- c:\windows\isRS-000.tmp
    2012-07-12 17:07:55 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-07-12 17:07:55 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-07-11 23:14:27 -------- d-----w- c:\program files\Trend Micro
    2012-07-11 22:57:58 -------- d-----w- c:\windows\system32\CatRoot2
    2012-07-11 22:10:40 5632 ----a-w- c:\windows\system32\wbem\snmp\smimsgif.dll
    2012-07-11 22:10:40 5632 ----a-w- c:\windows\system32\wbem\snmp\smierrsy.dll
    2012-07-11 22:10:40 5632 ----a-w- c:\windows\system32\dllcache\smimsgif.dll
    2012-07-11 22:10:40 5632 ----a-w- c:\windows\system32\dllcache\smierrsy.dll
    2012-07-11 22:10:40 15872 ----a-w- c:\windows\system32\wbem\snmp\smierrsm.dll
    2012-07-11 22:10:40 15872 ----a-w- c:\windows\system32\dllcache\smierrsm.dll
    2012-07-11 22:10:40 10240 ----a-w- c:\windows\system32\wbem\snmpstup.dll
    2012-07-11 22:10:40 10240 ----a-w- c:\windows\system32\dllcache\snmpstup.dll
    2012-07-11 22:00:51 -------- d-----w- c:\program files\CheckPoint
    2012-07-11 22:00:49 -------- d-----w- c:\documents and settings\all users\application data\CheckPoint
    2012-07-11 21:53:48 429928 ----a-r- c:\windows\system32\hpinkstsa011.dll
    2012-07-11 21:53:48 270696 ----a-r- c:\windows\system32\hpinkstsa011LM.dll
    2012-07-11 21:53:48 216424 ----a-r- c:\windows\system32\hpinkcoia011.dll
    2012-07-11 21:45:14 1929576 ----a-r- c:\windows\system32\HPScanTRDrv_DJ3050A_J611.dll
    2012-07-11 21:45:13 488296 ----a-r- c:\windows\system32\HPWia1_DJ3050A_J611.dll
    2012-07-11 19:59:06 135168 ----a-w- c:\windows\system32\igfxres.dll
    2012-07-11 19:44:03 -------- d-----w- c:\windows\system32\vmm32
    .
    ==================== Find3M ====================
    .
    2012-09-19 16:59:24 2241 ----a-w- c:\windows\panose.bin
    2012-08-16 20:32:11 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-08-16 20:32:11 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys
    2012-06-04 23:35:26 222448 ----a-w- c:\windows\system32\muweb.dll
    2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll
    2012-06-02 21:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
    2012-06-02 21:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
    2012-06-02 21:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
    2012-06-02 21:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
    2012-06-02 21:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
    2012-06-02 21:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
    2012-06-02 21:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
    2012-06-01 15:55:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
    2012-05-15 15:39:54 832512 ----a-w- c:\windows\system32\wininet.dll
    2012-05-04 13:12:30 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-05-04 12:32:19 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-05-02 13:46:36 139656 ------w- c:\windows\system32\drivers\rdpwd.sys
    2012-04-23 14:46:47 78336 ----a-w- c:\windows\system32\ieencode.dll
    2012-04-23 14:46:47 1830912 ------w- c:\windows\system32\inetcpl.cpl
    2012-04-23 14:46:47 17408 ----a-w- c:\windows\system32\corpol.dll
    .
    ============= FINISH: 16:54:24.37 ===============
    Malwarebytes Anti-Malware 1.65.0.1400
    www.malwarebytes.org

    Database version: v2012.09.07.13
    Windows XP Service Pack 3 x86 NTFS
    Internet Explorer 7.0.5730.13
    Front Desk User :: D8T63P91 [administrator]

    9/26/2012 3:22:12 PM
    mbam-log-2012-09-26 (15-22-12).txt

    Scan type: Full scan (C:\|D:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 281718
    Time elapsed: 1 hour(s), 27 minute(s), 21 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume2
    Install Date: 4/13/2006 4:26:41 PM
    System Uptime: 7/13/2012 11:48:35 AM (5 hours ago)
    .
    Motherboard: Dell Computer Corp. | | 0WF887
    Processor: Intel(R) Celeron(R) CPU 2.53GHz | Microprocessor | 2527/533mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 71 GiB total, 30.696 GiB free.
    D: is CDROM (CDFS)
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP2258: 9/12/2012 11:07:51 AM - System Checkpoint
    RP2259: 9/13/2012 11:58:39 AM - System Checkpoint
    RP2260: 9/14/2012 12:58:40 PM - System Checkpoint
    RP2261: 9/15/2012 1:58:40 PM - System Checkpoint
    RP2262: 9/16/2012 2:58:40 PM - System Checkpoint
    RP2263: 9/17/2012 2:59:45 PM - System Checkpoint
    RP2264: 9/18/2012 3:58:41 PM - System Checkpoint
    RP2265: 9/19/2012 4:59:47 PM - System Checkpoint
    RP2266: 9/20/2012 5:59:47 PM - System Checkpoint
    RP2267: 9/21/2012 6:58:42 PM - System Checkpoint
    RP2268: 9/22/2012 7:58:41 PM - System Checkpoint
    RP2269: 9/23/2012 8:58:42 PM - System Checkpoint
    RP2270: 9/24/2012 9:36:58 PM - System Checkpoint
    RP2271: 9/25/2012 10:36:59 PM - System Checkpoint
    RP2272: 9/26/2012 12:17:05 PM - Removed Google Drive
    RP2273: 9/27/2012 1:08:31 PM - System Checkpoint
    RP2274: 10/4/2012 9:05:22 AM - System Checkpoint
    RP2275: 10/5/2012 9:51:37 AM - System Checkpoint
    RP2276: 10/6/2012 10:40:13 AM - System Checkpoint
    RP2277: 10/7/2012 11:40:14 AM - System Checkpoint
    RP2278: 10/8/2012 10:38:05 AM - Restore Operation
    RP2279: 7/8/2012 12:05:35 PM - System Checkpoint
    RP2280: 7/9/2012 12:52:38 PM - System Checkpoint
    RP2281: 7/10/2012 1:45:54 PM - System Checkpoint
    RP2282: 7/11/2012 1:44:00 PM - Installed Dell Resource CD
    RP2283: 7/11/2012 1:59:53 PM - Installed Dell System Software
    RP2284: 7/11/2012 2:00:07 PM - Installed Desktop System Software
    RP2285: 7/11/2012 4:57:18 PM - Installed Microsoft Fix it 50528
    RP2286: 7/12/2012 5:23:23 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    32 Bit HP CIO Components Installer
    Adobe Flash Player 11 ActiveX
    Adobe Illustrator CS
    Adobe PageMaker 6.5
    Adobe Photoshop 7.0
    Adobe Reader X (10.1.4)
    Adobe SVG Viewer 3.0
    AIO_Scan
    AOLIcon
    Apple Application Support
    Apple Software Update
    ArtRage 2
    Banctec Service Agreement
    BufferChm
    CCleaner
    ClamWin Free Antivirus 0.97
    Conexant D850 PCI V.92 Modem
    Copy
    Corel Paint Shop Pro X
    CustomerResearchQFolder
    Dell CinePlayer
    Dell Digital Jukebox Driver
    Dell Driver Reset Tool
    Dell Network Assistant
    Dell Resource CD
    Dell System Restore
    DellSupport
    Destinations
    DeviceManagementQFolder
    Digital Content Portal
    Digital Line Detect
    DJ_AIO_ProductContext
    DJ_AIO_Software
    DJ_AIO_Software_min
    EarthLink setup files
    EducateU
    ELIcon
    eSupportQFolder
    F2100
    F2100_Help
    FOX News Live Stream
    Free File Opener v2011.6.0.4
    Free Window Registry Repair
    Google Update Helper
    HijackThis 2.0.2
    HitmanPro 3.6
    Hotfix for Windows XP (KB2633952)
    HP Customer Participation Program 8.0
    HP Deskjet All-In-One Software 8.0
    HP Imaging Device Functions 8.0
    HP Photosmart Essential
    HP Product Assistant
    HP Smart Web Printing 4.60
    HP Solution Center 8.0
    HP Update
    HPProductAssistant
    HPSSupply
    Info Center 1.0.0.7
    InstallIQ Updater
    Intel(R) Extreme Graphics 2 Driver
    Intel(R) PRO Network Adapters and Drivers
    Intel(R) PROSet for Wired Connections
    InVision 3.0
    Java Auto Updater
    Java(TM) 6 Update 29
    Learn2 Player (Uninstall Only)
    Malwarebytes Anti-Malware version 1.65.0.1400
    MapSource
    MarketResearch
    MCU
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB2656353)
    Microsoft .NET Framework 1.1 Security Update (KB2656370)
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft Office 2000 Disc 2
    Microsoft Office 2000 Professional
    Microsoft Plus! Digital Media Edition Installer
    Microsoft Plus! Photo Story 2 LE
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Modem Helper
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Musicmatch® Jukebox
    Nero Suite
    NetWaiting
    Norton Internet Security
    OverDrive Media Console
    PC Matic 1.1.0.44
    QuickBooks Premier: Retail Edition 2004
    QuickTime
    QuickTime for Windows (32-bit)
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealPlayer
    RealUpgrade 1.1
    Roxio DLA
    Roxio RecordNow Audio
    Roxio RecordNow Copy
    Roxio RecordNow Data
    Scan
    Search Assist
    Security Update for CAPICOM (KB931906)
    Security Update for Microsoft Windows (KB2564958)
    Security Update for Windows Internet Explorer 7 (KB2586448)
    Security Update for Windows Internet Explorer 7 (KB2618444)
    Security Update for Windows Internet Explorer 7 (KB2647516)
    Security Update for Windows Internet Explorer 7 (KB2675157)
    Security Update for Windows Internet Explorer 7 (KB2699988)
    Security Update for Windows Media Player (KB911564)
    Security Update for Windows XP (KB2544893-v2)
    Security Update for Windows XP (KB2567053)
    Security Update for Windows XP (KB2584146)
    Security Update for Windows XP (KB2585542)
    Security Update for Windows XP (KB2592799)
    Security Update for Windows XP (KB2598479)
    Security Update for Windows XP (KB2603381)
    Security Update for Windows XP (KB2618451)
    Security Update for Windows XP (KB2619339)
    Security Update for Windows XP (KB2620712)
    Security Update for Windows XP (KB2621440)
    Security Update for Windows XP (KB2624667)
    Security Update for Windows XP (KB2631813)
    Security Update for Windows XP (KB2633171)
    Security Update for Windows XP (KB2639417)
    Security Update for Windows XP (KB2641653)
    Security Update for Windows XP (KB2646524)
    Security Update for Windows XP (KB2647518)
    Security Update for Windows XP (KB2653956)
    Security Update for Windows XP (KB2655992)
    Security Update for Windows XP (KB2659262)
    Security Update for Windows XP (KB2660465)
    Security Update for Windows XP (KB2661637)
    Security Update for Windows XP (KB2676562)
    Security Update for Windows XP (KB2685939)
    Security Update for Windows XP (KB2686509)
    Security Update for Windows XP (KB2691442)
    Security Update for Windows XP (KB2695962)
    Security Update for Windows XP (KB2698365)
    Security Update for Windows XP (KB2707511)
    Security Update for Windows XP (KB2709162)
    Security Update for Windows XP (KB2718523)
    SmartWebPrinting
    SolutionCenter
    Sonic Activation Module
    Sonic Update Manager
    Status
    System Requirements Lab for Intel
    Terragen
    Terragen 2 Technology Preview
    Toolbox
    TrayApp
    UnloadSupport
    Update for Windows XP (KB2641690)
    Update for Windows XP (KB2718704)
    URL Assistant
    Viewpoint Media Player
    WebCyberCoach 3.2 Dell
    WebFldrs XP
    WebReg
    WildTangent Web Driver
    Windows Driver Package - Conexant (winachsf) Modem (07/03/2007 7.67.00.50)
    Windows Genuine Advantage Notifications (KB905474)
    Windows Genuine Advantage Validation Tool (KB892130)
    Windows Installer 3.1 (KB893803)
    Windows Internet Explorer 7
    Windows Media Format 11 runtime
    Windows Media Player 10
    Windows Media Player 11
    Windows XP Service Pack 3
    Xerox Phaser 860
    ZoneAlarm Free Antivirus + Firewall
    .
    ==== Event Viewer Messages From Past Week ========
    .
    9/26/2012 12:17:20 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
    7/12/2012 5:30:13 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NIS service.
    7/12/2012 11:12:23 AM, error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
    7/12/2012 11:11:50 AM, error: atapi [9] - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
    7/11/2012 2:04:45 PM, error: NtServicePack [4375] - Windows XP Service Pack 3 uninstall failed.
    The system cannot find the file specified.
    10/8/2012 11:10:03 AM, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period.
    10/8/2012 10:22:38 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
    10/8/2012 10:13:31 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: BHDrvx86 ccSet_NIS eeCtrl Fips intelppm SRTSPX SymIRON SYMTDI
    10/8/2012 10:12:25 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    10/4/2012 8:37:51 AM, error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
    .
    ==== End Of File ===========================
  2. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Hello, and welcome to TechSpot.


    [​IMG] Please see here for the board rules and other FAQ.

    Please feel free to introduce yourself, after you follow the steps below to get started.

    Information
    • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by a malware removal helper.
    • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
    • If you have already asked for help somewhere, please post the link to the topic you were helped.
    • We try our best to reply quickly, but for any reason we do not reply in two days, please reply to this topic with the word BUMP!
    • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close, and your computer is declared clean.

    ComboFix scan

    Please download ComboFix[​IMG] by sUBs
    From BleepingComputer.com

    Please save the file to your Desktop.

    Important information about ComboFix


    After the download:
    • Close any open browsers.
    • Very Important: Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results". Please visit here if you don't know how.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until ComboFix has completely finished.
    • If there is no Internet connection after running ComboFix, then restart your computer to restore back your connection.
    Running ComboFix:
    • Double click on ComboFix.exe & follow the prompts.
    • When ComboFix finishes, it will produce a report for you.
    • Please post the report, which will launch or be found at "C:\Combo-Fix.txt" in your next reply.
    Troubleshooting ComboFix

    Safe Mode:

    If you still cannot get ComboFix to run, try booting into Safe Mode, and run it there.

    (To boot into Safe Mode, tap F8 after BIOS, and just before the Windows
    logo appears. A list of options will appear, select "Safe Mode.")

    Re-downloading:

    If this doesn't work either, try the same method (above method), but try to download it again, except name
    ComboFix.exe to iexplore.exe, explorer.exe, or winlogon.exe.

    Malware is known for blocking all "user" processes, except for its whitelist of system important processes such as iexplore.exe, explorer.exe, winlogon.exe.

    NOTE: If you encounter a message "illegal operation attempted on registry key that has been marked for deletion" and no programs will run - please just reboot and that will resolve that error.
  3. MontanaGallery

    MontanaGallery Newcomer, in training Topic Starter Posts: 16

    ComboFix 12-10-16.02 - Front Desk User 07/16/2012 16:56:53.1.1 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.719 [GMT -6:00]
    Running from: c:\documents and settings\Front Desk User\Desktop\ComboFix.exe
    AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton Internet Security *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\documents and settings\All Users\Application Data\TEMP
    c:\documents and settings\Front Desk User\Application Data\.#
    c:\documents and settings\Front Desk User\Application Data\.#\MBX@E54@3F3F70.###
    c:\documents and settings\Front Desk User\Application Data\.#\MBX@E54@3F3FA0.###
    c:\documents and settings\Front Desk User\Application Data\Kaix
    c:\documents and settings\Front Desk User\Application Data\Kaix\yvygi.neg
    c:\documents and settings\Front Desk User\Application Data\PriceGong
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\1.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\a.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\b.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\c.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\d.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\e.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\f.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\g.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\h.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\I.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\J.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\k.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\l.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\m.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\mru.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\n.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\o.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\p.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\q.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\r.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\s.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\t.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\u.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\v.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\w.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\x.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\y.xml
    c:\documents and settings\Front Desk User\Application Data\PriceGong\Data\z.xml
    c:\documents and settings\Front Desk User\WINDOWS
    C:\Images
    c:\windows\system32\SET1D.tmp
    c:\windows\system32\SET20.tmp
    c:\windows\system32\SET23.tmp
    c:\windows\system32\SET26.tmp
    c:\windows\system32\SET35.tmp
    c:\windows\system32\SET38.tmp
    c:\windows\system32\SET3E.tmp
    c:\windows\system32\SET50.tmp
    c:\windows\system32\SET54.tmp
    c:\windows\system32\SET57.tmp
    c:\windows\system32\SET5A.tmp
    c:\windows\system32\SET5C.tmp
    c:\windows\system32\URTTemp
    c:\windows\system32\URTTemp\fusion.dll
    c:\windows\system32\URTTemp\mscoree.dll
    c:\windows\system32\URTTemp\mscoree.dll.local
    c:\windows\system32\URTTemp\mscorsn.dll
    c:\windows\system32\URTTemp\mscorwks.dll
    c:\windows\system32\URTTemp\msvcr71.dll
    c:\windows\system32\URTTemp\regtlib.exe
    c:\windows\wt
    c:\windows\wt\data.wts
    c:\windows\wt\updater\wt.ini
    c:\windows\wt\webdriver.dll
    c:\windows\wt\webdriver\4.1.1\actorobject.dll
    c:\windows\wt\webdriver\4.1.1\dx5drv.dll
    c:\windows\wt\webdriver\4.1.1\dx7drv.dll
    c:\windows\wt\webdriver\4.1.1\objectbundle.dll
    c:\windows\wt\webdriver\4.1.1\sound.dll
    c:\windows\wt\webdriver\4.1.1\wdcaps.ded
    c:\windows\wt\webdriver\4.1.1\wdengine.dll
    c:\windows\wt\webdriver\4.1.1\webdriver.dll
    c:\windows\wt\webdriver\4.1.1\wthost.exe
    c:\windows\wt\webdriver\4.1.1\wthostctl.dll
    c:\windows\wt\webdriver\4.1.1\wtmulti.dll
    c:\windows\wt\webdriver\4.1.1\wtmulti.jar
    c:\windows\wt\webdriver\4.1.1\wtwmplug.ax
    c:\windows\wt\webdriver\4.1.1\wtwmplug.ini
    c:\windows\wt\webdriver\jdriver.dll
    c:\windows\wt\webdriver\rdriver.dll
    c:\windows\wt\webdriver\wildtangent.jar
    c:\windows\wt\wt3d.dll
    c:\windows\wt\wt3d.ini
    c:\windows\wt\wtupdates\DRM\3.2.0.19\files\controlpanel\index.html
    c:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302.dll
    c:\windows\wt\wtupdates\DRM\3.2.0.19\files\DRM0302Java.jar
    c:\windows\wt\wtupdates\DRM\3.2.0.19\files\jDRM0302.dll
    c:\windows\wt\wtupdates\DRM\3.2.0.19\files\rDRM0302.dll
    c:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302.cdanfo
    c:\windows\wt\wtupdates\DRM\3.2.0.19\install\DRM0302_Uninstall.cdas
    c:\windows\wt\wtupdates\webd\4.1.1\files\actorobject.dll
    c:\windows\wt\wtupdates\webd\4.1.1\files\controlpanel\index.html
    c:\windows\wt\wtupdates\webd\4.1.1\files\dx5drv.dll
    c:\windows\wt\wtupdates\webd\4.1.1\files\dx7drv.dll
    c:\windows\wt\wtupdates\webd\4.1.1\files\jdriver.dll
    c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\data.wts
    c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\webdriver.dll
    c:\windows\wt\wtupdates\webd\4.1.1\files\legacy\wt3d.dll
    c:\windows\wt\wtupdates\webd\4.1.1\files\npWTHost.dll
    c:\windows\wt\wtupdates\webd\4.1.1\files\nsIWTHostPlugin.xpt
    c:\windows\wt\wtupdates\webd\4.1.1\files\ObjectBundle.dll
    c:\windows\wt\wtupdates\webd\4.1.1\files\rdriver.dll
    c:\windows\wt\wtupdates\webd\4.1.1\files\Sound.dll
    c:\windows\wt\wtupdates\webd\4.1.1\files\update_info\data.wts
    c:\windows\wt\wtupdates\webd\4.1.1\files\wdcaps.ded
    c:\windows\wt\wtupdates\webd\4.1.1\files\wdengine.dll
    c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331.cdanfo
    c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_fileList.cdas
    c:\windows\wt\wtupdates\webd\4.1.1\files\Webd331_Uninstall.cdas
    c:\windows\wt\wtupdates\webd\4.1.1\files\webdriver.dll
    c:\windows\wt\wtupdates\webd\4.1.1\files\wildtangent.jar
    c:\windows\wt\wtupdates\webd\4.1.1\files\wt3d.ini
    c:\windows\wt\wtupdates\webd\4.1.1\files\WTHost.exe
    c:\windows\wt\wtupdates\webd\4.1.1\files\WTHostCtl.dll
    c:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.dll
    c:\windows\wt\wtupdates\webd\4.1.1\files\wtmulti.jar
    c:\windows\wt\wtupdates\webd\4.1.1\files\wtvh.dll
    c:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.ax
    c:\windows\wt\wtupdates\webd\4.1.1\files\wtwmplug.ini
    c:\windows\wt\wtupdates\webd\4.1.1\install\Webd4_1_1.cdanfo
    c:\windows\wt\wtupdates\webd\4.1.1\install\Webd4_1_1_Uninstall.cdas
    c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\controlpanel\index.html
    c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl.cdanfo
    c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\install\WireControl_Uninstall.cdas
    c:\windows\wt\wtupdates\WireControl\1.0.0.63\files\WireControl.dll
    c:\windows\wt\wtupdates\wtupdater\appinfo.dat
    c:\windows\wt\wtupdates\wtwebdriver\update_info\data.wts
    c:\windows\wt\wtvh.dll
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-06-16 to 2012-07-16 )))))))))))))))))))))))))))))))
    .
    .
    2012-10-08 17:07 . 2005-04-06 01:22 143360 ----a-w- c:\windows\system32\igfxpph.dll
    2012-10-08 17:07 . 2005-04-05 20:19 155648 ----a-w- c:\windows\system32\igfxsrvc.exe
    2012-10-08 17:07 . 2005-04-06 01:19 57344 ----a-w- c:\windows\system32\igfxsrvc.dll
    2012-10-08 17:07 . 2005-04-06 01:18 73728 ----a-w- c:\windows\system32\hccutils.dll
    2012-10-08 17:07 . 2005-04-06 01:45 876666 ----a-w- c:\windows\system32\ialmdd5.dll
    2012-10-08 17:07 . 2005-04-06 01:38 194298 ----a-w- c:\windows\system32\ialmdev5.dll
    2012-10-08 17:07 . 2005-04-06 01:38 110203 ----a-w- c:\windows\system32\ialmdnt5.dll
    2012-10-08 17:07 . 2005-04-06 01:38 38014 ----a-w- c:\windows\system32\ialmrnt5.dll
    2012-10-08 17:07 . 2005-04-05 20:46 830684 ----a-w- c:\windows\system32\drivers\ialmnt5.sys
    2012-09-26 20:14 . 2012-09-26 20:14 -------- d-----w- c:\documents and settings\Front Desk User\Application Data\FinalMediaPlayer
    2012-08-14 14:34 . 2012-08-14 14:34 -------- d-----w- c:\program files\SystemRequirementsLab
    2012-08-03 18:35 . 2012-08-11 22:36 -------- d-----w- c:\program files\Free Window Registry Repair
    2012-07-30 17:18 . 2012-07-30 17:18 -------- d-----w- c:\documents and settings\Administrator
    2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
    2012-07-21 23:30 . 2012-07-21 23:30 -------- d-----w- c:\program files\Windows Sidebar
    2012-07-21 23:13 . 2012-07-21 23:13 -------- d-----w- c:\program files\HitmanPro
    2012-07-21 23:12 . 2012-07-21 23:26 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro
    2012-07-21 22:10 . 2012-07-21 22:10 -------- d-----w- c:\documents and settings\Front Desk User\Application Data\Malwarebytes
    2012-07-21 22:09 . 2012-07-21 22:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2012-07-21 19:55 . 2012-07-11 22:11 -------- d-----w- c:\documents and settings\All Users\Application Data\6F63A59FF10D56B7157AAD037B07D329
    2012-07-21 19:54 . 2012-07-21 23:25 -------- d-----w- c:\documents and settings\Front Desk User\Application Data\Fydu
    2012-07-15 17:59 . 2012-01-31 12:44 237072 ------w- c:\windows\system32\MpSigStub.exe
    2012-07-13 17:43 . 2012-07-13 17:43 -------- d-----w- c:\documents and settings\Front Desk User\Local Settings\Application Data\Avg2013
    2012-07-13 17:43 . 2012-07-13 17:43 -------- d-----w- c:\documents and settings\Front Desk User\Local Settings\Application Data\MFAData
    2012-07-12 17:07 . 2012-09-07 23:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-07-12 17:07 . 2012-07-13 17:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-07-11 23:14 . 2012-07-11 23:14 -------- d-----w- c:\program files\Trend Micro
    2012-07-11 22:57 . 2012-07-16 22:55 -------- d-----w- c:\windows\system32\CatRoot2
    2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\wbem\snmp\smimsgif.dll
    2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\wbem\snmp\smierrsy.dll
    2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\dllcache\smimsgif.dll
    2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\dllcache\smierrsy.dll
    2012-07-11 22:10 . 2004-08-04 11:00 15872 ----a-w- c:\windows\system32\wbem\snmp\smierrsm.dll
    2012-07-11 22:10 . 2004-08-04 11:00 15872 ----a-w- c:\windows\system32\dllcache\smierrsm.dll
    2012-07-11 22:10 . 2004-08-04 11:00 10240 ----a-w- c:\windows\system32\wbem\snmpstup.dll
    2012-07-11 22:10 . 2004-08-04 11:00 10240 ----a-w- c:\windows\system32\dllcache\snmpstup.dll
    2012-07-11 22:00 . 2012-07-11 22:00 -------- d-----w- c:\program files\CheckPoint
    2012-07-11 22:00 . 2012-07-11 22:00 -------- d-----w- c:\documents and settings\All Users\Application Data\CheckPoint
    2012-07-11 21:53 . 2011-06-08 21:57 429928 ----a-r- c:\windows\system32\hpinkstsa011.dll
    2012-07-11 21:53 . 2011-06-08 21:57 270696 ----a-r- c:\windows\system32\hpinkstsa011LM.dll
    2012-07-11 21:53 . 2011-06-08 21:57 216424 ----a-r- c:\windows\system32\hpinkcoia011.dll
    2012-07-11 21:45 . 2011-06-08 21:57 1929576 ----a-r- c:\windows\system32\HPScanTRDrv_DJ3050A_J611.dll
    2012-07-11 21:45 . 2011-06-08 21:57 488296 ----a-r- c:\windows\system32\HPWia1_DJ3050A_J611.dll
    2012-07-11 19:59 . 2005-04-05 20:18 135168 ----a-w- c:\windows\system32\igfxres.dll
    2012-07-11 19:44 . 2012-07-11 19:44 -------- d-----w- c:\windows\system32\vmm32
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-08-16 20:32 . 2012-04-29 22:17 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-08-16 20:32 . 2011-05-20 19:05 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-06-13 13:19 . 2004-08-10 18:51 1866112 ----a-w- c:\windows\system32\win32k.sys
    2012-06-04 23:35 . 2004-08-10 19:02 210968 ----a-w- c:\windows\system32\wuweb.dll
    2012-06-04 23:35 . 2005-05-26 10:19 222448 ----a-w- c:\windows\system32\muweb.dll
    2012-06-04 04:32 . 2004-08-10 18:51 152576 ----a-w- c:\windows\system32\schannel.dll
    2012-06-02 21:19 . 2007-05-16 02:24 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
    2012-06-02 21:19 . 2007-05-16 02:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
    2012-06-02 21:19 . 2004-08-10 19:02 329240 ----a-w- c:\windows\system32\wucltui.dll
    2012-06-02 21:19 . 2004-08-10 19:02 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
    2012-06-02 21:19 . 2007-05-16 02:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
    2012-06-02 21:19 . 2005-05-26 09:16 45080 ----a-w- c:\windows\system32\wups2.dll
    2012-06-02 21:19 . 2004-08-10 19:02 53784 ----a-w- c:\windows\system32\wuauclt.exe
    2012-06-02 21:19 . 2004-08-10 19:02 35864 ----a-w- c:\windows\system32\wups.dll
    2012-06-02 21:19 . 2004-08-10 18:50 97304 ----a-w- c:\windows\system32\cdm.dll
    2012-06-02 21:19 . 2007-05-16 02:24 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
    2012-06-02 21:19 . 2004-08-10 19:02 577048 ----a-w- c:\windows\system32\wuapi.dll
    2012-06-02 21:19 . 2004-08-10 19:02 1933848 ----a-w- c:\windows\system32\wuaueng.dll
    2012-06-02 21:18 . 2007-05-16 21:01 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
    2012-06-02 21:18 . 2007-05-04 17:59 275696 ----a-w- c:\windows\system32\mucltui.dll
    2012-06-01 15:55 . 2003-02-21 10:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2012-05-31 13:22 . 2004-08-10 18:50 599040 ----a-w- c:\windows\system32\crypt32.dll
    2012-05-15 15:39 . 2004-08-10 18:51 832512 ----a-w- c:\windows\system32\wininet.dll
    2012-05-04 13:12 . 2004-08-10 18:51 2192640 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-05-04 12:32 . 2004-08-04 04:59 2069120 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-05-02 13:46 . 2004-08-10 19:01 139656 ------w- c:\windows\system32\drivers\rdpwd.sys
    2012-04-23 14:46 . 2008-09-18 15:54 78336 ----a-w- c:\windows\system32\ieencode.dll
    2012-04-23 14:46 . 2004-08-10 18:51 1830912 ------w- c:\windows\system32\inetcpl.cpl
    2012-04-23 14:46 . 2004-08-10 18:50 17408 ----a-w- c:\windows\system32\corpol.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "InstallIQUpdater"="c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe" [2011-08-09 1176064]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ClamWin"="c:\program files\ClamWin\bin\ClamTray.exe" [2011-02-16 86016]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
    "Info Center"="c:\program files\PCPitstop\Info Center\InfoCenter.exe" [2011-09-26 24216]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
    "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-06-01 296056]
    "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
    "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824]
    "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688]
    .
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-9-28 110592]
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
    QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2006-4-13 724992]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "NoDevMgrUpdate"= 0 (0x0)
    "NoDFSTab"= 0 (0x0)
    "NoEncryptOnMove"= 0 (0x0)
    "NoResolveTrack"= 0 (0x0)
    "NoStartMenuSubFolders"= 0 (0x0)
    .
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDevMgrUpdate"= 0 (0x0)
    "NoDFSTab"= 0 (0x0)
    "NoEncryptOnMove"= 0 (0x0)
    "NoResolveTrack"= 0 (0x0)
    "NoStartMenuSubFolders"= 0 (0x0)
    .
    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "DisableLocalMachineRun"= 0 (0x0)
    "DisableLocalMachineRunOnce"= 0 (0x0)
    "DisableCurrentUserRun"= 0 (0x0)
    "DisableCurrentUserRunOnce"= 0 (0x0)
    "NoFile"= 0 (0x0)
    "HideClock"= 0 (0x0)
    "NoDevMgrUpdate"= 0 (0x0)
    "NoDFSTab"= 0 (0x0)
    "NoEncryptOnMove"= 0 (0x0)
    "NoResolveTrack"= 0 (0x0)
    "NoStartMenuSubFolders"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
    @=""
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Dell Network Assistant.lnk]
    backup=c:\windows\pss\Dell Network Assistant.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
    backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
    backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
    2007-03-15 17:09 460784 -c--a-w- c:\program files\DellSupport\DSAgnt.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
    2005-09-08 11:20 122940 -c----w- c:\windows\system32\DLA\DLACTRLW.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
    2005-10-05 09:12 94208 -c--a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
    2006-12-11 04:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
    2005-04-06 01:19 77824 ----a-w- c:\windows\system32\hkcmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
    2005-04-06 01:23 114688 ----a-w- c:\windows\system32\igfxpers.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
    2005-04-05 20:22 94208 ----a-w- c:\windows\system32\igfxtray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
    2005-06-10 16:44 249856 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
    2005-06-10 16:44 81920 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
    2005-09-09 01:20 8192 -c--a-w- c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
    2005-07-13 01:05 1117184 -c--a-w- c:\program files\McAfee\SpamKiller\MSKDetct.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    2008-04-14 00:12 1695232 --sh--w- c:\program files\Messenger\msmsgs.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    2001-07-09 16:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2011-10-24 21:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
    2012-06-01 15:55 499312 ----a-w- c:\program files\real\realplayer\realplay.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
    2004-10-15 01:42 1404928 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    .
    R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe [7/21/2012 5:13 PM 105832]
    S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/19/2009 12:42 PM 135664]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/29/2012 4:17 PM 250056]
    S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [6/2/2011 11:08 AM 11336]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12/19/2009 12:42 PM 135664]
    S3 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [1/4/2012 5:35 PM 91816]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 20:32]
    .
    2012-07-14 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]
    .
    2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 18:42]
    .
    2012-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 18:42]
    .
    2012-07-16 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-4269576598-3801111797-561348648-1006.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-05-01 00:21]
    .
    2012-07-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-4269576598-3801111797-561348648-1006.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-05-01 00:21]
    .
    .
    ------- Supplementary Scan -------
    .
    uStart Page = hxxp://www.google.com/
    TCP: DhcpNameServer = 69.145.248.4 69.146.17.2 69.144.49.29
    .
    .
    ------- File Associations -------
    .
    JSEFile="%SystemRoot%\System32\WScript.exe" "%1" %*
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
    AddRemove-HijackThis - c:\program files\Trend Micro\HijackThis\HijackThis.exe
    AddRemove-WebCyberCoach_wtrb - c:\program files\WebCyberCoach\b_Dell\WCC_Wipe.exe WebCyberCoach ext\wtrb
    .
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-07-16 17:12
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'explorer.exe'(3464)
    c:\windows\system32\WININET.dll
    c:\windows\system32\ieframe.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files\Dell Network Assistant\hnm_svc.exe
    c:\windows\System32\snmp.exe
    c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
    .
    **************************************************************************
    .
    Completion time: 2012-07-16 17:16:57 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-07-16 23:16
    .
    Pre-Run: 32,986,251,264 bytes free
    Post-Run: 33,239,175,168 bytes free
    .
    WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    UnsupportedDebug="do not select this" /debug
    multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
    .
    - - End Of File - - 9AB12AC1FEF500EBE61EC971B6D91570
  4. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    ComboFix Script

    • Close any open browsers.
    • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • Open notepad and copy/paste the text in the codebox below into it:
    • Save this as CFScript.txt, in the same location as ComboFix.exe
      [​IMG]
    • Referring to the picture above, drag CFScript into ComboFix.exe
    • When finished, it shall produce a log for you at C:\ComboFix.txt
    • Please post the contents of the log in your next reply.

    Please download AdwCleaner by Xplode onto your Desktop.
    • Double click on AdwCleaner.exe to run the tool.
    • Click on Delete.
    • A logfile will automatically open after the scan has finished.
    • Please post the content of that logfile in your reply.
    • You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.
  5. MontanaGallery

    MontanaGallery Newcomer, in training Topic Starter Posts: 16

    ComboFix 12-10-17.05 - Front Desk User 07/17/2012 10:47:55.2.1 - x86
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1022.676 [GMT -6:00]
    Running from: c:\documents and settings\Front Desk User\Desktop\ComboFix.exe
    Command switches used :: c:\documents and settings\Front Desk User\Desktop\CFScript.txt
    AV: Norton Internet Security *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8}
    FW: Norton Internet Security *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
    .
    .
    ((((((((((((((((((((((((( Files Created from 2012-06-17 to 2012-07-17 )))))))))))))))))))))))))))))))
    .
    .
    2012-10-08 17:07 . 2005-04-06 01:22 143360 ----a-w- c:\windows\system32\igfxpph.dll
    2012-10-08 17:07 . 2005-04-05 20:19 155648 ----a-w- c:\windows\system32\igfxsrvc.exe
    2012-10-08 17:07 . 2005-04-06 01:19 57344 ----a-w- c:\windows\system32\igfxsrvc.dll
    2012-10-08 17:07 . 2005-04-06 01:18 73728 ----a-w- c:\windows\system32\hccutils.dll
    2012-10-08 17:07 . 2005-04-06 01:45 876666 ----a-w- c:\windows\system32\ialmdd5.dll
    2012-10-08 17:07 . 2005-04-06 01:38 194298 ----a-w- c:\windows\system32\ialmdev5.dll
    2012-10-08 17:07 . 2005-04-06 01:38 110203 ----a-w- c:\windows\system32\ialmdnt5.dll
    2012-10-08 17:07 . 2005-04-06 01:38 38014 ----a-w- c:\windows\system32\ialmrnt5.dll
    2012-10-08 17:07 . 2005-04-05 20:46 830684 ----a-w- c:\windows\system32\drivers\ialmnt5.sys
    2012-09-26 20:14 . 2012-09-26 20:14 -------- d-----w- c:\documents and settings\Front Desk User\Application Data\FinalMediaPlayer
    2012-08-14 14:34 . 2012-08-14 14:34 -------- d-----w- c:\program files\SystemRequirementsLab
    2012-08-03 18:35 . 2012-08-11 22:36 -------- d-----w- c:\program files\Free Window Registry Repair
    2012-07-30 17:18 . 2012-07-30 17:18 -------- d-----w- c:\documents and settings\Administrator
    2012-07-27 20:51 . 2012-07-27 20:51 184248 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
    2012-07-21 23:30 . 2012-07-21 23:30 -------- d-----w- c:\program files\Windows Sidebar
    2012-07-21 23:13 . 2012-07-21 23:13 -------- d-----w- c:\program files\HitmanPro
    2012-07-21 23:12 . 2012-07-21 23:26 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro
    2012-07-21 22:10 . 2012-07-21 22:10 -------- d-----w- c:\documents and settings\Front Desk User\Application Data\Malwarebytes
    2012-07-21 22:09 . 2012-07-21 22:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2012-07-21 19:55 . 2012-07-11 22:11 -------- d-----w- c:\documents and settings\All Users\Application Data\6F63A59FF10D56B7157AAD037B07D329
    2012-07-21 19:54 . 2012-07-21 23:25 -------- d-----w- c:\documents and settings\Front Desk User\Application Data\Fydu
    2012-07-17 09:00 . 2008-04-14 00:11 21504 ----a-w- c:\windows\system32\drivers\hidserv.dll
    2012-07-15 17:59 . 2012-01-31 12:44 237072 ------w- c:\windows\system32\MpSigStub.exe
    2012-07-13 17:43 . 2012-07-13 17:43 -------- d-----w- c:\documents and settings\Front Desk User\Local Settings\Application Data\Avg2013
    2012-07-13 17:43 . 2012-07-13 17:43 -------- d-----w- c:\documents and settings\Front Desk User\Local Settings\Application Data\MFAData
    2012-07-12 17:07 . 2012-09-07 23:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-07-12 17:07 . 2012-07-13 17:50 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-07-11 23:14 . 2012-07-11 23:14 -------- d-----w- c:\program files\Trend Micro
    2012-07-11 22:57 . 2012-07-17 16:45 -------- d-----w- c:\windows\system32\CatRoot2
    2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\wbem\snmp\smimsgif.dll
    2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\wbem\snmp\smierrsy.dll
    2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\dllcache\smimsgif.dll
    2012-07-11 22:10 . 2004-08-04 11:00 5632 ----a-w- c:\windows\system32\dllcache\smierrsy.dll
    2012-07-11 22:10 . 2004-08-04 11:00 15872 ----a-w- c:\windows\system32\wbem\snmp\smierrsm.dll
    2012-07-11 22:10 . 2004-08-04 11:00 15872 ----a-w- c:\windows\system32\dllcache\smierrsm.dll
    2012-07-11 22:10 . 2004-08-04 11:00 10240 ----a-w- c:\windows\system32\wbem\snmpstup.dll
    2012-07-11 22:10 . 2004-08-04 11:00 10240 ----a-w- c:\windows\system32\dllcache\snmpstup.dll
    2012-07-11 22:00 . 2012-07-11 22:00 -------- d-----w- c:\program files\CheckPoint
    2012-07-11 22:00 . 2012-07-11 22:00 -------- d-----w- c:\documents and settings\All Users\Application Data\CheckPoint
    2012-07-11 21:53 . 2011-06-08 21:57 429928 ----a-r- c:\windows\system32\hpinkstsa011.dll
    2012-07-11 21:53 . 2011-06-08 21:57 270696 ----a-r- c:\windows\system32\hpinkstsa011LM.dll
    2012-07-11 21:53 . 2011-06-08 21:57 216424 ----a-r- c:\windows\system32\hpinkcoia011.dll
    2012-07-11 21:45 . 2011-06-08 21:57 1929576 ----a-r- c:\windows\system32\HPScanTRDrv_DJ3050A_J611.dll
    2012-07-11 21:45 . 2011-06-08 21:57 488296 ----a-r- c:\windows\system32\HPWia1_DJ3050A_J611.dll
    2012-07-11 19:59 . 2005-04-05 20:18 135168 ----a-w- c:\windows\system32\igfxres.dll
    2012-07-11 19:44 . 2012-07-11 19:44 -------- d-----w- c:\windows\system32\vmm32
    2012-07-06 13:58 . 2012-07-06 13:58 78336 ------w- c:\windows\system32\dllcache\browser.dll
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-08-27 19:12 . 2004-08-10 18:51 832512 ----a-w- c:\windows\system32\wininet.dll
    2012-08-27 19:12 . 2004-08-10 18:51 1830912 ------w- c:\windows\system32\inetcpl.cpl
    2012-08-27 19:12 . 2008-09-18 15:54 78336 ----a-w- c:\windows\system32\ieencode.dll
    2012-08-27 19:12 . 2004-08-10 18:50 17408 ----a-w- c:\windows\system32\corpol.dll
    2012-08-24 13:53 . 2004-08-10 18:51 177664 ----a-w- c:\windows\system32\wintrust.dll
    2012-08-21 13:29 . 2004-08-10 18:51 2192896 ----a-w- c:\windows\system32\ntoskrnl.exe
    2012-08-21 12:58 . 2004-08-04 04:59 2069632 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-08-16 20:32 . 2012-04-29 22:17 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-08-16 20:32 . 2011-05-20 19:05 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-07-06 13:58 . 2004-08-10 18:50 78336 ----a-w- c:\windows\system32\browser.dll
    2012-07-04 14:05 . 2004-08-10 19:01 139784 ------w- c:\windows\system32\drivers\rdpwd.sys
    2012-07-03 13:40 . 2004-08-10 18:51 1866112 ----a-w- c:\windows\system32\win32k.sys
    2012-06-05 15:50 . 2008-09-04 21:27 1372672 ----a-w- c:\windows\system32\msxml6.dll
    2012-06-05 15:50 . 2004-08-10 18:51 1172480 ----a-w- c:\windows\system32\msxml3.dll
    2012-06-04 23:35 . 2004-08-10 19:02 210968 ----a-w- c:\windows\system32\wuweb.dll
    2012-06-04 23:35 . 2005-05-26 10:19 222448 ----a-w- c:\windows\system32\muweb.dll
    2012-06-04 04:32 . 2004-08-10 18:51 152576 ----a-w- c:\windows\system32\schannel.dll
    2012-06-02 21:19 . 2007-05-16 02:24 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
    2012-06-02 21:19 . 2007-05-16 02:24 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
    2012-06-02 21:19 . 2004-08-10 19:02 329240 ----a-w- c:\windows\system32\wucltui.dll
    2012-06-02 21:19 . 2004-08-10 19:02 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
    2012-06-02 21:19 . 2007-05-16 02:24 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
    2012-06-02 21:19 . 2005-05-26 09:16 45080 ----a-w- c:\windows\system32\wups2.dll
    2012-06-02 21:19 . 2004-08-10 19:02 53784 ----a-w- c:\windows\system32\wuauclt.exe
    2012-06-02 21:19 . 2004-08-10 19:02 35864 ----a-w- c:\windows\system32\wups.dll
    2012-06-02 21:19 . 2004-08-10 18:50 97304 ----a-w- c:\windows\system32\cdm.dll
    2012-06-02 21:19 . 2007-05-16 02:24 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
    2012-06-02 21:19 . 2004-08-10 19:02 577048 ----a-w- c:\windows\system32\wuapi.dll
    2012-06-02 21:19 . 2004-08-10 19:02 1933848 ----a-w- c:\windows\system32\wuaueng.dll
    2012-06-02 21:18 . 2007-05-16 21:01 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
    2012-06-02 21:18 . 2007-05-04 17:59 275696 ----a-w- c:\windows\system32\mucltui.dll
    2012-06-01 16:50 . 2004-08-10 18:50 601088 ----a-w- c:\windows\system32\crypt32.dll
    2012-06-01 15:55 . 2003-02-21 10:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2012-05-14 09:22 . 2004-08-10 18:51 345600 ----a-w- c:\windows\system32\localspl.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "InstallIQUpdater"="c:\program files\W3i\InstallIQUpdater\InstallIQUpdater.exe" [2011-08-09 1176064]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ClamWin"="c:\program files\ClamWin\bin\ClamTray.exe" [2011-02-16 86016]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]
    "Info Center"="c:\program files\PCPitstop\Info Center\InfoCenter.exe" [2011-09-26 24216]
    "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
    "TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-06-01 296056]
    "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
    "igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824]
    "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688]
    "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-06 77824]
    "Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-06 114688]
    .
    c:\documents and settings\All Users\Start Menu\Programs\Startup\
    Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-9-28 110592]
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]
    QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2006-4-13 724992]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "NoDevMgrUpdate"= 0 (0x0)
    "NoDFSTab"= 0 (0x0)
    "NoEncryptOnMove"= 0 (0x0)
    "NoResolveTrack"= 0 (0x0)
    "NoStartMenuSubFolders"= 0 (0x0)
    .
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDevMgrUpdate"= 0 (0x0)
    "NoDFSTab"= 0 (0x0)
    "NoEncryptOnMove"= 0 (0x0)
    "NoResolveTrack"= 0 (0x0)
    "NoStartMenuSubFolders"= 0 (0x0)
    .
    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "DisableLocalMachineRun"= 0 (0x0)
    "DisableLocalMachineRunOnce"= 0 (0x0)
    "DisableCurrentUserRun"= 0 (0x0)
    "DisableCurrentUserRunOnce"= 0 (0x0)
    "NoFile"= 0 (0x0)
    "HideClock"= 0 (0x0)
    "NoDevMgrUpdate"= 0 (0x0)
    "NoDFSTab"= 0 (0x0)
    "NoEncryptOnMove"= 0 (0x0)
    "NoResolveTrack"= 0 (0x0)
    "NoStartMenuSubFolders"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36Crusader]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro36CrusaderBoot]
    @=""
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Dell Network Assistant.lnk]
    backup=c:\windows\pss\Dell Network Assistant.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
    backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
    .
    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
    backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
    2007-03-15 17:09 460784 -c--a-w- c:\program files\DellSupport\DSAgnt.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DLA]
    2005-09-08 11:20 122940 -c----w- c:\windows\system32\DLA\DLACTRLW.EXE
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
    2005-10-05 09:12 94208 -c--a-w- c:\program files\Dell\Media Experience\DMXLauncher.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
    2006-12-11 04:52 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
    2005-04-06 01:19 77824 ----a-w- c:\windows\system32\hkcmd.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
    2005-04-06 01:23 114688 ----a-w- c:\windows\system32\igfxpers.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
    2005-04-05 20:22 94208 ----a-w- c:\windows\system32\igfxtray.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
    2005-06-10 16:44 249856 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
    2005-06-10 16:44 81920 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
    2005-09-09 01:20 8192 -c--a-w- c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSKDetectorExe]
    2005-07-13 01:05 1117184 -c--a-w- c:\program files\McAfee\SpamKiller\MSKDetct.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    2008-04-14 00:12 1695232 --sh--w- c:\program files\Messenger\msmsgs.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    2001-07-09 16:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    2011-10-24 21:28 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
    2012-06-01 15:55 499312 ----a-w- c:\program files\real\realplayer\realplay.exe
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
    2004-10-15 01:42 1404928 ----a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)
    .
    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    .
    R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe [7/21/2012 5:13 PM 105832]
    S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/19/2009 12:42 PM 135664]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/29/2012 4:17 PM 250056]
    S3 cpudrv;cpudrv;c:\program files\SystemRequirementsLab\cpudrv.sys [6/2/2011 11:08 AM 11336]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12/19/2009 12:42 PM 135664]
    S3 PCPitstop Scheduling;PCPitstop Scheduling;c:\program files\PCPitstop\PCPitstopScheduleService.exe [1/4/2012 5:35 PM 91816]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2012-07-17 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 20:32]
    .
    2012-07-14 c:\windows\Tasks\AppleSoftwareUpdate.job
    - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 23:57]
    .
    2012-07-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 18:42]
    .
    2012-10-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-19 18:42]
    .
    2012-07-17 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-4269576598-3801111797-561348648-1006.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-05-01 00:21]
    .
    2012-07-10 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-4269576598-3801111797-561348648-1006.job
    - c:\program files\Real\RealUpgrade\realupgrade.exe [2012-05-01 00:21]
    .
    .
    ------- Supplementary Scan -------
    .
    TCP: DhcpNameServer = 69.145.248.4 69.146.17.2 69.144.49.29
    .
    .
    **************************************************************************
    .
    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2012-07-17 10:57
    Windows 5.1.2600 Service Pack 3 NTFS
    .
    scanning hidden processes ...
    .
    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files: 0
    .
    **************************************************************************
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'explorer.exe'(4020)
    c:\windows\system32\WININET.dll
    c:\windows\system32\ieframe.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    Completion time: 2012-07-17 11:00:44
    ComboFix-quarantined-files.txt 2012-07-17 17:00
    ComboFix2.txt 2012-07-16 23:16
    .
    Pre-Run: 32,959,541,248 bytes free
    Post-Run: 32,949,096,448 bytes free
    .
    - - End Of File - - 5AF5CBD8C2BF40B0DF2CE016FEF05194




    # AdwCleaner v2.005 - Logfile created 07/17/2012 at 11:30:16
    # Updated 14/10/2012 by Xplode
    # Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
    # User : Front Desk User - D8T63P91
    # Boot Mode : Normal
    # Running from : C:\Documents and Settings\Front Desk User\Desktop\adwcleaner.exe
    # Option [Delete]

    ***** [Services] *****

    ***** [Files / Folders] *****
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
    Folder Deleted : C:\Documents and Settings\All Users\Application Data\WeCareReminder
    Folder Deleted : C:\Documents and Settings\Front Desk User\Local Settings\Application Data\Conduit
    Folder Deleted : C:\Program Files\Viewpoint
    ***** [Registry] *****
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKCU\Software\wecarereminder
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
    Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2856415
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
    Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
    Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
    Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
    Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
    Key Deleted : HKLM\Software\Freeze.com
    Key Deleted : HKLM\Software\MetaStream
    Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
    Key Deleted : HKLM\Software\Viewpoint
    ***** [Internet Browsers] *****
    -\\ Internet Explorer v7.0.5730.13
    [OK] Registry is clean.
    *************************
    AdwCleaner[R1].txt - [4079 octets] - [17/07/2012 11:28:31]
    AdwCleaner[S1].txt - [3946 octets] - [17/07/2012 11:30:16]
    ########## EOF - C:\AdwCleaner[S1].txt - [4006 octets] ##########
  6. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Please download the latest version of Kaspersky GetSystemInfo (GSI) from Kaspersky and save it to your Desktop.

    Note: please close all other applications running on your system.

    Double click GetSystemInfo.exe to open it. It will display an agreement. Click on I Agree to continue.

    Click the Settings button.[​IMG]

    [​IMG]

    Set the slider to Maximum.

    [​IMG]

    IMPORTANT! Then, click Customize - choose Driver / Ports tab and uncheck Scan Ports.


    [​IMG]

    On the General tab, make sure all of the boxes are checked.


    [​IMG]

    On the Misc tab, make sure all the checkboxes are checked.

    Then, click OK on the windows that you launched.


    [​IMG]
    Click Create Report to run it.

    [​IMG]
    It will begin scanning.

    It will create a zip folder called GetSystemInfo_XXXXXXXXXXXXXX.zip on your Desktop.

    It should automatically upload it to http://www.getsysteminfo.com. If it does not, then please submit it manually by going to the site and doing the upload process.

    It will redirect to a page, where it will provide a sharing URL for specialists. Copy and paste the url of the GSI Parser report in your next reply.
  7. MontanaGallery

    MontanaGallery Newcomer, in training Topic Starter Posts: 16

  8. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Found the issue with the monitor going blank (unless I'm wrong)...

    Here is the page which says that, the guide for your graphics card: http://www.intel.com/support/graphics/intel865g/sb/CS-009181.htm

    Press the Ctrl+Alt+F12 keys.

    Change the Refresh Rate to 60 Hz:
    [​IMG]

    _OR_

    [​IMG]


    Let me know if this works out. :D
  9. MontanaGallery

    MontanaGallery Newcomer, in training Topic Starter Posts: 16

    Couldnt get there with the Ctrl+Alt+F12 keys so used the control panel and it was at 60 hz
  10. MontanaGallery

    MontanaGallery Newcomer, in training Topic Starter Posts: 16

    Does running Combofix remove malware and make changes to the computer?
  11. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Yes, it does. Why do you ask?
     
  12. MontanaGallery

    MontanaGallery Newcomer, in training Topic Starter Posts: 16

    Unfortunately the problem isnt resolved, the screen is now white and I have to turn it on and off constantly just to see this screen.
  13. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    It may be time to try a new monitor. If you can borrow one, just a trial, that would be good. It would confirm whether your current monitor needs replaced, or not.
  14. MontanaGallery

    MontanaGallery Newcomer, in training Topic Starter Posts: 16

    I have 3 computers and all started going black or white at the exact same time. I borrowed a friends monitor and its the same problem so Im pretty sure its a malware or virus issue
  15. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Or video card.

    Please download and run this video card stress test, let me know results: http://www.freestone-group.com/video-card-stability-test.htm

    TDSSKiller Scan

    Please download and run TDSSKiller to your desktop as outlined below:

    Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    For Windows XP, double-click to start.
    For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

    [​IMG]

    -------------------------

    Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    [​IMG]

    ------------------------

    Click the Start Scan button.

    [​IMG]

    -----------------------

    If a suspicious object is detected, the default action will be Skip, click on Continue
    If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue


    [​IMG]

    ----------------------

    If malicious objects are found, they will show in the Scan results and offer three (3) options.

    Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.


    [​IMG]


    --------------------

    A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.
    Sometimes these logs can be very large, in that case please attach it or zip it up and attach it.

    -------------------

    Here's a summary of what to do if you would like to print it out:

    If a suspicious object is detected, the default action will be Skip, click on Continue
    If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue

    If malicious objects are found, they will show in the Scan results and offer three (3) options.

    Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  16. MontanaGallery

    MontanaGallery Newcomer, in training Topic Starter Posts: 16

    Should I try reinstalling the video drivers?
  17. MontanaGallery

    MontanaGallery Newcomer, in training Topic Starter Posts: 16

    12:48:28.0267 1908 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
    12:48:28.0611 1908 ============================================================
    12:48:28.0611 1908 Current date / time: 2012/10/26 12:48:28.0611
    12:48:28.0611 1908 SystemInfo:
    12:48:28.0611 1908
    12:48:28.0611 1908 OS Version: 5.1.2600 ServicePack: 3.0
    12:48:28.0611 1908 Product type: Workstation
    12:48:28.0611 1908 ComputerName: D8T63P91
    12:48:28.0611 1908 UserName: Front Desk User
    12:48:28.0611 1908 Windows directory: C:\WINDOWS
    12:48:28.0611 1908 System windows directory: C:\WINDOWS
    12:48:28.0611 1908 Processor architecture: Intel x86
    12:48:28.0611 1908 Number of processors: 1
    12:48:28.0611 1908 Page size: 0x1000
    12:48:28.0611 1908 Boot type: Normal boot
    12:48:28.0611 1908 ============================================================
    12:48:31.0690 1908 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
    12:48:31.0721 1908 ============================================================
    12:48:31.0721 1908 \Device\Harddisk0\DR0:
    12:48:31.0721 1908 MBR partitions:
    12:48:31.0721 1908 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xFB04, BlocksNum 0x8EE9870
    12:48:31.0721 1908 ============================================================
    12:48:31.0909 1908 C: <-> \Device\Harddisk0\DR0\Partition1
    12:48:31.0909 1908 ============================================================
    12:48:31.0909 1908 Initialize success
    12:48:31.0909 1908 ============================================================
    12:49:08.0198 1748 ============================================================
    12:49:08.0198 1748 Scan started
    12:49:08.0198 1748 Mode: Manual; SigCheck; TDLFS;
    12:49:08.0198 1748 ============================================================
    12:49:08.0636 1748 ================ Scan system memory ========================
    12:49:08.0651 1748 System memory - ok
    12:49:08.0651 1748 ================ Scan services =============================
    12:49:09.0183 1748 Abiosdsk - ok
    12:49:09.0245 1748 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
    12:49:17.0732 1748 abp480n5 - ok
    12:49:17.0966 1748 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
    12:49:18.0247 1748 ACPI - ok
    12:49:18.0294 1748 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
    12:49:18.0529 1748 ACPIEC - ok
    12:49:18.0732 1748 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    12:49:18.0763 1748 AdobeFlashPlayerUpdateSvc - ok
    12:49:18.0966 1748 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
    12:49:19.0201 1748 adpu160m - ok
    12:49:19.0279 1748 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
    12:49:19.0513 1748 aec - ok
    12:49:19.0623 1748 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
    12:49:19.0701 1748 AFD - ok
    12:49:19.0763 1748 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
    12:49:20.0154 1748 agp440 - ok
    12:49:20.0201 1748 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
    12:49:20.0451 1748 agpCPQ - ok
    12:49:20.0482 1748 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
    12:49:20.0638 1748 Aha154x - ok
    12:49:20.0701 1748 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
    12:49:21.0029 1748 aic78u2 - ok
    12:49:21.0092 1748 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
    12:49:21.0326 1748 aic78xx - ok
    12:49:21.0389 1748 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
    12:49:21.0654 1748 Alerter - ok
    12:49:21.0701 1748 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
    12:49:21.0967 1748 ALG - ok
    12:49:22.0014 1748 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
    12:49:22.0233 1748 AliIde - ok
    12:49:22.0279 1748 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
    12:49:22.0561 1748 alim1541 - ok
    12:49:22.0592 1748 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
    12:49:22.0967 1748 amdagp - ok
    12:49:22.0998 1748 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
    12:49:23.0139 1748 amsint - ok
    12:49:23.0155 1748 AppMgmt - ok
    12:49:23.0202 1748 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
    12:49:23.0436 1748 asc - ok
    12:49:23.0467 1748 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
    12:49:23.0608 1748 asc3350p - ok
    12:49:23.0655 1748 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
    12:49:23.0983 1748 asc3550 - ok
    12:49:24.0139 1748 [ E1A1206A4FB19B675E947B29CCD25FBA ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
    12:49:24.0171 1748 aspnet_state ( UnsignedFile.Multi.Generic ) - warning
    12:49:24.0171 1748 aspnet_state - detected UnsignedFile.Multi.Generic (1)
    12:49:24.0217 1748 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
    12:49:24.0467 1748 AsyncMac - ok
    12:49:24.0546 1748 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
    12:49:24.0749 1748 atapi - ok
    12:49:24.0764 1748 Atdisk - ok
    12:49:24.0952 1748 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
    12:49:25.0202 1748 Atmarpc - ok
    12:49:25.0265 1748 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
    12:49:25.0499 1748 AudioSrv - ok
    12:49:25.0546 1748 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
    12:49:25.0765 1748 audstub - ok
    12:49:28.0375 1748 [ B41F0E54105801538D56623271A0AE49 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
    12:49:30.0609 1748 AVGIDSAgent - ok
    12:49:30.0734 1748 [ 2F47851015D8837976E481F6DAA46A67 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
    12:49:30.0953 1748 AVGIDSDriver - ok
    12:49:31.0047 1748 [ 303BDE0DCDC04CE597C6C1CD06C6F186 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
    12:49:31.0063 1748 AVGIDSHX - ok
    12:49:31.0141 1748 [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
    12:49:31.0172 1748 AVGIDSShim - ok
    12:49:31.0281 1748 [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
    12:49:31.0313 1748 Avgldx86 - ok
    12:49:31.0438 1748 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
    12:49:31.0469 1748 Avglogx - ok
    12:49:31.0532 1748 [ 6DF7236D3A16C8417FF72F2EB2ADD244 ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
    12:49:31.0563 1748 Avgmfx86 - ok
    12:49:31.0594 1748 [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
    12:49:31.0610 1748 Avgrkx86 - ok
    12:49:31.0735 1748 [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
    12:49:31.0766 1748 Avgtdix - ok
    12:49:31.0954 1748 [ 54DA0F700393AF2F1E9CD54A82F0C5A4 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
    12:49:31.0985 1748 avgtp - ok
    12:49:32.0110 1748 [ 0D2EB149AFF89A307E5D82D0A2B78439 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
    12:49:32.0157 1748 avgwd - ok
    12:49:32.0219 1748 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
    12:49:32.0485 1748 Beep - ok
    12:49:32.0688 1748 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
    12:49:33.0126 1748 BITS - ok
    12:49:33.0219 1748 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
    12:49:33.0344 1748 Browser - ok
    12:49:33.0407 1748 [ 2FE6D5BE0629F706197B30C0AA05DE30 ] BrPar C:\WINDOWS\System32\drivers\BrPar.sys
    12:49:33.0438 1748 BrPar ( UnsignedFile.Multi.Generic ) - warning
    12:49:33.0438 1748 BrPar - detected UnsignedFile.Multi.Generic (1)
    12:49:33.0454 1748 bvrp_pci - ok
    12:49:33.0688 1748 catchme - ok
    12:49:33.0735 1748 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
    12:49:34.0095 1748 cbidf - ok
    12:49:34.0110 1748 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
    12:49:34.0313 1748 cbidf2k - ok
    12:49:34.0360 1748 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
    12:49:34.0485 1748 cd20xrnt - ok
    12:49:34.0532 1748 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
    12:49:34.0751 1748 Cdaudio - ok
    12:49:34.0798 1748 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
    12:49:35.0142 1748 Cdfs - ok
    12:49:35.0204 1748 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
    12:49:35.0486 1748 Cdrom - ok
    12:49:35.0501 1748 Changer - ok
    12:49:35.0548 1748 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
    12:49:35.0783 1748 CiSvc - ok
    12:49:35.0970 1748 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
    12:49:36.0204 1748 ClipSrv - ok
    12:49:36.0251 1748 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
    12:49:36.0501 1748 CmdIde - ok
    12:49:36.0501 1748 COMSysApp - ok
    12:49:36.0548 1748 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
    12:49:36.0767 1748 Cpqarray - ok
    12:49:36.0986 1748 [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
    12:49:37.0017 1748 cpudrv - ok
    12:49:37.0095 1748 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
    12:49:37.0314 1748 CryptSvc - ok
    12:49:37.0408 1748 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
    12:49:37.0674 1748 dac2w2k - ok
    12:49:37.0689 1748 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
    12:49:38.0049 1748 dac960nt - ok
    12:49:38.0252 1748 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
    12:49:38.0502 1748 DcomLaunch - ok
    12:49:38.0596 1748 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
    12:49:38.0924 1748 Dhcp - ok
    12:49:39.0002 1748 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
    12:49:39.0205 1748 Disk - ok
    12:49:39.0299 1748 [ E2D0DE31442390C35E3163C87CB6A9EB ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
    12:49:39.0330 1748 DLABOIOM ( UnsignedFile.Multi.Generic ) - warning
    12:49:39.0330 1748 DLABOIOM - detected UnsignedFile.Multi.Generic (1)
    12:49:39.0377 1748 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
    12:49:39.0408 1748 DLACDBHM ( UnsignedFile.Multi.Generic ) - warning
    12:49:39.0408 1748 DLACDBHM - detected UnsignedFile.Multi.Generic (1)
    12:49:39.0440 1748 [ 83545593E297F50A8E2524B4C071A153 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
    12:49:39.0471 1748 DLADResN ( UnsignedFile.Multi.Generic ) - warning
    12:49:39.0471 1748 DLADResN - detected UnsignedFile.Multi.Generic (1)
    12:49:39.0533 1748 [ 96E01D901CDC98C7817155CC057001BF ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
    12:49:39.0611 1748 DLAIFS_M ( UnsignedFile.Multi.Generic ) - warning
    12:49:39.0611 1748 DLAIFS_M - detected UnsignedFile.Multi.Generic (1)
    12:49:39.0643 1748 [ 0A60A39CC5E767980A31CA5D7238DFA9 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
    12:49:39.0674 1748 DLAOPIOM ( UnsignedFile.Multi.Generic ) - warning
    12:49:39.0674 1748 DLAOPIOM - detected UnsignedFile.Multi.Generic (1)
    12:49:39.0705 1748 [ 9FE2B72558FC808357F427FD83314375 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
    12:49:39.0737 1748 DLAPoolM ( UnsignedFile.Multi.Generic ) - warning
    12:49:39.0737 1748 DLAPoolM - detected UnsignedFile.Multi.Generic (1)
    12:49:39.0768 1748 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
    12:49:39.0799 1748 DLARTL_N ( UnsignedFile.Multi.Generic ) - warning
    12:49:39.0799 1748 DLARTL_N - detected UnsignedFile.Multi.Generic (1)
    12:49:40.0018 1748 [ F08E1DAFAC457893399E03430A6A1397 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
    12:49:40.0049 1748 DLAUDFAM ( UnsignedFile.Multi.Generic ) - warning
    12:49:40.0049 1748 DLAUDFAM - detected UnsignedFile.Multi.Generic (1)
    12:49:40.0096 1748 [ E7D105ED1E694449D444A9933DF8E060 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
    12:49:40.0127 1748 DLAUDF_M ( UnsignedFile.Multi.Generic ) - warning
    12:49:40.0127 1748 DLAUDF_M - detected UnsignedFile.Multi.Generic (1)
    12:49:40.0127 1748 dmadmin - ok
    12:49:40.0440 1748 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
    12:49:41.0002 1748 dmboot - ok
    12:49:41.0081 1748 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
    12:49:41.0331 1748 dmio - ok
    12:49:41.0393 1748 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
    12:49:41.0659 1748 dmload - ok
    12:49:41.0721 1748 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
    12:49:42.0081 1748 dmserver - ok
    12:49:42.0128 1748 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
    12:49:42.0362 1748 DMusic - ok
    12:49:42.0425 1748 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
    12:49:42.0565 1748 Dnscache - ok
    12:49:42.0659 1748 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
    12:49:43.0003 1748 Dot3svc - ok
    12:49:43.0050 1748 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
    12:49:43.0300 1748 dpti2o - ok
    12:49:43.0362 1748 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
    12:49:43.0581 1748 drmkaud - ok
    12:49:43.0644 1748 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
    12:49:43.0675 1748 DRVMCDB ( UnsignedFile.Multi.Generic ) - warning
    12:49:43.0675 1748 DRVMCDB - detected UnsignedFile.Multi.Generic (1)
    12:49:43.0706 1748 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
    12:49:43.0737 1748 DRVNDDM ( UnsignedFile.Multi.Generic ) - warning
    12:49:43.0737 1748 DRVNDDM - detected UnsignedFile.Multi.Generic (1)
    12:49:43.0987 1748 [ FE80901578E7E3DA70299A5AEB2B7FBD ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
    12:49:44.0019 1748 DSBrokerService - ok
    12:49:44.0081 1748 [ 413F2D5F9D802688242C23B38F767ECB ] DSproct C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
    12:49:44.0128 1748 DSproct ( UnsignedFile.Multi.Generic ) - warning
    12:49:44.0128 1748 DSproct - detected UnsignedFile.Multi.Generic (1)
    12:49:44.0159 1748 [ DFEABB7CFFFADEA4A912AB95BDC3177A ] dsunidrv C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
    12:49:44.0238 1748 dsunidrv - ok
    12:49:44.0331 1748 [ 7D91DC6342248369F94D6EBA0CF42E99 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
    12:49:44.0409 1748 E100B - ok
    12:49:44.0488 1748 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
    12:49:44.0738 1748 EapHost - ok
    12:49:44.0800 1748 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
    12:49:45.0144 1748 ERSvc - ok
    12:49:45.0238 1748 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
    12:49:45.0347 1748 Eventlog - ok
    12:49:45.0519 1748 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
    12:49:45.0597 1748 EventSystem - ok
    12:49:45.0707 1748 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
    12:49:46.0050 1748 Fastfat - ok
    12:49:46.0144 1748 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
    12:49:46.0254 1748 FastUserSwitchingCompatibility - ok
    12:49:46.0300 1748 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
    12:49:46.0551 1748 Fdc - ok
    12:49:46.0597 1748 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
    12:49:46.0957 1748 Fips - ok
    12:49:46.0988 1748 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
    12:49:47.0223 1748 Flpydisk - ok
    12:49:47.0316 1748 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
    12:49:47.0582 1748 FltMgr - ok
    12:49:47.0613 1748 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
    12:49:47.0957 1748 Fs_Rec - ok
    12:49:48.0067 1748 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
    12:49:48.0285 1748 Ftdisk - ok
    12:49:48.0379 1748 [ 199062D35B8789238A11E9980479336B ] FVNETusb C:\WINDOWS\system32\DRIVERS\vnet58lx.sys
    12:49:48.0473 1748 FVNETusb - ok
    12:49:48.0551 1748 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
    12:49:48.0770 1748 Gpc - ok
    12:49:49.0035 1748 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
    12:49:49.0067 1748 gupdate - ok
    12:49:49.0129 1748 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
    12:49:49.0160 1748 gupdatem - ok
    12:49:49.0286 1748 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
    12:49:49.0520 1748 helpsvc - ok
    12:49:49.0567 1748 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
    12:49:49.0786 1748 HidServ - ok
    12:49:49.0958 1748 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
    12:49:50.0192 1748 HidUsb - ok
    12:49:50.0286 1748 [ 54D9E71DD3F6DF476B99543F88650EDF ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
    12:49:50.0317 1748 HitmanProScheduler - ok
    12:49:50.0395 1748 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
    12:49:50.0645 1748 hkmsvc - ok
    12:49:50.0786 1748 [ 4BDA4856BD308C90CD5A98B6BF294A73 ] hnmsvc C:\Program Files\Dell Network Assistant\hnm_svc.exe
    12:49:50.0927 1748 hnmsvc - ok
    12:49:50.0989 1748 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
    12:49:51.0177 1748 hpn - ok
    12:49:51.0364 1748 [ CC8A7D8A8DC9F357B57796583CF8B85F ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
    12:49:51.0395 1748 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
    12:49:51.0395 1748 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
    12:49:51.0458 1748 [ 4C2CA71CAAFD2CF1A673FC8DBFD219C4 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
    12:49:51.0520 1748 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
    12:49:51.0520 1748 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
    12:49:51.0583 1748 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
    12:49:51.0974 1748 HPZid412 - ok
    12:49:52.0036 1748 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
    12:49:52.0099 1748 HPZipr12 - ok
    12:49:52.0161 1748 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
    12:49:52.0224 1748 HPZius12 - ok
    12:49:52.0380 1748 [ 663B895C3F8464339EACD1D9CF69D661 ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
    12:49:52.0505 1748 HSFHWBS2 - ok
    12:49:53.0005 1748 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
    12:49:53.0333 1748 HSF_DP - ok
    12:49:53.0724 1748 [ 7340B4D13875C413A6229BBA8E4913CA ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
    12:49:54.0162 1748 HSF_DPV - ok
    12:49:54.0334 1748 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
    12:49:54.0427 1748 HTTP - ok
    12:49:54.0474 1748 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
    12:49:54.0724 1748 HTTPFilter - ok
    12:49:54.0771 1748 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
    12:49:55.0115 1748 i2omgmt - ok
    12:49:55.0146 1748 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
    12:49:55.0365 1748 i2omp - ok
    12:49:55.0428 1748 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
    12:49:55.0693 1748 i8042prt - ok
    12:49:56.0146 1748 [ 0294A30B302CA71A2C26E582DDA93486 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
    12:49:56.0506 1748 ialm - ok
    12:49:56.0568 1748 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
    12:49:56.0772 1748 Imapi - ok
    12:49:56.0990 1748 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
    12:49:57.0240 1748 ImapiService - ok
    12:49:57.0287 1748 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
    12:49:57.0600 1748 ini910u - ok
    12:49:57.0647 1748 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
    12:49:57.0991 1748 IntelIde - ok
    12:49:58.0053 1748 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
    12:49:58.0241 1748 intelppm - ok
    12:49:58.0303 1748 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
    12:49:58.0569 1748 Ip6Fw - ok
    12:49:58.0631 1748 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    12:49:58.0835 1748 IpFilterDriver - ok
    12:49:58.0975 1748 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
    12:49:59.0178 1748 IpInIp - ok
    12:49:59.0257 1748 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
    12:49:59.0507 1748 IpNat - ok
    12:49:59.0600 1748 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
    12:49:59.0819 1748 IPSec - ok
    12:49:59.0850 1748 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
    12:50:00.0116 1748 IRENUM - ok
    12:50:00.0163 1748 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
    12:50:00.0382 1748 isapnp - ok
    12:50:00.0663 1748 [ 381B25DC8E958D905B33130D500BBF29 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
    12:50:00.0694 1748 JavaQuickStarterService - ok
    12:50:00.0741 1748 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
    12:50:01.0085 1748 Kbdclass - ok
    12:50:01.0132 1748 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
    12:50:01.0335 1748 kbdhid - ok
    12:50:01.0398 1748 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
    12:50:01.0663 1748 kmixer - ok
    12:50:01.0741 1748 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
    12:50:02.0007 1748 KSecDD - ok
    12:50:02.0070 1748 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
    12:50:02.0163 1748 lanmanserver - ok
    12:50:02.0257 1748 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
    12:50:02.0335 1748 lanmanworkstation - ok
    12:50:02.0351 1748 lbrtfdc - ok
    12:50:02.0413 1748 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
    12:50:02.0664 1748 LmHosts - ok
    12:50:02.0742 1748 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
    12:50:02.0773 1748 MBAMProtector - ok
    12:50:03.0132 1748 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    12:50:03.0242 1748 MBAMScheduler - ok
    12:50:03.0570 1748 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    12:50:03.0789 1748 MBAMService - ok
    12:50:03.0851 1748 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
    12:50:04.0023 1748 mdmxsdk - ok
    12:50:04.0086 1748 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
    12:50:04.0305 1748 Messenger - ok
    12:50:04.0351 1748 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
    12:50:04.0570 1748 mnmdd - ok
    12:50:04.0664 1748 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
    12:50:04.0992 1748 mnmsrvc - ok
    12:50:05.0055 1748 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
    12:50:05.0273 1748 Modem - ok
    12:50:05.0320 1748 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
    12:50:05.0524 1748 MODEMCSA - ok
    12:50:05.0586 1748 [ FE80C18BA448DDD76B7BEAD9EB203D37 ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys
    12:50:05.0695 1748 motmodem - ok
    12:50:05.0727 1748 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
    12:50:06.0055 1748 Mouclass - ok
    12:50:06.0117 1748 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
    12:50:06.0336 1748 mouhid - ok
    12:50:06.0383 1748 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
    12:50:06.0618 1748 MountMgr - ok
    12:50:06.0649 1748 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
    12:50:07.0258 1748 mraid35x - ok
    12:50:07.0336 1748 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
    12:50:07.0602 1748 MRxDAV - ok
    12:50:07.0790 1748 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    12:50:08.0071 1748 MRxSmb - ok
    12:50:08.0149 1748 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
    12:50:08.0352 1748 MSDTC - ok
    12:50:08.0384 1748 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
    12:50:08.0602 1748 Msfs - ok
    12:50:08.0602 1748 MSIServer - ok
    12:50:08.0665 1748 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
    12:50:09.0009 1748 MSKSSRV - ok
    12:50:09.0040 1748 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    12:50:09.0274 1748 MSPCLOCK - ok
    12:50:09.0306 1748 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
    12:50:09.0524 1748 MSPQM - ok
    12:50:09.0540 1748 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
    12:50:09.0774 1748 mssmbios - ok
    12:50:09.0868 1748 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
    12:50:10.0040 1748 Mup - ok
    12:50:10.0212 1748 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
    12:50:10.0431 1748 napagent - ok
    12:50:10.0556 1748 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
    12:50:10.0775 1748 NDIS - ok
    12:50:10.0837 1748 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    12:50:11.0040 1748 NdisTapi - ok
    12:50:11.0087 1748 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    12:50:11.0322 1748 Ndisuio - ok
    12:50:11.0369 1748 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    12:50:11.0619 1748 NdisWan - ok
    12:50:11.0681 1748 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
    12:50:11.0775 1748 NDProxy - ok
    12:50:11.0853 1748 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
    12:50:12.0009 1748 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
    12:50:12.0009 1748 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
    12:50:12.0072 1748 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
    12:50:12.0306 1748 NetBIOS - ok
    12:50:12.0384 1748 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
    12:50:12.0650 1748 NetBT - ok
    12:50:12.0728 1748 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
    12:50:13.0088 1748 NetDDE - ok
    12:50:13.0119 1748 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
    12:50:13.0322 1748 NetDDEdsdm - ok
    12:50:13.0385 1748 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
    12:50:13.0588 1748 Netlogon - ok
    12:50:13.0713 1748 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
    12:50:14.0057 1748 Netman - ok
    12:50:14.0197 1748 [ 02D0798F376FCBD0210EDA58476D0B1B ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    12:50:14.0229 1748 NetSvc ( UnsignedFile.Multi.Generic ) - warning
    12:50:14.0229 1748 NetSvc - detected UnsignedFile.Multi.Generic (1)
    12:50:14.0369 1748 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32
  18. MontanaGallery

    MontanaGallery Newcomer, in training Topic Starter Posts: 16

    \mswsock.dll
    12:50:14.0447 1748 Nla - ok
    12:50:14.0510 1748 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
    12:50:14.0760 1748 Npfs - ok
    12:50:15.0119 1748 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
    12:50:15.0432 1748 Ntfs - ok
    12:50:15.0463 1748 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
    12:50:15.0682 1748 NtLmSsp - ok
    12:50:15.0916 1748 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
    12:50:16.0276 1748 NtmsSvc - ok
    12:50:16.0323 1748 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
    12:50:16.0573 1748 Null - ok
    12:50:17.0354 1748 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
    12:50:18.0230 1748 nv - ok
    12:50:18.0261 1748 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
    12:50:18.0464 1748 NwlnkFlt - ok
    12:50:18.0542 1748 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
    12:50:18.0761 1748 NwlnkFwd - ok
    12:50:18.0855 1748 [ 8F856DAE19383BD69DB444004D5D4F50 ] Packet C:\WINDOWS\system32\DRIVERS\packet.sys
    12:50:18.0870 1748 Packet ( UnsignedFile.Multi.Generic ) - warning
    12:50:18.0870 1748 Packet - detected UnsignedFile.Multi.Generic (1)
    12:50:19.0073 1748 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
    12:50:19.0292 1748 Parport - ok
    12:50:19.0324 1748 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
    12:50:19.0542 1748 PartMgr - ok
    12:50:19.0589 1748 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
    12:50:19.0792 1748 ParVdm - ok
    12:50:19.0839 1748 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
    12:50:20.0152 1748 PCI - ok
    12:50:20.0167 1748 PCIDump - ok
    12:50:20.0246 1748 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
    12:50:20.0433 1748 PCIIde - ok
    12:50:20.0527 1748 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
    12:50:20.0730 1748 Pcmcia - ok
    12:50:20.0855 1748 [ 12F29F4003C448C75B4460578B62E846 ] PCPitstop Scheduling C:\Program Files\PCPitstop\PCPitstopScheduleService.exe
    12:50:20.0996 1748 PCPitstop Scheduling - ok
    12:50:21.0011 1748 PDCOMP - ok
    12:50:21.0027 1748 PDFRAME - ok
    12:50:21.0027 1748 PDRELI - ok
    12:50:21.0043 1748 PDRFRAME - ok
    12:50:21.0090 1748 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
    12:50:21.0308 1748 perc2 - ok
    12:50:21.0340 1748 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
    12:50:21.0637 1748 perc2hib - ok
    12:50:21.0730 1748 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
    12:50:21.0840 1748 PlugPlay - ok
    12:50:21.0871 1748 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
    12:50:22.0027 1748 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
    12:50:22.0027 1748 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
    12:50:22.0058 1748 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
    12:50:22.0246 1748 PolicyAgent - ok
    12:50:22.0309 1748 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
    12:50:22.0559 1748 PptpMiniport - ok
    12:50:22.0574 1748 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
    12:50:22.0762 1748 ProtectedStorage - ok
    12:50:22.0793 1748 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
    12:50:23.0137 1748 PSched - ok
    12:50:23.0152 1748 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
    12:50:23.0356 1748 Ptilink - ok
    12:50:23.0434 1748 [ 86724469CD077901706854974CD13C3E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
    12:50:23.0449 1748 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
    12:50:23.0449 1748 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
    12:50:23.0512 1748 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
    12:50:23.0746 1748 ql1080 - ok
    12:50:23.0793 1748 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
    12:50:24.0121 1748 Ql10wnt - ok
    12:50:24.0168 1748 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
    12:50:24.0372 1748 ql12160 - ok
    12:50:24.0418 1748 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
    12:50:24.0637 1748 ql1240 - ok
    12:50:24.0684 1748 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
    12:50:25.0012 1748 ql1280 - ok
    12:50:25.0059 1748 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
    12:50:25.0247 1748 RasAcd - ok
    12:50:25.0309 1748 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
    12:50:25.0559 1748 RasAuto - ok
    12:50:25.0606 1748 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
    12:50:25.0825 1748 Rasl2tp - ok
    12:50:26.0059 1748 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
    12:50:26.0278 1748 RasMan - ok
    12:50:26.0309 1748 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    12:50:26.0544 1748 RasPppoe - ok
    12:50:26.0606 1748 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
    12:50:26.0794 1748 Raspti - ok
    12:50:27.0028 1748 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
    12:50:27.0232 1748 Rdbss - ok
    12:50:27.0263 1748 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
    12:50:27.0466 1748 RDPCDD - ok
    12:50:27.0591 1748 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
    12:50:27.0825 1748 rdpdr - ok
    12:50:28.0029 1748 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
    12:50:28.0122 1748 RDPWD - ok
    12:50:28.0232 1748 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
    12:50:28.0435 1748 RDSessMgr - ok
    12:50:28.0497 1748 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
    12:50:28.0732 1748 redbook - ok
    12:50:28.0794 1748 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
    12:50:29.0154 1748 RemoteAccess - ok
    12:50:29.0201 1748 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
    12:50:29.0420 1748 ROOTMODEM - ok
    12:50:29.0482 1748 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
    12:50:29.0685 1748 RpcLocator - ok
    12:50:29.0857 1748 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
    12:50:30.0185 1748 RpcSs - ok
    12:50:30.0263 1748 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
    12:50:30.0467 1748 RSVP - ok
    12:50:30.0514 1748 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
    12:50:30.0748 1748 SamSs - ok
    12:50:30.0810 1748 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
    12:50:31.0201 1748 SCardSvr - ok
    12:50:31.0311 1748 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
    12:50:31.0576 1748 Schedule - ok
    12:50:31.0623 1748 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
    12:50:31.0826 1748 Secdrv - ok
    12:50:31.0889 1748 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
    12:50:32.0217 1748 seclogon - ok
    12:50:32.0530 1748 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
    12:50:32.0858 1748 senfilt - ok
    12:50:32.0920 1748 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
    12:50:33.0280 1748 SENS - ok
    12:50:33.0342 1748 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
    12:50:33.0592 1748 serenum - ok
    12:50:33.0655 1748 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
    12:50:34.0233 1748 Serial - ok
    12:50:34.0296 1748 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
    12:50:34.0530 1748 Sfloppy - ok
    12:50:34.0733 1748 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
    12:50:35.0155 1748 SharedAccess - ok
    12:50:35.0233 1748 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
    12:50:35.0265 1748 ShellHWDetection - ok
    12:50:35.0280 1748 Simbad - ok
    12:50:35.0343 1748 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
    12:50:35.0562 1748 sisagp - ok
    12:50:35.0702 1748 [ 0066FF77AEB4AE70066F7E94D5A6D866 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
    12:50:35.0858 1748 smwdm - ok
    12:50:35.0921 1748 [ 60C377BE6B3CC83F6A8584934B181D2E ] SNMP C:\WINDOWS\System32\snmp.exe
    12:50:36.0265 1748 SNMP - ok
    12:50:36.0312 1748 [ 80A050795A107A76C2B1CD4CFBE010E6 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
    12:50:36.0562 1748 SNMPTRAP - ok
    12:50:36.0624 1748 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
    12:50:36.0796 1748 Sparrow - ok
    12:50:36.0827 1748 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
    12:50:37.0203 1748 splitter - ok
    12:50:37.0281 1748 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
    12:50:37.0562 1748 Spooler - ok
    12:50:37.0624 1748 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
    12:50:38.0281 1748 sr - ok
    12:50:38.0375 1748 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
    12:50:38.0687 1748 srservice - ok
    12:50:38.0859 1748 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
    12:50:39.0219 1748 Srv - ok
    12:50:39.0297 1748 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
    12:50:39.0516 1748 SSDPSRV - ok
    12:50:39.0719 1748 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
    12:50:41.0282 1748 stisvc - ok
    12:50:41.0344 1748 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
    12:50:41.0625 1748 swenum - ok
    12:50:41.0704 1748 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
    12:50:42.0125 1748 swmidi - ok
    12:50:42.0125 1748 SwPrv - ok
    12:50:42.0188 1748 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
    12:50:42.0563 1748 symc810 - ok
    12:50:42.0626 1748 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
    12:50:43.0032 1748 symc8xx - ok
    12:50:43.0063 1748 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
    12:50:43.0329 1748 sym_hi - ok
    12:50:43.0376 1748 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
    12:50:43.0688 1748 sym_u3 - ok
    12:50:43.0766 1748 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
    12:50:44.0173 1748 sysaudio - ok
    12:50:44.0267 1748 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
    12:50:44.0532 1748 SysmonLog - ok
    12:50:44.0673 1748 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
    12:50:45.0064 1748 TapiSrv - ok
    12:50:45.0236 1748 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
    12:50:45.0579 1748 Tcpip - ok
    12:50:45.0673 1748 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
    12:50:46.0111 1748 TDPIPE - ok
    12:50:46.0142 1748 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
    12:50:46.0439 1748 TDTCP - ok
    12:50:46.0470 1748 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
    12:50:46.0783 1748 TermDD - ok
    12:50:46.0970 1748 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
    12:50:47.0345 1748 TermService - ok
    12:50:47.0424 1748 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
    12:50:47.0455 1748 Themes - ok
    12:50:47.0502 1748 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
    12:50:47.0752 1748 TosIde - ok
    12:50:47.0846 1748 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
    12:50:48.0174 1748 TrkWks - ok
    12:50:48.0236 1748 [ 228D8E60BC9C5238587B0BF1654EC580 ] U2SP C:\WINDOWS\system32\DRIVERS\u2s2kxp.sys
    12:50:48.0330 1748 U2SP - ok
    12:50:48.0408 1748 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
    12:50:48.0658 1748 Udfs - ok
    12:50:48.0689 1748 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
    12:50:48.0861 1748 ultra - ok
    12:50:49.0174 1748 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
    12:50:49.0518 1748 Update - ok
    12:50:49.0627 1748 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
    12:50:49.0783 1748 upnphost - ok
    12:50:49.0830 1748 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
    12:50:50.0174 1748 UPS - ok
    12:50:50.0237 1748 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
    12:50:50.0440 1748 usbccgp - ok
    12:50:50.0502 1748 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
    12:50:50.0752 1748 usbehci - ok
    12:50:50.0815 1748 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
    12:50:51.0159 1748 usbhub - ok
    12:50:51.0190 1748 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
    12:50:51.0409 1748 usbprint - ok
    12:50:51.0456 1748 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
    12:50:51.0784 1748 usbscan - ok
    12:50:51.0846 1748 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    12:50:52.0190 1748 USBSTOR - ok
    12:50:52.0237 1748 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
    12:50:52.0456 1748 usbuhci - ok
    12:50:52.0565 1748 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
    12:50:52.0815 1748 VgaSave - ok
    12:50:52.0847 1748 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
    12:50:53.0159 1748 viaagp - ok
    12:50:53.0190 1748 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
    12:50:53.0425 1748 ViaIde - ok
    12:50:53.0487 1748 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
    12:50:53.0737 1748 VolSnap - ok
    12:50:53.0878 1748 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
    12:50:54.0144 1748 VSS - ok
    12:50:54.0472 1748 [ F117D00BBB401C61CE3E9F3B846D0821 ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
    12:50:54.0722 1748 vToolbarUpdater13.2.0 - ok
    12:50:54.0847 1748 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
    12:50:55.0191 1748 w32time - ok
    12:50:55.0253 1748 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
    12:50:55.0582 1748 Wanarp - ok
    12:50:55.0629 1748 wanatw - ok
    12:50:55.0847 1748 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
    12:50:56.0097 1748 Wdf01000 - ok
    12:50:56.0113 1748 WDICA - ok
    12:50:56.0191 1748 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
    12:50:56.0410 1748 wdmaud - ok
    12:50:56.0488 1748 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
    12:50:56.0754 1748 WebClient - ok
    12:50:57.0207 1748 [ 8ADCD6078AFFC4C81F3C3EBB1E9E3A2B ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
    12:50:57.0457 1748 winachsf - ok
    12:50:57.0629 1748 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
    12:50:57.0879 1748 winmgmt - ok
    12:50:57.0926 1748 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
    12:50:58.0176 1748 WmdmPmSN - ok
    12:50:58.0285 1748 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
    12:50:58.0707 1748 WmiApSrv - ok
    12:50:59.0270 1748 [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
    12:50:59.0598 1748 WMPNetworkSvc - ok
    12:50:59.0692 1748 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
    12:50:59.0911 1748 WS2IFSL - ok
    12:50:59.0989 1748 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
    12:51:00.0333 1748 wscsvc - ok
    12:51:00.0364 1748 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
    12:51:00.0598 1748 wuauserv - ok
    12:51:00.0645 1748 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
    12:51:00.0739 1748 WudfPf - ok
    12:51:00.0786 1748 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
    12:51:00.0848 1748 WudfRd - ok
    12:51:00.0911 1748 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
    12:51:01.0083 1748 WudfSvc - ok
    12:51:01.0317 1748 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
    12:51:01.0661 1748 WZCSVC - ok
    12:51:01.0755 1748 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
    12:51:02.0271 1748 xmlprov - ok
    12:51:02.0286 1748 ================ Scan global ===============================
    12:51:02.0364 1748 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
    12:51:02.0583 1748 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
    12:51:02.0693 1748 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
    12:51:02.0771 1748 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
    12:51:02.0771 1748 [Global] - ok
    12:51:02.0771 1748 ================ Scan MBR ==================================
    12:51:02.0818 1748 [ 91722E6BC3A2B40FF00222DCA4A3DB3E ] \Device\Harddisk0\DR0
    12:51:03.0771 1748 \Device\Harddisk0\DR0 - ok
    12:51:03.0771 1748 ================ Scan VBR ==================================
    12:51:03.0802 1748 [ 56779635831354D7D953310528857B49 ] \Device\Harddisk0\DR0\Partition1
    12:51:03.0802 1748 \Device\Harddisk0\DR0\Partition1 - ok
    12:51:03.0802 1748 ============================================================
    12:51:03.0802 1748 Scan finished
    12:51:03.0802 1748 ============================================================
    12:51:04.0115 2664 Detected object count: 21
    12:51:04.0115 2664 Actual detected object count: 21
    12:52:32.0822 2664 aspnet_state ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0822 2664 aspnet_state ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0822 2664 BrPar ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0822 2664 BrPar ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0838 2664 DLABOIOM ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0838 2664 DLABOIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0838 2664 DLACDBHM ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0838 2664 DLACDBHM ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0838 2664 DLADResN ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0838 2664 DLADResN ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0853 2664 DLAIFS_M ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0853 2664 DLAIFS_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0853 2664 DLAOPIOM ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0853 2664 DLAOPIOM ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0853 2664 DLAPoolM ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0853 2664 DLAPoolM ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0853 2664 DLARTL_N ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0853 2664 DLARTL_N ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0900 2664 DLAUDFAM ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0900 2664 DLAUDFAM ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0900 2664 DLAUDF_M ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0900 2664 DLAUDF_M ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0900 2664 DRVMCDB ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0900 2664 DRVMCDB ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0900 2664 DRVNDDM ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0900 2664 DRVNDDM ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0900 2664 DSproct ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0900 2664 DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0900 2664 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0900 2664 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0900 2664 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0900 2664 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0916 2664 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0916 2664 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0916 2664 NetSvc ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0916 2664 NetSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0916 2664 Packet ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0916 2664 Packet ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0916 2664 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0916 2664 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:32.0916 2664 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
    12:52:32.0916 2664 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
    12:52:37.0464 3676 Deinitialize success
     
  19. MontanaGallery

    MontanaGallery Newcomer, in training Topic Starter Posts: 16

    Ive tried several timeto run the video test but I run into problems with it. I have downloaded and reinstalled it several times.
  20. MontanaGallery

    MontanaGallery Newcomer, in training Topic Starter Posts: 16

    Also auto update tried to install microsoft update kb911895 but failed
  21. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    How did it work out with video drivers?
  22. MontanaGallery

    MontanaGallery Newcomer, in training Topic Starter Posts: 16

    Wont update from microsoft support site. How do I manually reinstall them?
  23. Jay Pfoutz

    Jay Pfoutz Malware Helper Posts: 4,286   +49

    Do you know what the make is of the video card and what version?
  24. MontanaGallery

    MontanaGallery Newcomer, in training Topic Starter Posts: 16

    Not sure do any of the reports on this post show the info
  25. MontanaGallery

    MontanaGallery Newcomer, in training Topic Starter Posts: 16



Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.