Jump to content

oatring

Members
  • Posts

    11
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I run NHC, which throttles the Speedstep CPU down to 1GHz when the machine is sort of idling, and up to the full 2.33GHz when doing heavy lifting. If I'm sitting in a browser screen (the last crash, for example), the machine is running at its lowest speed, and the fan isn't running at max speed, like it is if I'm compiling. Anything else I should try?
  2. Samsung 830 and according to the Samsung SSD Magician, it is running the latest firmware (CXM03B1Q) Checking SMART status shows OK across the board.
  3. Had 4 reboots just this morning. 1) opening mail 2) immediately after rebooting, just after the desktop came up 3) moving a window out of firefox 4) just after closing a notepad file
  4. Thanks for replying. I'm running an SSD and here is the output of chkdsk The type of the file system is NTFS. WARNING! F parameter not specified. Running CHKDSK in read-only mode. CHKDSK is verifying files (stage 1 of 3)... 0 percent completed. 1 percent completed. 2 percent completed. 3 percent completed. 4 percent completed. 5 percent completed. 6 percent completed. 7 percent completed. 8 percent completed. 9 percent completed. 10 percent completed. 11 percent completed. 12 percent completed. 13 percent completed. 14 percent completed. 15 percent completed. 16 percent completed. 17 percent completed. 18 percent completed. 19 percent completed. 20 percent completed. 21 percent completed. 22 percent completed. 23 percent completed. 24 percent completed. 25 percent completed. 26 percent completed. 27 percent completed. 28 percent completed. 29 percent completed. 30 percent completed. 31 percent completed. 32 percent completed. 33 percent completed. 34 percent completed. 35 percent completed. 36 percent completed. 37 percent completed. 38 percent completed. 39 percent completed. 40 percent completed. 41 percent completed. 42 percent completed. 43 percent completed. 44 percent completed. 45 percent completed. 46 percent completed. 47 percent completed. 48 percent completed. 49 percent completed. 50 percent completed. 51 percent completed. 52 percent completed. 53 percent completed. 54 percent completed. 55 percent completed. 56 percent completed. 57 percent completed. 58 percent completed. 59 percent completed. 60 percent completed. 61 percent completed. 62 percent completed. 63 percent completed. 64 percent completed. 65 percent completed. 66 percent completed. 67 percent completed. 68 percent completed. 69 percent completed. 70 percent completed. 71 percent completed. 72 percent completed. 73 percent completed. 74 percent completed. 75 percent completed. 76 percent completed. 77 percent completed. 78 percent completed. 79 percent completed. 80 percent completed. 81 percent completed. 82 percent completed. 83 percent completed. 84 percent completed. 85 percent completed. 86 percent completed. 87 percent completed. 88 percent completed. 89 percent completed. 90 percent completed. 91 percent completed. 92 percent completed. 93 percent completed. 94 percent completed. 95 percent completed. 96 percent completed. 97 percent completed. 98 percent completed. 99 percent completed. 100 percent completed. File verification completed. CHKDSK is verifying indexes (stage 2 of 3)... 0 percent completed. 1 percent completed. 2 percent completed. 3 percent completed. 4 percent completed. 5 percent completed. 6 percent completed. 7 percent completed. 8 percent completed. 9 percent completed. 10 percent completed. 11 percent completed. 12 percent completed. 13 percent completed. 14 percent completed. 15 percent completed. 16 percent completed. 17 percent completed. 18 percent completed. 19 percent completed. 20 percent completed. 21 percent completed. 22 percent completed. 23 percent completed. 24 percent completed. 25 percent completed. 26 percent completed. 27 percent completed. 28 percent completed. 29 percent completed. 30 percent completed. 31 percent completed. 32 percent completed. 33 percent completed. 34 percent completed. 35 percent completed. 36 percent completed. 37 percent completed. 38 percent completed. 39 percent completed. 40 percent completed. 41 percent completed. 42 percent completed. 43 percent completed. 44 percent completed. 45 percent completed. 46 percent completed. 47 percent completed. 48 percent completed. 49 percent completed. 50 percent completed. 51 percent completed. 52 percent completed. 53 percent completed. 54 percent completed. 55 percent completed. 56 percent completed. 57 percent completed. 58 percent completed. 59 percent completed. 60 percent completed. 61 percent completed. 62 percent completed. 63 percent completed. 64 percent completed. 65 percent completed. 66 percent completed. 67 percent completed. 68 percent completed. 69 percent completed. 70 percent completed. 71 percent completed. 72 percent completed. 73 percent completed. 74 percent completed. 75 percent completed. 76 percent completed. 77 percent completed. 78 percent completed. 79 percent completed. 80 percent completed. 81 percent completed. 82 percent completed. 83 percent completed. 84 percent completed. 85 percent completed. 86 percent completed. 87 percent completed. 88 percent completed. 89 percent completed. 90 percent completed. 91 percent completed. 92 percent completed. 93 percent completed. 94 percent completed. 95 percent completed. 96 percent completed. 97 percent completed. 98 percent completed. 99 percent completed. 100 percent completed. Index verification completed. CHKDSK is verifying security descriptors (stage 3 of 3)... 0 percent completed. 1 percent completed. 2 percent completed. 3 percent completed. 4 percent completed. 5 percent completed. 6 percent completed. 7 percent completed. 8 percent completed. 9 percent completed. 10 percent completed. 11 percent completed. 12 percent completed. 13 percent completed. 14 percent completed. 15 percent completed. 16 percent completed. 17 percent completed. 18 percent completed. 19 percent completed. 20 percent completed. 21 percent completed. 22 percent completed. 23 percent completed. 24 percent completed. 25 percent completed. 26 percent completed. 27 percent completed. 28 percent completed. 29 percent completed. 30 percent completed. 31 percent completed. 32 percent completed. 33 percent completed. 34 percent completed. 35 percent completed. 36 percent completed. 37 percent completed. 38 percent completed. 39 percent completed. 40 percent completed. 41 percent completed. 42 percent completed. 43 percent completed. 44 percent completed. 45 percent completed. 46 percent completed. 47 percent completed. 48 percent completed. 49 percent completed. 50 percent completed. 51 percent completed. 52 percent completed. 53 percent completed. 54 percent completed. 55 percent completed. 56 percent completed. 57 percent completed. 58 percent completed. 59 percent completed. 60 percent completed. 61 percent completed. 62 percent completed. 63 percent completed. 64 percent completed. 65 percent completed. 66 percent completed. 67 percent completed. 68 percent completed. 69 percent completed. 70 percent completed. 71 percent completed. 72 percent completed. 73 percent completed. 74 percent completed. 75 percent completed. 76 percent completed. 77 percent completed. 78 percent completed. 79 percent completed. 80 percent completed. 81 percent completed. 82 percent completed. 83 percent completed. 84 percent completed. 85 percent completed. 86 percent completed. 87 percent completed. 88 percent completed. 89 percent completed. 90 percent completed. 91 percent completed. 92 percent completed. 93 percent completed. 94 percent completed. 95 percent completed. 96 percent completed. 97 percent completed. 98 percent completed. 99 percent completed. 100 percent completed. Security descriptor verification completed. CHKDSK is verifying Usn Journal... Usn Journal verification completed. 244195528 KB total disk space. 233259224 KB in 220588 files. 78692 KB in 26454 indexes. 0 KB in bad sectors. 536072 KB in use by the system. 65536 KB occupied by the log file. 10321540 KB available on disk. 4096 bytes in each allocation unit. 61048882 total allocation units on disk. 2580385 allocation units available on disk.
  5. Just had it crash right now. Was scrolling through a text file on my machine when the mouse froze, everything locked up and it rebooted
  6. Still having the same issues as before. The laptop does a restart on its own. I could be in notepad, firefox or just idle, and the laptop will just execute a reboot. I've run Memtest86 overnight, so I think the hardware is okay. I'm running Notebook Hardware control to see if things were heat-related (tried undervolting to keep it cooler, tried locking down the lowest speeds, same thing. Now running it at stock voltages but lowest speed-step) I've even booted from a LInux CD distro, and the machine seemed to run fine. So, if it isn't heat or hardware, gotta be something in the software. So before I back everything up and re-format the drive, I thought I'd give this a try.
  7. Not exactly sure why combofix decided to delete one of my pictures folders.... c:\x\DCIM I mean I know I'm a bad photographer, but really?
  8. Thanks for replying back so quickly! Here is the combofix log ComboFix 12-09-23.03 - Customer 09/24/2012 8:49.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.1704 [GMT -4:00] Running from: C:\ComboFix.exe AV: ESET NOD32 Antivirus 4.2 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\_ctypes.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\_elementtree.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\_hashlib.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\_socket.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\_ssl.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\pyexpat.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\pysqlite2._sqlite.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\python26.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\pythoncom26.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\pywintypes26.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\select.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\unicodedata.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32api.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32com.shell.shell.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32crypt.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32event.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32file.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32inet.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32pdh.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32process.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\win32security.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\windows._cacheinvalidation.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wx._controls_.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wx._core_.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wx._gdi_.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wx._html2.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wx._misc_.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wx._windows_.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wx._wizard.pyd c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wxbase293u_net_vc.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wxbase293u_vc.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wxmsw293u_adv_vc.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wxmsw293u_core_vc.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wxmsw293u_html_vc.dll c:\docume~1\Customer\LOCALS~1\Temp\_MEI27122\wxmsw293u_webview_vc.dll c:\docume~1\Customer\LOCALS~1\Temp\nsx1BA.tmp\newadvsplash.dll c:\docume~1\Customer\LOCALS~1\Temp\nsx1BA.tmp\System.dll c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\Customer\Application Data\.# c:\documents and settings\Customer\g2mdlhlpx.exe c:\documents and settings\Customer\Local Settings\Application Data\assembly\tmp c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\_ctypes.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\_elementtree.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\_hashlib.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\_socket.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\_ssl.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\pyexpat.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\pysqlite2._sqlite.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\python26.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\pythoncom26.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\pywintypes26.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\select.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\unicodedata.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32api.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32com.shell.shell.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32crypt.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32event.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32file.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32inet.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32pdh.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32process.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\win32security.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\windows._cacheinvalidation.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wx._controls_.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wx._core_.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wx._gdi_.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wx._html2.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wx._misc_.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wx._windows_.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wx._wizard.pyd c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wxbase293u_net_vc.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wxbase293u_vc.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wxmsw293u_adv_vc.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wxmsw293u_core_vc.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wxmsw293u_html_vc.dll c:\documents and settings\Customer\Local Settings\Temp\_MEI27122\wxmsw293u_webview_vc.dll c:\documents and settings\Customer\Local Settings\Temp\nsx1BA.tmp\newadvsplash.dll c:\documents and settings\Customer\Local Settings\Temp\nsx1BA.tmp\System.dll c:\documents and settings\Customer\WINDOWS C:\Install.exe C:\Thumbs.db c:\windows\system32\Cache c:\windows\system32\dllcache\dlimport.exe c:\windows\system32\drivers\etc\hosts.ics c:\windows\system32\KGyGaAvL.sys c:\windows\system32\wpcap.dll C:\x C:\x.txt c:\x\DCIM\100MEDIA\IMAG0001.jpg c:\x\DCIM\100MEDIA\IMAG0002.jpg c:\x\DCIM\100MEDIA\IMAG0003.jpg c:\x\DCIM\100MEDIA\IMAG0004.jpg c:\x\DCIM\100MEDIA\IMAG0005.jpg c:\x\DCIM\100MEDIA\IMAG0006.jpg c:\x\DCIM\100MEDIA\IMAG0007.jpg c:\x\DCIM\100MEDIA\IMAG0008.jpg c:\x\DCIM\100MEDIA\IMAG0009.jpg c:\x\DCIM\100MEDIA\IMAG0010.jpg c:\x\DCIM\100MEDIA\IMAG0011.jpg c:\x\DCIM\100MEDIA\IMAG0012.jpg c:\x\DCIM\100MEDIA\IMAG0013.jpg c:\x\DCIM\100MEDIA\IMAG0014.jpg c:\x\DCIM\100MEDIA\IMAG0015.jpg c:\x\DCIM\100MEDIA\IMAG0016.jpg c:\x\DCIM\100MEDIA\IMAG0017.jpg c:\x\DCIM\100MEDIA\IMAG0018.jpg c:\x\DCIM\100MEDIA\IMAG0019.jpg c:\x\DCIM\100MEDIA\IMAG0020.jpg c:\x\DCIM\100MEDIA\IMAG0021.jpg c:\x\DCIM\100MEDIA\IMAG0022.jpg c:\x\DCIM\100MEDIA\IMAG0023.jpg c:\x\DCIM\100MEDIA\IMAG0024.jpg c:\x\DCIM\100MEDIA\IMAG0025.jpg c:\x\DCIM\100MEDIA\IMAG0026.jpg c:\x\DCIM\100MEDIA\IMAG0027.jpg c:\x\DCIM\100MEDIA\IMAG0028.jpg c:\x\DCIM\100MEDIA\IMAG0029.jpg c:\x\DCIM\100MEDIA\IMAG0030.jpg c:\x\DCIM\100MEDIA\IMAG0031.jpg c:\x\DCIM\100MEDIA\IMAG0032.jpg c:\x\DCIM\100MEDIA\IMAG0033.jpg c:\x\DCIM\100MEDIA\IMAG0034.jpg c:\x\DCIM\100MEDIA\IMAG0035.jpg c:\x\DCIM\100MEDIA\IMAG0036.jpg c:\x\DCIM\100MEDIA\Thumbs.db c:\x\IMAG0204.jpg c:\x\IMAG0222.jpg c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350033a7-3500339b.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350033a7-3d0033dc.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350033a7-3f0033da.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\35003497-3000348f.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\35003497-3200348d.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\35003497-3d003479.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350034c6-300034b8.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350034c6-370034c8.jpg c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350034c6-3c0034cc.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350034c6-3d0034c9.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\350034c6-3e0034ca.gif c:\x\Inbox.mst30031894.3403061376\Mail Attachments\Thumbs.db c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-35004611.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-37004640.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-38004609.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-39004646.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-39004647.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-39004648.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-39004649.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-3a004644.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-3b004641.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3000463e-3b004642.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\36004220-3d00462c.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\3e004653-36004655.jpg c:\x\Inbox.mst30038711.3441004544\Mail Attachments\Thumbs.db . . ((((((((((((((((((((((((( Files Created from 2012-08-24 to 2012-09-24 ))))))))))))))))))))))))))))))) . . 2012-09-23 21:14 . 2012-09-23 21:15 -------- d-----w- c:\documents and settings\Customer\Application Data\vlc 2012-09-21 19:45 . 2001-08-17 17:53 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys 2012-09-21 19:45 . 2001-08-17 17:53 6784 ----a-w- c:\windows\system32\drivers\serscan.sys 2012-09-21 19:43 . 2006-04-13 00:02 659456 ----a-w- c:\windows\system32\hpowiax2.dll 2012-09-21 19:43 . 2006-04-13 00:02 827392 ----a-w- c:\windows\system32\hpotiop2.dll 2012-09-21 19:43 . 2006-04-13 00:02 254026 ----a-w- c:\windows\system32\hpovst09.dll 2012-09-21 19:22 . 2012-09-21 19:45 -------- d-----w- c:\documents and settings\All Users\Application Data\HP 2012-09-21 17:53 . 2006-04-10 18:03 38400 ----a-w- c:\windows\system32\hpz3l054.dll 2012-09-21 17:53 . 2006-04-10 18:02 74240 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpzpp054.dll 2012-09-21 17:47 . 2012-09-21 17:47 -------- d-----w- c:\program files\Common Files\Hewlett-Packard 2012-09-21 17:46 . 2006-03-04 01:03 65536 ----a-w- c:\windows\system32\HPZinw12.exe 2012-09-21 17:46 . 2006-03-04 01:03 69632 ----a-w- c:\windows\system32\HPZipm12.exe 2012-09-21 17:46 . 2012-09-21 17:46 -------- d-----w- c:\program files\HP 2012-09-21 17:46 . 2006-01-04 08:12 77824 ----a-w- c:\windows\system32\HPZIDS01.dll 2012-09-21 17:46 . 2005-07-19 01:39 98304 ----a-w- c:\windows\system32\hpzjsn01.dll 2012-09-20 18:37 . 2012-09-20 18:37 2212440 ----a-w- C:\tdsskiller.exe 2012-09-18 05:17 . 2008-04-14 04:16 53376 -c--a-w- c:\windows\system32\dllcache\OLD1DB.tmp 2012-09-18 05:17 . 2001-08-17 18:06 11264 -c--a-w- c:\windows\system32\dllcache\OLD1DF.tmp 2012-09-18 05:17 . 2008-04-14 09:42 32827 -c--a-w- c:\windows\system32\dllcache\OLD1D3.tmp 2012-09-18 05:17 . 2007-04-03 02:06 16384 -c--a-w- c:\windows\system32\dllcache\OLD1D6.tmp 2012-09-18 05:17 . 2008-04-14 09:42 16437 -c--a-w- c:\windows\system32\dllcache\OLD1D0.tmp 2012-09-18 05:17 . 2008-04-14 09:42 20536 -c--a-w- c:\windows\system32\dllcache\OLD1CD.tmp 2012-09-18 05:17 . 2001-08-17 18:56 66048 -c--a-w- c:\windows\system32\dllcache\OLD1CA.tmp 2012-09-18 05:14 . 2001-08-17 18:55 6144 -c--a-w- c:\windows\system32\dllcache\OLD284C.tmp 2012-09-18 05:13 . 2008-04-14 09:41 702845 -c--a-w- c:\windows\system32\dllcache\i81xdnt5.dll 2012-09-18 05:13 . 2004-08-04 02:29 161020 -c--a-w- c:\windows\system32\dllcache\OLD2796.tmp 2012-09-18 05:13 . 2001-08-17 16:49 58592 -c--a-w- c:\windows\system32\dllcache\OLD2790.tmp 2012-09-18 05:13 . 2001-08-17 18:56 353184 -c--a-w- c:\windows\system32\dllcache\OLD278C.tmp 2012-09-18 05:13 . 2008-04-14 04:11 18560 -c--a-w- c:\windows\system32\dllcache\i2omp.sys 2012-09-18 05:13 . 2008-04-14 04:11 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys 2012-09-18 05:13 . 2008-04-14 11:00 10129408 -c--a-w- c:\windows\system32\dllcache\OLD2784.tmp 2012-09-18 05:13 . 2008-04-14 09:39 13463552 -c--a-w- c:\windows\system32\dllcache\OLD2781.tmp 2012-09-18 05:13 . 2008-04-14 11:00 10096640 -c--a-w- c:\windows\system32\dllcache\OLD277E.tmp 2012-09-18 05:12 . 2008-04-14 04:06 20352 -c--a-w- c:\windows\system32\dllcache\hidbatt.sys 2012-09-18 05:12 . 2008-04-14 04:10 28288 -c--a-w- c:\windows\system32\dllcache\grserial.sys 2012-09-18 05:12 . 2008-04-14 04:15 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys 2012-09-18 05:12 . 2008-04-14 04:15 10624 -c--a-w- c:\windows\system32\dllcache\gameenum.sys 2012-09-18 05:10 . 2008-04-14 04:09 206976 -c--a-w- c:\windows\system32\dllcache\dot4.sys 2012-09-18 05:10 . 2008-04-14 04:10 8320 -c--a-w- c:\windows\system32\dllcache\dlttape.sys 2012-09-18 05:09 . 2008-04-14 09:41 249856 -c--a-w- c:\windows\system32\dllcache\ctmasetp.dll 2012-09-18 05:09 . 2008-04-14 04:11 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys 2012-09-18 05:09 . 2008-04-14 04:16 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys 2012-09-18 05:09 . 2008-04-14 09:41 121856 -c--a-w- c:\windows\system32\dllcache\camext30.dll 2012-09-17 15:28 . 2012-09-17 15:28 607260 ------r- C:\dds.com 2012-09-17 15:01 . 2008-04-14 04:16 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys 2012-09-17 15:01 . 2008-04-14 04:16 13696 -c--a-w- c:\windows\system32\dllcache\avcstrm.sys 2012-09-17 15:01 . 2008-04-14 04:16 38912 -c--a-w- c:\windows\system32\dllcache\avc.sys 2012-09-17 15:01 . 2008-04-14 04:16 48128 -c--a-w- c:\windows\system32\dllcache\61883.sys 2012-09-17 15:01 . 2008-04-14 04:10 12288 -c--a-w- c:\windows\system32\dllcache\4mmdat.sys 2012-09-17 15:01 . 2008-04-14 04:57 2188928 -c--a-w- c:\windows\system32\dllcache\ntoskrnl.exe 2012-09-17 14:36 . 2012-09-17 14:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Trend Micro 2012-09-17 14:26 . 2012-09-17 14:26 131384 ----a-w- c:\windows\system32\drivers\tmrkb.sys 2012-09-17 14:26 . 2012-06-05 07:37 256904 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2012-09-17 14:26 . 2012-09-17 14:26 -------- d-----w- c:\program files\WinPcap 2012-09-17 14:25 . 2012-09-17 14:25 -------- d-----w- c:\program files\Trend Micro 2012-09-17 14:11 . 2008-04-14 09:42 221184 ----a-w- c:\windows\system32\wmpns.dll 2012-09-17 14:07 . 2008-04-14 09:42 1306624 -c----w- c:\windows\system32\dllcache\msxml6.dll 2012-09-17 14:07 . 2008-04-14 02:57 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll 2012-09-17 14:05 . 2008-04-14 09:41 25471 -c--a-w- c:\windows\system32\dllcache\atv04nt5.dll 2012-09-17 13:42 . 2012-09-17 13:42 -------- d-----w- C:\e888c916eb7ac54122 2012-09-12 18:09 . 2012-09-12 18:09 -------- d-----w- c:\documents and settings\Customer\Application Data\Malwarebytes 2012-09-12 18:09 . 2012-09-12 18:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-09-12 18:09 . 2012-09-12 18:09 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-09-12 18:09 . 2012-09-07 21:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-12 13:21 . 2012-09-12 13:24 -------- d-----w- c:\documents and settings\Customer\Application Data\QuickScan 2012-09-11 21:44 . 2008-04-14 04:26 30592 ----a-w- c:\windows\system32\drivers\rndismpx.sys 2012-09-11 21:44 . 2008-04-14 04:26 12800 ----a-w- c:\windows\system32\drivers\usb8023x.sys 2012-09-11 18:11 . 2012-09-24 12:22 -------- d-----w- c:\documents and settings\Customer\Application Data\gtk-2.0 2012-09-11 13:51 . 2012-09-11 14:47 -------- d-----w- c:\program files\pidgin 2012-09-10 22:34 . 2012-09-10 22:34 -------- d-----w- c:\program files\KUSO EXIF Viewer 2012-09-10 21:43 . 2008-11-06 15:13 273408 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\hpcpp6de.DLL 2012-09-10 21:43 . 2008-11-06 15:12 149504 ----a-w- c:\windows\system32\hpcpn6de.dll 2012-09-06 17:53 . 2009-06-10 04:49 24576 ----a-w- c:\windows\system32\drivers\ANDROIDUSB.sys 2012-09-06 17:53 . 2012-09-06 17:53 -------- d-----w- c:\program files\Spirent Communications 2012-09-06 17:53 . 2012-09-06 17:53 -------- d-----w- c:\program files\HTC 2012-09-06 17:52 . 2012-09-07 13:26 -------- d-----w- C:\evo3D 2012-09-05 13:51 . 2010-03-26 08:08 4608 ------w- c:\windows\system32\drivers\TSMAPIP.SYS 2012-09-04 19:45 . 2012-09-04 19:46 -------- d-----w- c:\documents and settings\Customer\Application Data\Spreadsheet Compare 2012-09-03 21:24 . 2012-09-03 21:24 -------- d-----w- c:\program files\Common Files\Java 2012-09-03 21:22 . 2012-09-03 21:22 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-09-03 21:22 . 2012-09-03 21:22 477168 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-09-03 16:57 . 2012-09-03 17:00 -------- d-----w- c:\documents and settings\Customer\Application Data\WindSolutions 2012-09-03 16:57 . 2012-09-03 16:57 -------- d-----w- c:\documents and settings\All Users\Application Data\WindSolutions 2012-09-02 19:15 . 2004-01-28 19:03 21456 ----a-w- c:\windows\system32\drivers\SilvrLnk.sys 2012-09-02 19:15 . 2004-02-04 14:27 49536 ----a-w- c:\windows\system32\drivers\tiehdusb.sys 2012-09-02 19:15 . 2012-09-02 19:15 -------- d-----w- c:\program files\TI Education 2012-09-02 19:15 . 2012-09-02 19:15 -------- d-----w- c:\program files\Common Files\TI Shared 2012-09-02 19:14 . 2012-09-02 19:14 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2012-08-27 04:25 . 2012-08-27 08:36 -------- d-----w- C:\Z . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-09-24 12:57 . 2011-11-15 11:40 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys 2012-09-19 15:19 . 2012-09-19 15:02 12319557 ----a-w- C:\iv_formats.zip 2012-09-19 14:59 . 2012-09-19 14:57 54312623 ----a-w- C:\5DIIand1DsIIIRaws.zip 2012-09-03 21:22 . 2011-11-25 07:31 473072 ----a-w- c:\windows\system32\deployJava1.dll 2012-07-19 17:17 . 2012-04-03 05:25 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-19 17:17 . 2011-10-20 08:54 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-05 18:09 . 2012-07-05 18:09 249856 ------w- c:\windows\Setup1.exe 2012-07-05 18:09 . 2012-07-05 18:09 73216 ----a-w- c:\windows\ST6UNST.EXE 2012-06-26 06:59 . 2011-10-20 08:48 85472 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2012-09-06 19:51 556056 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320] "GoogleDriveSync"="c:\program files\Google\Drive\googledrivesync.exe" [2012-09-06 15668432] "Netdrive"="c:\program files\NetDrive\netdrive.exe" [2001-08-23 294912] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2006-10-29 925696] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-09-29 61440] "PSQLLauncher"="c:\program files\ThinkVantage Fingerprint Software\launcher.exe" [2010-07-21 55120] "TVT Scheduler Proxy"="c:\program files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2008-03-04 487424] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2011-07-15 2282792] "LenovoAutoScrollUtility"="c:\program files\Lenovo\VIRTSCRL\virtscrl.exe" [2011-10-20 101440] "TpShocks"="TpShocks.exe" [2011-03-29 337256] "LPManager"="c:\progra~1\THINKV~2\PrdCtr\LPMGR.exe" [2009-07-23 185688] "LPMailChecker"="c:\progra~1\THINKV~2\PrdCtr\LPMLCHK.exe" [2009-07-23 124248] "Sprint SmartView"="c:\program files\Sprint\Sprint SmartView\SprintSV.exe" [2010-12-15 75072] "RDVCHG"="c:\program files\Sprint\Sprint SmartView\RDVCHG.exe" [2010-12-15 316736] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632] "PWRMGRTR"="c:\progra~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL" [2011-10-04 818240] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2010-02-22 2140880] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160] "ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-06-16 221184] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2004-06-16 81920] "TPFNF7"="c:\program files\Lenovo\NPDIRECT\TPFNF7SP.exe" [2010-03-26 62312] "Trend Micro RUBotted V2.0 Beta"="c:\program files\Trend Micro\RUBotted\RUBottedGUI.exe" [2010-12-17 1103184] . c:\documents and settings\Customer\Start Menu\Programs\Startup\ bmem.lnk - c:\program files\bmem\bmem.exe [2011-11-10 18944] OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696] Pidgin.lnk - c:\program files\pidgin\PidginPortable.exe [2012-4-6 137328] Samsung SSD Magician.lnk - c:\program files\Samsung SSD Magician\Samsung SSD Magician.exe [2012-8-16 2056192] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus] 2010-07-22 00:28 100176 ----a-w- c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-] "MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background "Pidgin"="c:\pidgin\App\Pidgin\pidgin.exe" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "Nikon Message Center 2"=c:\program files\Nikon\Nikon Message Center 2\NkMC2.exe -s "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Sprint\\Sprint SmartView\\SwiApiMux.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\WINDOWS\\system32\\ftp.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\WINDOWS\\system32\\mmc.exe"= "c:\\Books\\Stanza\\Calibre Portable\\Calibre\\calibre.exe"= "c:\\mongodb\\bin\\mongod.exe"= "c:\\Program Files\\Java\\jre6\\launch4j-tmp\\Stanza.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\DRIVERS\\HP Photosmart 3300\\setup\\HPZnet01.exe"= "c:\\DRIVERS\\HP Photosmart 3300\\setup\\hponicifs01.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1723:TCP"= 1723:TCP:@xpsp2res.dll,-22015 "1701:UDP"= 1701:UDP:@xpsp2res.dll,-22016 "500:UDP"= 500:UDP:@xpsp2res.dll,-22017 . R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [11/16/2011 10:18 AM 25968] R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [3/29/2011 10:12 PM 20592] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2/22/2010 5:50 PM 114984] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2/22/2010 5:51 PM 95872] R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [10/20/2011 5:52 PM 13680] R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [10/20/2011 4:33 AM 21992] R2 DozeSvc;Lenovo Doze Mode Service;c:\program files\ThinkPad\Utilities\DOZESVC.EXE [11/16/2011 10:18 AM 292200] R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2/22/2010 5:50 PM 810120] R2 NovacomD;Palm Novacom;c:\program files\Palm, Inc\novacomd\x86\novacomd.exe [3/15/2011 5:35 PM 61440] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [10/20/2009 2:19 PM 50704] R2 NvtlService;NovaCore SDK Service;c:\program files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe [1/11/2010 5:10 PM 82944] R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [3/31/2011 4:08 PM 80896] R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\ThinkPad\Utilities\PWMDBSVC.exe [11/16/2011 10:18 AM 69632] R2 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files\ThinkPad\Utilities\PWMEWSVC.exe [11/16/2011 10:18 AM 175168] R2 smihlp;SMI Helper Driver (smihlp);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [3/13/2009 5:47 PM 12560] R2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\Lenovo\HOTKEY\tphkload.exe [10/20/2011 5:52 PM 131432] R2 TPHKSVC;On Screen Display;c:\program files\Lenovo\HOTKEY\TPHKSVC.exe [10/20/2011 5:52 PM 142696] R2 WebDriveFSD;WebDrive File System Driver;c:\program files\NetDrive\rffsd.sys [7/11/2012 1:28 PM 67032] R3 NETwLx32; Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [10/20/2011 8:20 PM 6609920] R3 VSBC;Virtual Serial Bus Enumerator (Eltima Software);c:\windows\system32\drivers\evsbc.sys [4/3/2012 1:12 AM 27904] S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [12/8/2011 4:49 PM 136176] S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\Lenovo\HOTKEY\micmute.exe [10/20/2011 5:52 PM 101736] S2 RUBotSrv;Trend Micro RUBotted Service;c:\program files\Trend Micro\RUBotted\RUBotSrv.exe [9/17/2012 10:25 AM 439632] S3 bcm;WiMAX Network Adapter;c:\windows\system32\drivers\drxvi314.sys [3/26/2010 11:07 PM 319488] S3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\drivers\BcmBusCtr.sys [3/26/2010 11:04 PM 51456] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [8/8/2012 4:24 PM 13192] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [8/8/2012 4:24 PM 8456] S3 evserial;Virtual Serial Ports Driver (Eltima Softwate);c:\windows\system32\drivers\evserial.sys [4/3/2012 1:12 AM 53888] S3 GenericMount Helper Service;GenericMount Helper Service;"c:\program files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe" --> c:\program files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe [?] S3 GenericMount;Generic Mount Driver;c:\windows\system32\DRIVERS\GenericMount.sys --> c:\windows\system32\DRIVERS\GenericMount.sys [?] S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [12/8/2011 4:49 PM 136176] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [9/6/2012 1:53 PM 24576] S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [6/22/2010 6:01 PM 21248] S3 MongoDB;Mongo DB;c:\mongodb\bin\mongod.exe [7/16/2012 9:54 AM 3908096] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/30/2012 10:09 AM 113120] S3 SER2AT;ATEN USB to Serial port driver;c:\windows\system32\drivers\SER2AT.sys [4/3/2012 2:44 AM 51200] S3 SKYSCOUT;Celestron SkyScout driver;c:\windows\system32\drivers\UsbScout.sys [1/27/2012 7:38 PM 20480] S3 SymSnapService;SymSnapService;"c:\program files\Norton Ghost\Shared\Drivers\SymSnapService.exe" --> c:\program files\Norton Ghost\Shared\Drivers\SymSnapService.exe [?] S4 RFNP32;WebDrive Provider; [x] S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [1/26/2012 3:29 AM 691696] . --- Other Services/Drivers In Memory --- . *Deregistered* - BMLoad . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . Contents of the 'Scheduled Tasks' folder . 2012-06-12 c:\windows\Tasks\AOR Pacing.job - c:\wwp\aor\aor.bat [2012-06-11 21:20] . 2012-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-08 20:48] . 2012-09-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-12-08 20:48] . 2012-05-03 c:\windows\Tasks\Lead Alerts.job - c:\perl\wwp.bat [2012-05-01 16:38] . 2012-09-24 c:\windows\Tasks\PMTask.job - c:\progra~1\ThinkPad\UTILIT~1\PWMIDTSK.EXE [2011-11-16 06:39] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Open with KUSO EXIF Viewer - c:\program files\KUSO EXIF Viewer\EXIF.htm IE: Send to &Bluetooth Device... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm TCP: DhcpNameServer = 205.152.144.23 205.152.132.23 FF - ProfilePath - c:\documents and settings\Customer\Application Data\Mozilla\Firefox\Profiles\a7zp1i7x.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ . - - - - ORPHANS REMOVED - - - - . HKLM-Run-WebDriveTray - c:\program files\NetDrive\webdrive.exe AddRemove-{F7E1CA14-B39D-452A-960B-39423DDDD933} - f:\xml\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-09-24 08:57 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\MySQL] "ImagePath"="\"c:\program files\MySQL\MySQL Server 5.1\bin\mysqld\" --defaults-file=\"c:\program files\MySQL\MySQL Server 5.1\my.ini\" MySQL" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(620) c:\windows\system32\vrlogon.dll c:\windows\system32\Ati2evxx.dll c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll c:\program files\ThinkVantage Fingerprint Software\homefus2.dll c:\program files\ThinkVantage Fingerprint Software\infql2.dll c:\program files\ThinkVantage Fingerprint Software\homepass.dll c:\program files\ThinkVantage Fingerprint Software\bio.dll c:\program files\ThinkVantage Fingerprint Software\qlbase.dll c:\program files\ThinkVantage Fingerprint Software\ps2css.dll c:\windows\system32\RFNP32.DLL c:\windows\system32\RFHelper.dll c:\windows\system32\rfhres.dll . - - - - - - - > 'lsass.exe'(676) c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll c:\program files\ThinkVantage Fingerprint Software\homefus2.dll c:\program files\ThinkVantage Fingerprint Software\infql2.dll . - - - - - - - > 'explorer.exe'(3680) c:\program files\Google\Drive\googledrivesync32.dll c:\windows\system32\ieframe.dll c:\windows\system32\OneX.DLL c:\windows\system32\eappprxy.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ibmpmsvc.exe c:\windows\system32\Ati2evxx.exe c:\program files\Intel\WiFi\bin\S24EvMon.exe c:\windows\system32\Ati2evxx.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe c:\program files\Intel\WiFi\bin\EvtEng.exe c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe c:\windows\system32\inetsrv\inetinfo.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\MySQL\MySQL Server 5.1\bin\mysqld.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe c:\program files\Lenovo\System Update\SUService.exe c:\program files\Common Files\Lenovo\tvt_reg_monitor_svc.exe c:\program files\Common Files\Lenovo\Scheduler\tvtsched.exe c:\program files\NetDrive\wdservice.exe c:\program files\ThinkPad\Bluetooth Software\bin\btwdins.exe c:\program files\LENOVO\HOTKEY\tposdsvc.exe c:\windows\system32\wscntfy.exe c:\program files\Lenovo\HOTKEY\TPONSCR.exe c:\program files\Lenovo\Zoom\TpScrex.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\windows\system32\TpShocks.exe c:\windows\system32\rundll32.exe c:\program files\Synaptics\SynTP\SynTPLpr.exe c:\program files\iPod\bin\iPodService.exe c:\progra~1\ThinkPad\UTILIT~1\SCHTASK.exe c:\program files\Skype\Plugin Manager\skypePM.exe c:\program files\pidgin\App\Pidgin\pidgin-portable.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe . ************************************************************************** . Completion time: 2012-09-24 09:00:01 - machine was rebooted ComboFix-quarantined-files.txt 2012-09-24 12:59 . Pre-Run: 7,785,623,552 bytes free Post-Run: 15,865,167,872 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - BCEF5E4D31FF867226D6CE7EB6F7B64B Here is the TDSSKiller log file 09:12:58.0296 4116 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24 09:12:58.0578 4116 ============================================================ 09:12:58.0578 4116 Current date / time: 2012/09/24 09:12:58.0578 09:12:58.0578 4116 SystemInfo: 09:12:58.0578 4116 09:12:58.0578 4116 OS Version: 5.1.2600 ServicePack: 3.0 09:12:58.0578 4116 Product type: Workstation 09:12:58.0578 4116 ComputerName: T60P 09:12:58.0578 4116 UserName: Customer 09:12:58.0578 4116 Windows directory: C:\WINDOWS 09:12:58.0578 4116 System windows directory: C:\WINDOWS 09:12:58.0578 4116 Processor architecture: Intel x86 09:12:58.0578 4116 Number of processors: 2 09:12:58.0578 4116 Page size: 0x1000 09:12:58.0578 4116 Boot type: Normal boot 09:12:58.0578 4116 ============================================================ 09:12:59.0140 4116 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 (238.47 Gb), SectorSize: 0x200, Cylinders: 0x8134, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050 09:12:59.0140 4116 ============================================================ 09:12:59.0140 4116 \Device\Harddisk0\DR0: 09:12:59.0140 4116 MBR partitions: 09:12:59.0140 4116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4191 09:12:59.0140 4116 ============================================================ 09:12:59.0140 4116 C: <-> \Device\Harddisk0\DR0\Partition1 09:12:59.0156 4116 ============================================================ 09:12:59.0156 4116 Initialize success 09:12:59.0156 4116 ============================================================ 09:13:01.0265 4028 ============================================================ 09:13:01.0265 4028 Scan started 09:13:01.0265 4028 Mode: Manual; 09:13:01.0265 4028 ============================================================ 09:13:01.0468 4028 ================ Scan system memory ======================== 09:13:01.0484 4028 System memory - ok 09:13:01.0484 4028 ================ Scan services ============================= 09:13:01.0515 4028 Abiosdsk - ok 09:13:01.0531 4028 abp480n5 - ok 09:13:01.0531 4028 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 09:13:01.0609 4028 ACPI - ok 09:13:01.0625 4028 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 09:13:01.0656 4028 ACPIEC - ok 09:13:01.0671 4028 [ B7C4F2A40B7D2289EB944FFF30F385FF ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys 09:13:01.0703 4028 ADIHdAudAddService - ok 09:13:01.0703 4028 adpu160m - ok 09:13:01.0718 4028 [ C984DE22ED71414ABC42C1E03D412E33 ] AEAudioService C:\WINDOWS\system32\drivers\AEAudio.sys 09:13:01.0734 4028 AEAudioService - ok 09:13:01.0734 4028 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 09:13:01.0765 4028 aec - ok 09:13:01.0765 4028 [ 322D0E36693D6E24A2398BEE62A268CD ] AFD C:\WINDOWS\System32\drivers\afd.sys 09:13:01.0765 4028 AFD - ok 09:13:01.0765 4028 Aha154x - ok 09:13:01.0781 4028 aic78u2 - ok 09:13:01.0781 4028 aic78xx - ok 09:13:01.0781 4028 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 09:13:01.0796 4028 Alerter - ok 09:13:01.0796 4028 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe 09:13:01.0796 4028 ALG - ok 09:13:01.0796 4028 AliIde - ok 09:13:01.0796 4028 amsint - ok 09:13:01.0812 4028 ANIWZCSdService - ok 09:13:01.0812 4028 [ D8E18021F91AD79CA8491CB5A5DA22D4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 09:13:01.0812 4028 Apple Mobile Device - ok 09:13:01.0812 4028 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 09:13:01.0828 4028 AppMgmt - ok 09:13:01.0828 4028 asc - ok 09:13:01.0828 4028 asc3350p - ok 09:13:01.0828 4028 asc3550 - ok 09:13:01.0843 4028 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 09:13:01.0843 4028 aspnet_state - ok 09:13:01.0859 4028 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 09:13:01.0875 4028 AsyncMac - ok 09:13:01.0875 4028 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 09:13:01.0890 4028 atapi - ok 09:13:01.0890 4028 Atdisk - ok 09:13:01.0906 4028 [ B921D1790A8EF84B2DBDEEEF4909FBA1 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe 09:13:01.0921 4028 Ati HotKey Poller - ok 09:13:01.0968 4028 [ 5A13723FB8BFDD2090DEFB2D0CB98A27 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 09:13:02.0015 4028 ati2mtag - ok 09:13:02.0031 4028 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 09:13:02.0046 4028 Atmarpc - ok 09:13:02.0046 4028 [ DBF0D7E2DF33B469EB55406FEA759350 ] atmeltpm C:\WINDOWS\system32\DRIVERS\atmeltpm.sys 09:13:02.0062 4028 atmeltpm - ok 09:13:02.0078 4028 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 09:13:02.0078 4028 AudioSrv - ok 09:13:02.0078 4028 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 09:13:02.0093 4028 audstub - ok 09:13:02.0109 4028 [ 54C533AE49CDF9C4630E80379A1090FE ] bcm C:\WINDOWS\system32\DRIVERS\drxvi314.sys 09:13:02.0140 4028 bcm - ok 09:13:02.0140 4028 [ 44A70E32615770A4EC60E0267C0C8408 ] bcmbusctr C:\WINDOWS\system32\DRIVERS\BcmBusCtr.sys 09:13:02.0171 4028 bcmbusctr - ok 09:13:02.0187 4028 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 09:13:02.0203 4028 Beep - ok 09:13:02.0203 4028 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll 09:13:02.0218 4028 BITS - ok 09:13:02.0218 4028 [ 98F4630B5867D911AD6EAE79874BF5E6 ] BMLoad C:\WINDOWS\system32\drivers\BMLoad.sys 09:13:02.0218 4028 BMLoad - ok 09:13:02.0234 4028 [ F934D1B230F84E1D19DD00AC5A7A83ED ] Bridge C:\WINDOWS\system32\DRIVERS\bridge.sys 09:13:02.0265 4028 Bridge - ok 09:13:02.0265 4028 [ F934D1B230F84E1D19DD00AC5A7A83ED ] BridgeMP C:\WINDOWS\system32\DRIVERS\bridge.sys 09:13:02.0265 4028 BridgeMP - ok 09:13:02.0265 4028 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll 09:13:02.0265 4028 Browser - ok 09:13:02.0281 4028 [ 2F9F111D31AA3FBBE5781D829A4524E6 ] BTDriver C:\WINDOWS\system32\DRIVERS\btport.sys 09:13:02.0296 4028 BTDriver - ok 09:13:02.0312 4028 [ D26B5B9A40A2B2191B35C76D5CBF5D2A ] BTKRNL C:\WINDOWS\system32\DRIVERS\btkrnl.sys 09:13:02.0328 4028 BTKRNL - ok 09:13:02.0343 4028 [ C261E704B5558BA04DD643A0D998327D ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe 09:13:02.0343 4028 btwdins - ok 09:13:02.0359 4028 [ 485020A1E1FC5C51A800CA69C618D881 ] BTWDNDIS C:\WINDOWS\system32\DRIVERS\btwdndis.sys 09:13:02.0375 4028 BTWDNDIS - ok 09:13:02.0375 4028 [ 7696F6F2E63086EEEDB76B71BB7BB455 ] BTWUSB C:\WINDOWS\system32\Drivers\btwusb.sys 09:13:02.0390 4028 BTWUSB - ok 09:13:02.0390 4028 catchme - ok 09:13:02.0390 4028 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 09:13:02.0406 4028 cbidf2k - ok 09:13:02.0406 4028 cd20xrnt - ok 09:13:02.0421 4028 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 09:13:02.0437 4028 Cdaudio - ok 09:13:02.0437 4028 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 09:13:02.0453 4028 Cdfs - ok 09:13:02.0468 4028 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 09:13:02.0484 4028 Cdrom - ok 09:13:02.0484 4028 Changer - ok 09:13:02.0484 4028 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe 09:13:02.0484 4028 CiSvc - ok 09:13:02.0500 4028 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 09:13:02.0500 4028 ClipSrv - ok 09:13:02.0500 4028 [ 234B1BC2796483E1F5C3F26649FB3388 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 09:13:02.0515 4028 clr_optimization_v2.0.50727_32 - ok 09:13:02.0515 4028 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 09:13:02.0515 4028 clr_optimization_v4.0.30319_32 - ok 09:13:02.0515 4028 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys 09:13:02.0531 4028 CmBatt - ok 09:13:02.0546 4028 CmdIde - ok 09:13:02.0546 4028 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys 09:13:02.0562 4028 Compbatt - ok 09:13:02.0562 4028 COMSysApp - ok 09:13:02.0578 4028 Cpqarray - ok 09:13:02.0578 4028 [ C2EB4539A4F6AB6EDD01BDC191619975 ] cpuz135 C:\WINDOWS\system32\drivers\cpuz135_x32.sys 09:13:02.0593 4028 cpuz135 - ok 09:13:02.0609 4028 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 09:13:02.0609 4028 CryptSvc - ok 09:13:02.0609 4028 dac2w2k - ok 09:13:02.0609 4028 dac960nt - ok 09:13:02.0625 4028 [ 2589FE6015A316C0F5D5112B4DA7B509 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 09:13:02.0625 4028 DcomLaunch - ok 09:13:02.0625 4028 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 09:13:02.0640 4028 Dhcp - ok 09:13:02.0640 4028 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 09:13:02.0656 4028 Disk - ok 09:13:02.0656 4028 dmadmin - ok 09:13:02.0671 4028 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 09:13:02.0718 4028 dmboot - ok 09:13:02.0718 4028 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys 09:13:02.0734 4028 dmio - ok 09:13:02.0750 4028 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 09:13:02.0765 4028 dmload - ok 09:13:02.0765 4028 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll 09:13:02.0765 4028 dmserver - ok 09:13:02.0765 4028 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 09:13:02.0781 4028 DMusic - ok 09:13:02.0781 4028 [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 09:13:02.0781 4028 Dnscache - ok 09:13:02.0781 4028 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 09:13:02.0796 4028 Dot3svc - ok 09:13:02.0796 4028 [ 6D279BB0DE1D8E34F454E1B353F4D738 ] DozeHDD C:\WINDOWS\system32\DRIVERS\DozeHDD.sys 09:13:02.0796 4028 DozeHDD - ok 09:13:02.0812 4028 [ 21B364856DDBC03D1AFCF348528E5B49 ] DozeSvc C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE 09:13:02.0812 4028 DozeSvc - ok 09:13:02.0812 4028 dpti2o - ok 09:13:02.0812 4028 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 09:13:02.0843 4028 drmkaud - ok 09:13:02.0843 4028 [ 06D94F4543671B497A5F4A0AEDD5E36A ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys 09:13:02.0859 4028 e1express - ok 09:13:02.0875 4028 [ 55E754E04C09DAF19FC0054E72713D80 ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys 09:13:02.0890 4028 eamon - ok 09:13:02.0890 4028 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll 09:13:02.0890 4028 EapHost - ok 09:13:02.0906 4028 [ 6F2441C26D74BDE88C25E240A2720EEB ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys 09:13:02.0921 4028 ehdrv - ok 09:13:02.0921 4028 [ EE0F138E023787DE4D3F1C86A6907CC4 ] EhttpSrv C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe 09:13:02.0921 4028 EhttpSrv - ok 09:13:02.0937 4028 [ CD76857C30BB34D5D9E02A7C9DE5FB9E ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe 09:13:02.0953 4028 ekrn - ok 09:13:02.0953 4028 [ A8317313533E02D573E9DA4962CE1BAD ] epfwtdir C:\WINDOWS\system32\DRIVERS\epfwtdir.sys 09:13:02.0984 4028 epfwtdir - ok 09:13:03.0000 4028 [ F07BA56B0235F15EFF8F10DC6389C42E ] epmntdrv C:\WINDOWS\system32\epmntdrv.sys 09:13:03.0000 4028 epmntdrv - ok 09:13:03.0000 4028 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll 09:13:03.0000 4028 ERSvc - ok 09:13:03.0015 4028 [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv C:\WINDOWS\system32\EuGdiDrv.sys 09:13:03.0015 4028 EuGdiDrv - ok 09:13:03.0015 4028 [ 0E776ED5F7CC9F94299E70461B7B8185 ] Eventlog C:\WINDOWS\system32\services.exe 09:13:03.0015 4028 Eventlog - ok 09:13:03.0031 4028 [ 19A799805B24990867B00C120D300C3A ] EventSystem C:\WINDOWS\system32\es.dll 09:13:03.0031 4028 EventSystem - ok 09:13:03.0031 4028 [ EA2BEE20E81C36C36FE2C29FDA145552 ] evserial C:\WINDOWS\system32\DRIVERS\evserial.sys 09:13:03.0046 4028 evserial - ok 09:13:03.0062 4028 [ 52859724EDD0EE282522225E056B6EB3 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 09:13:03.0078 4028 EvtEng - ok 09:13:03.0078 4028 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 09:13:03.0093 4028 Fastfat - ok 09:13:03.0109 4028 [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 09:13:03.0109 4028 FastUserSwitchingCompatibility - ok 09:13:03.0109 4028 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 09:13:03.0125 4028 Fdc - ok 09:13:03.0140 4028 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 09:13:03.0156 4028 Fips - ok 09:13:03.0156 4028 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 09:13:03.0171 4028 Flpydisk - ok 09:13:03.0187 4028 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 09:13:03.0203 4028 FltMgr - ok 09:13:03.0203 4028 [ 993883524AA9CF1C90E1545411A9AC9C ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 09:13:03.0203 4028 FontCache3.0.0.0 - ok 09:13:03.0218 4028 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 09:13:03.0250 4028 Fs_Rec - ok 09:13:03.0265 4028 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 09:13:03.0281 4028 Ftdisk - ok 09:13:03.0312 4028 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 09:13:03.0312 4028 GEARAspiWDM - ok 09:13:03.0312 4028 GenericMount - ok 09:13:03.0312 4028 GenericMount Helper Service - ok 09:13:03.0328 4028 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 09:13:03.0343 4028 Gpc - ok 09:13:03.0343 4028 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 09:13:03.0359 4028 gupdate - ok 09:13:03.0359 4028 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 09:13:03.0359 4028 gupdatem - ok 09:13:03.0359 4028 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 09:13:03.0375 4028 HDAudBus - ok 09:13:03.0390 4028 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 09:13:03.0390 4028 helpsvc - ok 09:13:03.0390 4028 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll 09:13:03.0390 4028 HidServ - ok 09:13:03.0390 4028 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 09:13:03.0421 4028 HidUsb - ok 09:13:03.0437 4028 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 09:13:03.0437 4028 hkmsvc - ok 09:13:03.0437 4028 [ C5F00D15AA15CB7F55A027FF75E44BB7 ] HP Port Resolver C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPBPRO.EXE 09:13:03.0453 4028 HP Port Resolver - ok 09:13:03.0453 4028 [ C5A288E4CEEF5A26D105117BAA3763AB ] HP Status Server C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPBOID.EXE 09:13:03.0453 4028 HP Status Server - ok 09:13:03.0453 4028 hpn - ok 09:13:03.0468 4028 [ B1FC0B027DF4374F9E5B796CFDF797B3 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\hsx_dpv.sys 09:13:03.0484 4028 HSF_DPV - ok 09:13:03.0484 4028 [ 3AF45F5B4157C88FFAE24D89BA408302 ] HSXHWAZL C:\WINDOWS\system32\DRIVERS\hsxhwazl.sys 09:13:03.0515 4028 HSXHWAZL - ok 09:13:03.0515 4028 [ CBD09ED9CF6822177EE85AEA4D8816A2 ] HTCAND32 C:\WINDOWS\system32\Drivers\ANDROIDUSB.sys 09:13:03.0515 4028 HTCAND32 - ok 09:13:03.0515 4028 [ 04E3B3554076B8192A668EFE88A682A1 ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys 09:13:03.0515 4028 htcnprot - ok 09:13:03.0531 4028 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 09:13:03.0546 4028 HTTP - ok 09:13:03.0546 4028 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 09:13:03.0562 4028 HTTPFilter - ok 09:13:03.0562 4028 i2omgmt - ok 09:13:03.0562 4028 i2omp - ok 09:13:03.0562 4028 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 09:13:03.0593 4028 i8042prt - ok 09:13:03.0609 4028 [ 2358C53F30CB9DCD1D3843C4E2F299B2 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys 09:13:03.0609 4028 iaStor - ok 09:13:03.0609 4028 [ E3FFC8CB45B3F55264EE10F084B2731B ] IBMPMDRV C:\WINDOWS\system32\DRIVERS\ibmpmdrv.sys 09:13:03.0625 4028 IBMPMDRV - ok 09:13:03.0625 4028 [ 5565982522EE9D4E8921FEB304D4226F ] IBMPMSVC C:\WINDOWS\system32\ibmpmsvc.exe 09:13:03.0625 4028 IBMPMSVC - ok 09:13:03.0625 4028 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 09:13:03.0625 4028 IDriverT - ok 09:13:03.0656 4028 [ E7CC3AEAED9893A88876744CD439F76C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 09:13:03.0656 4028 idsvc - ok 09:13:03.0671 4028 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] IISADMIN C:\WINDOWS\system32\inetsrv\inetinfo.exe 09:13:03.0671 4028 IISADMIN - ok 09:13:03.0671 4028 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 09:13:03.0687 4028 Imapi - ok 09:13:03.0703 4028 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe 09:13:03.0703 4028 ImapiService - ok 09:13:03.0703 4028 ini910u - ok 09:13:03.0718 4028 IntelIde - ok 09:13:03.0718 4028 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 09:13:03.0734 4028 intelppm - ok 09:13:03.0734 4028 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 09:13:03.0765 4028 Ip6Fw - ok 09:13:03.0781 4028 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 09:13:03.0812 4028 IpFilterDriver - ok 09:13:03.0828 4028 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 09:13:03.0843 4028 IpInIp - ok 09:13:03.0843 4028 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 09:13:03.0859 4028 IpNat - ok 09:13:03.0875 4028 [ B84A28B3984185EDA8867541AF14CDDB ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 09:13:03.0890 4028 iPod Service - ok 09:13:03.0906 4028 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 09:13:03.0921 4028 IPSec - ok 09:13:03.0921 4028 [ ACA5E7B54409F9CB5EED97ED0C81120E ] irda C:\WINDOWS\system32\DRIVERS\irda.sys 09:13:03.0937 4028 irda - ok 09:13:03.0953 4028 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 09:13:03.0968 4028 IRENUM - ok 09:13:03.0968 4028 [ 49CC4533CE897CB2E93C1E84A818FDE5 ] Irmon C:\WINDOWS\System32\irmon.dll 09:13:03.0968 4028 Irmon - ok 09:13:03.0968 4028 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 09:13:04.0000 4028 isapnp - ok 09:13:04.0000 4028 [ 0E410EDC8D0527801B899CF29E60597C ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe 09:13:04.0000 4028 JavaQuickStarterService - ok 09:13:04.0015 4028 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 09:13:04.0031 4028 Kbdclass - ok 09:13:04.0031 4028 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 09:13:04.0046 4028 kbdhid - ok 09:13:04.0062 4028 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 09:13:04.0078 4028 kmixer - ok 09:13:04.0078 4028 [ 1705745D900DABF2D89F90EBADDC7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 09:13:04.0093 4028 KSecDD - ok 09:13:04.0109 4028 [ F385F4B02C535BFFE1D70CAB80838123 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 09:13:04.0109 4028 lanmanserver - ok 09:13:04.0109 4028 [ 1B67B632786FEF1C1BBAEF46C2F3F2E6 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 09:13:04.0125 4028 lanmanworkstation - ok 09:13:04.0125 4028 lbrtfdc - ok 09:13:04.0125 4028 [ 340288B3B2EDC8AFD5FF127DF85142A7 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe 09:13:04.0140 4028 LENOVO.MICMUTE - ok 09:13:04.0140 4028 [ 9AAC267A225F3CAEBB9E633F7EB16E4B ] lenovo.smi C:\WINDOWS\system32\DRIVERS\smiif32.sys 09:13:04.0140 4028 lenovo.smi - ok 09:13:04.0156 4028 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 09:13:04.0156 4028 LmHosts - ok 09:13:04.0156 4028 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 09:13:04.0156 4028 mdmxsdk - ok 09:13:04.0156 4028 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll 09:13:04.0171 4028 Messenger - ok 09:13:04.0171 4028 [ A7DA20AB18A1BDAE28B0F349E57DA0D1 ] mf C:\WINDOWS\system32\DRIVERS\mf.sys 09:13:04.0187 4028 mf - ok 09:13:04.0187 4028 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 09:13:04.0203 4028 Microsoft Office Groove Audit Service - ok 09:13:04.0203 4028 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 09:13:04.0218 4028 mnmdd - ok 09:13:04.0218 4028 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 09:13:04.0234 4028 mnmsrvc - ok 09:13:04.0234 4028 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 09:13:04.0250 4028 Modem - ok 09:13:04.0328 4028 [ B9530A79218016DEFC55004E17C6FB77 ] MongoDB C:\mongodb\bin\mongod.exe 09:13:04.0390 4028 MongoDB - ok 09:13:04.0406 4028 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 09:13:04.0421 4028 Mouclass - ok 09:13:04.0421 4028 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 09:13:04.0437 4028 mouhid - ok 09:13:04.0453 4028 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 09:13:04.0468 4028 MountMgr - ok 09:13:04.0468 4028 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 09:13:04.0484 4028 MozillaMaintenance - ok 09:13:04.0484 4028 mraid35x - ok 09:13:04.0484 4028 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 09:13:04.0515 4028 MRxDAV - ok 09:13:04.0531 4028 [ 68755F0FF16070178B54674FE5B847B0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 09:13:04.0562 4028 MRxSmb - ok 09:13:04.0562 4028 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 09:13:04.0562 4028 MSDTC - ok 09:13:04.0578 4028 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 09:13:04.0593 4028 Msfs - ok 09:13:04.0593 4028 MSIServer - ok 09:13:04.0593 4028 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 09:13:04.0609 4028 MSKSSRV - ok 09:13:04.0625 4028 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 09:13:04.0640 4028 MSPCLOCK - ok 09:13:04.0640 4028 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 09:13:04.0656 4028 MSPQM - ok 09:13:04.0656 4028 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 09:13:04.0671 4028 mssmbios - ok 09:13:04.0687 4028 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 09:13:04.0703 4028 Mup - ok 09:13:04.0703 4028 MySQL - ok 09:13:04.0718 4028 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll 09:13:04.0718 4028 napagent - ok 09:13:04.0734 4028 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 09:13:04.0734 4028 NDIS - ok 09:13:04.0734 4028 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 09:13:04.0750 4028 NdisTapi - ok 09:13:04.0750 4028 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 09:13:04.0765 4028 Ndisuio - ok 09:13:04.0781 4028 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 09:13:04.0796 4028 NdisWan - ok 09:13:04.0796 4028 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 09:13:04.0812 4028 NDProxy - ok 09:13:04.0828 4028 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll 09:13:04.0828 4028 Net Driver HPZ12 - ok 09:13:04.0828 4028 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 09:13:04.0843 4028 NetBIOS - ok 09:13:04.0859 4028 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 09:13:04.0875 4028 NetBT - ok 09:13:04.0875 4028 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe 09:13:04.0890 4028 NetDDE - ok 09:13:04.0890 4028 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 09:13:04.0890 4028 NetDDEdsdm - ok 09:13:04.0890 4028 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe 09:13:04.0906 4028 Netlogon - ok 09:13:04.0906 4028 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll 09:13:04.0906 4028 Netman - ok 09:13:04.0921 4028 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 09:13:04.0921 4028 NetTcpPortSharing - ok 09:13:04.0968 4028 [ 05743FFFC2BC88CC8E426321BC6A762E ] NETw5x32 C:\WINDOWS\system32\DRIVERS\NETw5x32.sys 09:13:05.0031 4028 NETw5x32 - ok 09:13:05.0140 4028 [ 72062B53186E4A3F5FCBC41EBB62B905 ] NETwLx32 C:\WINDOWS\system32\DRIVERS\NETwLx32.sys 09:13:05.0250 4028 NETwLx32 - ok 09:13:05.0250 4028 [ 37260A293B6A89373AE76791E6CC5A12 ] nhcDriverDevice C:\WINDOWS\system32\drivers\nhcDriver.sys 09:13:05.0281 4028 nhcDriverDevice - ok 09:13:05.0281 4028 [ B4138E99236F0F57D4CF49BAE98A0746 ] Nla C:\WINDOWS\System32\mswsock.dll 09:13:05.0281 4028 Nla - ok 09:13:05.0296 4028 [ B0D5188E282DC4EDAE7020F333427BC8 ] Nmea C:\WINDOWS\system32\DRIVERS\pctnullport.sys 09:13:05.0296 4028 Nmea - ok 09:13:05.0296 4028 [ 085440078813949C51C33589557BFD29 ] NovacomD C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe 09:13:05.0296 4028 NovacomD - ok 09:13:05.0312 4028 [ B9730495E0CF674680121E34BD95A73B ] NPF C:\WINDOWS\system32\drivers\npf.sys 09:13:05.0312 4028 NPF - ok 09:13:05.0312 4028 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 09:13:05.0328 4028 Npfs - ok 09:13:05.0343 4028 [ 2ADC0CA9945C65284B3D19BC18765974 ] NSCIRDA C:\WINDOWS\system32\DRIVERS\nscirda.sys 09:13:05.0375 4028 NSCIRDA - ok 09:13:05.0390 4028 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 09:13:05.0406 4028 Ntfs - ok 09:13:05.0406 4028 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 09:13:05.0406 4028 NtLmSsp - ok 09:13:05.0421 4028 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 09:13:05.0421 4028 NtmsSvc - ok 09:13:05.0437 4028 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 09:13:05.0453 4028 Null - ok 09:13:05.0453 4028 [ 7D4ED787E0D06677776339318DF25BDC ] NvtlService C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe 09:13:05.0468 4028 NvtlService - ok 09:13:05.0468 4028 [ 93213C7EC08E01E37A935BF144E75DF6 ] NWADI C:\WINDOWS\system32\DRIVERS\NWADIenum.sys 09:13:05.0500 4028 NWADI - ok 09:13:05.0500 4028 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 09:13:05.0515 4028 NwlnkFlt - ok 09:13:05.0531 4028 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 09:13:05.0546 4028 NwlnkFwd - ok 09:13:05.0562 4028 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 09:13:05.0562 4028 odserv - ok 09:13:05.0578 4028 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 09:13:05.0578 4028 ose - ok 09:13:05.0593 4028 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys 09:13:05.0609 4028 Parport - ok 09:13:05.0609 4028 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 09:13:05.0625 4028 PartMgr - ok 09:13:05.0640 4028 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 09:13:05.0656 4028 ParVdm - ok 09:13:05.0656 4028 [ A1E779A0CF7A21B42E8FD3E8856D8481 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe 09:13:05.0671 4028 PassThru Service - ok 09:13:05.0671 4028 [ 1961590AA191B6B7DCF18A6A693AF7B8 ] PCASp50 C:\WINDOWS\system32\Drivers\PCASp50.sys 09:13:05.0671 4028 PCASp50 - ok 09:13:05.0671 4028 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 09:13:05.0703 4028 PCI - ok 09:13:05.0703 4028 PCIDump - ok 09:13:05.0703 4028 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 09:13:05.0718 4028 PCIIde - ok 09:13:05.0734 4028 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys 09:13:05.0765 4028 Pcmcia - ok 09:13:05.0765 4028 [ 1E715247EFFFDDA938C085913045D599 ] PCTINDIS5 C:\WINDOWS\system32\PCTINDIS5.SYS 09:13:05.0781 4028 PCTINDIS5 - ok 09:13:05.0796 4028 PDCOMP - ok 09:13:05.0796 4028 PDFRAME - ok 09:13:05.0796 4028 PDRELI - ok 09:13:05.0796 4028 PDRFRAME - ok 09:13:05.0812 4028 perc2 - ok 09:13:05.0812 4028 perc2hib - ok 09:13:05.0828 4028 [ 0E776ED5F7CC9F94299E70461B7B8185 ] PlugPlay C:\WINDOWS\system32\services.exe 09:13:05.0828 4028 PlugPlay - ok 09:13:05.0828 4028 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll 09:13:05.0828 4028 Pml Driver HPZ12 - ok 09:13:05.0843 4028 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 09:13:05.0843 4028 PolicyAgent - ok 09:13:05.0843 4028 [ 07A5F0D46C06C154560A70C998003C2A ] Power Manager DBC Service C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE 09:13:05.0843 4028 Power Manager DBC Service - ok 09:13:05.0843 4028 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 09:13:05.0875 4028 PptpMiniport - ok 09:13:05.0875 4028 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 09:13:05.0875 4028 ProtectedStorage - ok 09:13:05.0875 4028 [ F8A25F1DD8B2C332CBC663E3579566E7 ] psadd C:\WINDOWS\system32\DRIVERS\psadd.sys 09:13:05.0875 4028 psadd - ok 09:13:05.0890 4028 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 09:13:05.0906 4028 Ptilink - ok 09:13:05.0906 4028 [ 40EC047DC4304D3910D9358FCEAA1803 ] PwmEWSvc C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE 09:13:05.0906 4028 PwmEWSvc - ok 09:13:05.0921 4028 ql1080 - ok 09:13:05.0921 4028 Ql10wnt - ok 09:13:05.0921 4028 ql12160 - ok 09:13:05.0921 4028 ql1240 - ok 09:13:05.0937 4028 ql1280 - ok 09:13:05.0937 4028 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 09:13:05.0953 4028 RasAcd - ok 09:13:05.0968 4028 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll 09:13:05.0968 4028 RasAuto - ok 09:13:05.0968 4028 [ 0207D26DDF796A193CCD9F83047BB5FC ] Rasirda C:\WINDOWS\system32\DRIVERS\rasirda.sys 09:13:05.0984 4028 Rasirda - ok 09:13:06.0000 4028 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 09:13:06.0015 4028 Rasl2tp - ok 09:13:06.0015 4028 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll 09:13:06.0031 4028 RasMan - ok 09:13:06.0031 4028 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 09:13:06.0046 4028 RasPppoe - ok 09:13:06.0062 4028 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 09:13:06.0093 4028 Raspti - ok 09:13:06.0093 4028 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 09:13:06.0171 4028 Rdbss - ok 09:13:06.0187 4028 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 09:13:06.0203 4028 RDPCDD - ok 09:13:06.0203 4028 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 09:13:06.0218 4028 rdpdr - ok 09:13:06.0234 4028 [ 6728E45B66F93C08F11DE2E316FC70DD ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 09:13:06.0281 4028 RDPWD - ok 09:13:06.0281 4028 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 09:13:06.0296 4028 RDSessMgr - ok 09:13:06.0296 4028 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 09:13:06.0312 4028 redbook - ok 09:13:06.0328 4028 [ 3B1A7CEA1E230103264405E0FB05532C ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 09:13:06.0343 4028 RegSrvc - ok 09:13:06.0343 4028 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 09:13:06.0343 4028 RemoteAccess - ok 09:13:06.0359 4028 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 09:13:06.0359 4028 RemoteRegistry - ok 09:13:06.0359 4028 RFNP32 - ok 09:13:06.0359 4028 [ A780D3EAA74582EA1DEB6BD9C7A3D9C9 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe 09:13:06.0375 4028 rpcapd - ok 09:13:06.0375 4028 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe 09:13:06.0375 4028 RpcLocator - ok 09:13:06.0390 4028 [ 2589FE6015A316C0F5D5112B4DA7B509 ] RpcSs C:\WINDOWS\System32\rpcss.dll 09:13:06.0390 4028 RpcSs - ok 09:13:06.0406 4028 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe 09:13:06.0406 4028 RSVP - ok 09:13:06.0406 4028 [ 0F82A97056EA208183C0085589F83050 ] rt2500usb C:\WINDOWS\system32\DRIVERS\rt2500usb.sys 09:13:06.0437 4028 rt2500usb - ok 09:13:06.0437 4028 [ A0EEA6F631349D0E0B7A6CAA7E099CB0 ] RUBotSrv C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe 09:13:06.0453 4028 RUBotSrv - ok 09:13:06.0468 4028 [ 8C9D57338B02D95C0FC7DB428C50A001 ] S24EventMonitor C:\Program Files\Intel\WiFi\bin\S24EvMon.exe 09:13:06.0484 4028 S24EventMonitor - ok 09:13:06.0500 4028 [ 27FC71DA659305E260ACBDA15A318399 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys 09:13:06.0500 4028 s24trans - ok 09:13:06.0500 4028 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe 09:13:06.0500 4028 SamSs - ok 09:13:06.0500 4028 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 09:13:06.0515 4028 SCardSvr - ok 09:13:06.0515 4028 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll 09:13:06.0531 4028 Schedule - ok 09:13:06.0531 4028 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 09:13:06.0546 4028 Secdrv - ok 09:13:06.0562 4028 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll 09:13:06.0562 4028 seclogon - ok 09:13:06.0562 4028 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll 09:13:06.0562 4028 SENS - ok 09:13:06.0578 4028 [ 9C80BA2E3B0AD98D108154C020FCB966 ] SER2AT C:\WINDOWS\system32\DRIVERS\SER2AT.sys 09:13:06.0578 4028 SER2AT - ok 09:13:06.0578 4028 Ser2pl - ok 09:13:06.0578 4028 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 09:13:06.0609 4028 Serenum - ok 09:13:06.0609 4028 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys 09:13:06.0640 4028 Serial - ok 09:13:06.0656 4028 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 09:13:06.0671 4028 Sfloppy - ok 09:13:06.0687 4028 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 09:13:06.0687 4028 SharedAccess - ok 09:13:06.0687 4028 [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 09:13:06.0703 4028 ShellHWDetection - ok 09:13:06.0703 4028 [ 1624530D05155F4E5A4736531523BFF5 ] Shockprf C:\WINDOWS\system32\DRIVERS\Apsx86.sys 09:13:06.0734 4028 Shockprf - ok 09:13:06.0750 4028 [ F2AB02C279BFC511A4B859416FFD4EB2 ] Si3112 C:\WINDOWS\system32\drivers\Si3112.sys 09:13:06.0765 4028 Si3112 - ok 09:13:06.0781 4028 Simbad - ok 09:13:06.0781 4028 [ 7E00E1C6F2CF9822F15D17FFB684A200 ] SKYSCOUT C:\WINDOWS\system32\DRIVERS\UsbScout.sys 09:13:06.0796 4028 SKYSCOUT - ok 09:13:06.0812 4028 [ 26341D0DD225D19FD50E0EE3C3C77502 ] Smapint C:\WINDOWS\system32\drivers\Smapint.sys 09:13:06.0812 4028 Smapint - ok 09:13:06.0828 4028 [ 0B9C01236D25BDCB37AA79DC59DFB7D3 ] smihlp C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys 09:13:06.0828 4028 smihlp - ok 09:13:06.0828 4028 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] SMTPSVC C:\WINDOWS\system32\inetsrv\inetinfo.exe 09:13:06.0828 4028 SMTPSVC - ok 09:13:06.0843 4028 Sparrow - ok 09:13:06.0843 4028 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 09:13:06.0859 4028 splitter - ok 09:13:06.0859 4028 [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] Spooler C:\WINDOWS\system32\spoolsv.exe 09:13:06.0875 4028 Spooler - ok 09:13:06.0875 4028 [ BFF4D98AC361EFB0D85513F9629AFAF5 ] SprintRcAppSvc C:\Program Files\Sprint\Sprint SmartView\RcAppSvc.exe 09:13:06.0875 4028 SprintRcAppSvc - ok 09:13:06.0906 4028 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\WINDOWS\System32\Drivers\sptd.sys 09:13:06.0921 4028 sptd - ok 09:13:06.0921 4028 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 09:13:06.0937 4028 sr - ok 09:13:06.0953 4028 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll 09:13:06.0953 4028 srservice - ok 09:13:06.0968 4028 [ 5252605079810904E31C332E241CD59B ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 09:13:06.0984 4028 Srv - ok 09:13:06.0984 4028 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 09:13:07.0000 4028 SSDPSRV - ok 09:13:07.0000 4028 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys 09:13:07.0015 4028 StillCam - ok 09:13:07.0031 4028 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll 09:13:07.0031 4028 stisvc - ok 09:13:07.0031 4028 [ C2191C1A5DFED0795E3D3B68905B195B ] SUService C:\Program Files\Lenovo\System Update\SUService.exe 09:13:07.0031 4028 SUService - ok 09:13:07.0046 4028 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 09:13:07.0062 4028 swenum - ok 09:13:07.0062 4028 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 09:13:07.0093 4028 swmidi - ok 09:13:07.0125 4028 [ AF88AE62B84D016EB5BDC12DDF1005A3 ] swmx00 C:\WINDOWS\system32\DRIVERS\swmx00.sys 09:13:07.0156 4028 swmx00 - ok 09:13:07.0156 4028 [ 24BCE62E4DA07C6488E3A7FF37A6B6AE ] SWNC5E00 C:\WINDOWS\system32\DRIVERS\SWNC5E00.sys 09:13:07.0187 4028 SWNC5E00 - ok 09:13:07.0187 4028 SwPrv - ok 09:13:07.0187 4028 symc810 - ok 09:13:07.0187 4028 symc8xx - ok 09:13:07.0187 4028 SymSnapService - ok 09:13:07.0203 4028 sym_hi - ok 09:13:07.0203 4028 sym_u3 - ok 09:13:07.0218 4028 [ 7E194E86BF306E07470A0AC56B41DE83 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 09:13:07.0265 4028 SynTP - ok 09:13:07.0265 4028 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 09:13:07.0281 4028 sysaudio - ok 09:13:07.0281 4028 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 09:13:07.0281 4028 SysmonLog - ok 09:13:07.0296 4028 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 09:13:07.0296 4028 TapiSrv - ok 09:13:07.0312 4028 [ 93EA8D04EC73A85DB02EB8805988F733 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 09:13:07.0328 4028 Tcpip - ok 09:13:07.0343 4028 [ 4BED0C7FDF414D1BD26BF33EA673CA49 ] tcpipBM C:\WINDOWS\system32\drivers\tcpipBM.sys 09:13:07.0343 4028 tcpipBM - ok 09:13:07.0359 4028 [ 58E3EB5A5C78740C5870EEE6648CCC46 ] TcUsb C:\WINDOWS\system32\Drivers\tcusb.sys 09:13:07.0359 4028 TcUsb - ok 09:13:07.0359 4028 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 09:13:07.0375 4028 TDPIPE - ok 09:13:07.0390 4028 [ 564B337034271B7BDDCABFDDC91C6B7A ] TDSMAPI C:\WINDOWS\system32\drivers\TDSMAPI.SYS 09:13:07.0406 4028 TDSMAPI - ok 09:13:07.0406 4028 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 09:13:07.0421 4028 TDTCP - ok 09:13:07.0437 4028 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 09:13:07.0468 4028 TermDD - ok 09:13:07.0484 4028 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll 09:13:07.0484 4028 TermService - ok 09:13:07.0500 4028 [ 1926899BF9FFE2602B63074971700412 ] Themes C:\WINDOWS\System32\shsvcs.dll 09:13:07.0500 4028 Themes - ok 09:13:07.0515 4028 [ 9626746A9B120D2ED537DD8D76278405 ] ThinkVantage Registry Monitor Service C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe 09:13:07.0531 4028 ThinkVantage Registry Monitor Service - ok 09:13:07.0531 4028 [ A1124EBC672AA3AE1B327096C1DCC346 ] TIEHDUSB C:\WINDOWS\system32\drivers\tiehdusb.sys 09:13:07.0531 4028 TIEHDUSB - ok 09:13:07.0546 4028 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 09:13:07.0546 4028 TlntSvr - ok 09:13:07.0546 4028 TosIde - ok 09:13:07.0546 4028 [ D2378FBBD668D9FE9B6B5E3139D506D3 ] TPDIGIMN C:\WINDOWS\system32\DRIVERS\ApsHM86.sys 09:13:07.0578 4028 TPDIGIMN - ok 09:13:07.0578 4028 [ A34A1E6B5461273846D30F5898602A72 ] TPHDEXLGSVC C:\WINDOWS\system32\TPHDEXLG.exe 09:13:07.0578 4028 TPHDEXLGSVC - ok 09:13:07.0593 4028 [ 8AEF2188630F5ECD79AD9ABBA630630B ] TPHKDRV C:\WINDOWS\system32\DRIVERS\TPHKDRV.sys 09:13:07.0593 4028 TPHKDRV - ok 09:13:07.0593 4028 [ 9CD364ECB3A10B24C7CAC8FF89993A67 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe 09:13:07.0593 4028 TPHKLOAD - ok 09:13:07.0609 4028 [ C04BB65441913AB621C58A8BD3169B23 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe 09:13:07.0609 4028 TPHKSVC - ok 09:13:07.0609 4028 [ C037817E2498D9DB736E4BA355B1F4E7 ] TPPWRIF C:\WINDOWS\system32\drivers\Tppwrif.sys 09:13:07.0625 4028 TPPWRIF - ok 09:13:07.0640 4028 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll 09:13:07.0640 4028 TrkWks - ok 09:13:07.0640 4028 [ F10F36E20448A5500A5F83F67EE4AAD4 ] TSMAPIP C:\WINDOWS\system32\drivers\TSMAPIP.SYS 09:13:07.0656 4028 TSMAPIP - ok 09:13:07.0671 4028 [ E9EA448F1174BE4052416B62263EA4EE ] TVT Scheduler C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe 09:13:07.0687 4028 TVT Scheduler - ok 09:13:07.0687 4028 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 09:13:07.0718 4028 Udfs - ok 09:13:07.0718 4028 ultra - ok 09:13:07.0718 4028 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 09:13:07.0765 4028 Update - ok 09:13:07.0781 4028 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll 09:13:07.0781 4028 upnphost - ok 09:13:07.0796 4028 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe 09:13:07.0796 4028 UPS - ok 09:13:07.0796 4028 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys 09:13:07.0828 4028 USBAAPL - ok 09:13:07.0828 4028 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 09:13:07.0843 4028 usbccgp - ok 09:13:07.0843 4028 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 09:13:07.0875 4028 usbehci - ok 09:13:07.0875 4028 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 09:13:07.0890 4028 usbhub - ok 09:13:07.0890 4028 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 09:13:07.0921 4028 usbscan - ok 09:13:07.0921 4028 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 09:13:07.0937 4028 USBSTOR - ok 09:13:07.0937 4028 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 09:13:07.0953 4028 usbuhci - ok 09:13:07.0968 4028 [ B6CC50279D6CD28E090A5D33244ADC9A ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys 09:13:07.0984 4028 usb_rndisx - ok 09:13:07.0984 4028 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 09:13:08.0000 4028 VgaSave - ok 09:13:08.0000 4028 ViaIde - ok 09:13:08.0015 4028 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 09:13:08.0031 4028 VolSnap - ok 09:13:08.0031 4028 [ ED93E2B7FD5AEB89C924F175824A4D6D ] VSBC C:\WINDOWS\system32\DRIVERS\evsbc.sys 09:13:08.0046 4028 VSBC - ok 09:13:08.0062 4028 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe 09:13:08.0062 4028 VSS - ok 09:13:08.0078 4028 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll 09:13:08.0093 4028 W32Time - ok 09:13:08.0093 4028 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] W3SVC C:\WINDOWS\system32\inetsrv\inetinfo.exe 09:13:08.0093 4028 W3SVC - ok 09:13:08.0093 4028 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 09:13:08.0109 4028 Wanarp - ok 09:13:08.0125 4028 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys 09:13:08.0125 4028 Wdf01000 - ok 09:13:08.0140 4028 WDICA - ok 09:13:08.0140 4028 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 09:13:08.0156 4028 wdmaud - ok 09:13:08.0156 4028 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll 09:13:08.0171 4028 WebClient - ok 09:13:08.0171 4028 [ A2A5F0ED60CEE2236B433B5B84812EAD ] WebDriveFSD C:\Program Files\NetDrive\rffsd.sys 09:13:08.0187 4028 WebDriveFSD - ok 09:13:08.0187 4028 [ C86DA43F9D80A7E18A92D3BDF705FFDC ] WebDriveService C:\Program Files\NetDrive\wdservice.exe 09:13:08.0187 4028 WebDriveService - ok 09:13:08.0203 4028 [ 11EC1AFCEB5C917CE73D3C301FF4291E ] winachsf C:\WINDOWS\system32\DRIVERS\hsx_cnxt.sys 09:13:08.0250 4028 winachsf - ok 09:13:08.0265 4028 [ CE291805CB4CD561A5A569DF4E28E41F ] windrvNT C:\WINDOWS\system32\windrvNT.sys 09:13:08.0281 4028 windrvNT - ok 09:13:08.0296 4028 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 09:13:08.0312 4028 winmgmt - ok 09:13:08.0312 4028 [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys 09:13:08.0328 4028 WinUSB - ok 09:13:08.0328 4028 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll 09:13:08.0328 4028 WmdmPmSN - ok 09:13:08.0343 4028 [ BAB489A5FE26F2D0C910CF7AF7E4CF92 ] Wmi C:\WINDOWS\System32\advapi32.dll 09:13:08.0359 4028 Wmi - ok 09:13:08.0375 4028 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 09:13:08.0375 4028 WmiApSrv - ok 09:13:08.0390 4028 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 09:13:08.0421 4028 WPFFontCache_v0400 - ok 09:13:08.0421 4028 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 09:13:08.0437 4028 WS2IFSL - ok 09:13:08.0453 4028 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll 09:13:08.0453 4028 wscsvc - ok 09:13:08.0453 4028 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 09:13:08.0453 4028 wuauserv - ok 09:13:08.0468 4028 [ 6FF66513D372D479EF1810223C8D20CE ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 09:13:08.0484 4028 WudfPf - ok 09:13:08.0484 4028 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 09:13:08.0484 4028 WudfRd - ok 09:13:08.0515 4028 [ 575A4190D989F64732119E4114045A4F ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 09:13:08.0515 4028 WudfSvc - ok 09:13:08.0531 4028 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 09:13:08.0546 4028 WZCSVC - ok 09:13:08.0546 4028 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 09:13:08.0546 4028 xmlprov - ok 09:13:08.0562 4028 ================ Scan global =============================== 09:13:08.0562 4028 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll 09:13:08.0578 4028 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll 09:13:08.0593 4028 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll 09:13:08.0593 4028 [ 0E776ED5F7CC9F94299E70461B7B8185 ] C:\WINDOWS\system32\services.exe 09:13:08.0593 4028 [Global] - ok 09:13:08.0593 4028 ================ Scan MBR ================================== 09:13:08.0609 4028 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 09:13:08.0671 4028 \Device\Harddisk0\DR0 - ok 09:13:08.0671 4028 ================ Scan VBR ================================== 09:13:08.0671 4028 [ 60EF243301F185B5056291BE29E87AC2 ] \Device\Harddisk0\DR0\Partition1 09:13:08.0671 4028 \Device\Harddisk0\DR0\Partition1 - ok 09:13:08.0671 4028 ============================================================ 09:13:08.0671 4028 Scan finished 09:13:08.0671 4028 ============================================================ 09:13:08.0671 1712 Detected object count: 0 09:13:08.0671 1712 Actual detected object count: 0
  9. Thanks for replying to my post. Here is the updated DDS.log (One thing I did do was to run the Memtext86+ It completed 9 passes overnight. (So, I'm thinking the RAM is fine and the machine must be okay to run that hard and not reboot during that time) . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_35 Run by Customer at 2:28:41 on 2012-09-24 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.1844 [GMT -4:00] . AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . ============== Running Processes =============== . C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Intel\WiFi\bin\S24EvMon.exe svchost.exe svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Lenovo\System Update\SUService.exe C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe C:\Program Files\NetDrive\wdservice.exe C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\Program Files\Lenovo\Zoom\TpScrex.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe C:\WINDOWS\system32\TpShocks.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe C:\Program Files\Sprint\Sprint SmartView\RDVCHG.exe C:\Program Files\Notebook Hardware Control\nhc.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\Drive\googledrivesync.exe C:\Program Files\NetDrive\netdrive.exe C:\Program Files\bmem\bmem.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Google\Drive\googledrivesync.exe C:\PROGRA~1\ThinkPad\UTILIT~1\SCHTASK.exe C:\Program Files\pidgin\PidginPortable.exe C:\Program Files\Samsung SSD Magician\Samsung SSD Magician.exe C:\Program Files\pidgin\App\Pidgin\pidgin-portable.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart uRun: [Netdrive] c:\program files\netdrive\netdrive.exe -tray mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [PSQLLauncher] "c:\program files\thinkvantage fingerprint software\launcher.exe" /startup mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe mRun: [LenovoAutoScrollUtility] c:\program files\lenovo\virtscrl\virtscrl.exe mRun: [<NO NAME>] mRun: [TpShocks] TpShocks.exe mRun: [LPManager] c:\progra~1\thinkv~2\prdctr\LPMGR.exe mRun: [LPMailChecker] c:\progra~1\thinkv~2\prdctr\LPMLCHK.exe mRun: [sprint SmartView] "c:\program files\sprint\sprint smartview\SprintSV.exe" -a mRun: [RDVCHG] "c:\program files\sprint\sprint smartview\RDVCHG.exe" mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [NotebookHardwareControl] "c:\program files\notebook hardware control\nhc.exe" -quiet mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [WebDriveTray] c:\program files\netdrive\webdrive.exe /trayicon mRun: [TPFNF7] c:\program files\lenovo\npdirect\TPFNF7SP.exe /r mRun: [Trend Micro RUBotted V2.0 Beta] c:\program files\trend micro\rubotted\RUBottedGUI.exe StartupFolder: c:\docume~1\customer\startm~1\programs\startup\bmem.lnk - c:\program files\bmem\bmem.exe StartupFolder: c:\docume~1\customer\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\docume~1\customer\startm~1\programs\startup\pidgin.lnk - c:\program files\pidgin\PidginPortable.exe StartupFolder: c:\docume~1\customer\startm~1\programs\startup\samsun~1.lnk - c:\program files\samsung ssd magician\Samsung SSD Magician.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Open with KUSO EXIF Viewer - c:\program files\kuso exif viewer\EXIF.htm IE: Send to &Bluetooth Device... - c:\program files\thinkpad\bluetooth software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: Interfaces\{88D665B9-B241-42C5-AC72-082E590386E2} : DhcpNameServer = 205.152.144.23 205.152.132.23 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: lbxfile - {56831180-F115-11d2-B6AA-00104B2B9943} - c:\program files\libronix dls\system\FileProt.dll Handler: lbxres - {24508F1B-9E94-40EE-9759-9AF5795ADF52} - c:\program files\libronix dls\system\ResProt.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll Notify: psfus - c:\program files\thinkvantage fingerprint software\psqlpwd.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll LSA: Notification Packages = scecli c:\program files\thinkvantage fingerprint software\psqlpwd.dll Hosts: 127.0.0.1 www.spywareinfo.com Hosts: 173.203.13.74 appserver Hosts: 173.203.13.75 dbserver . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\customer\application data\mozilla\firefox\profiles\a7zp1i7x.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - plugin: c:\documents and settings\customer\application data\mozilla\firefox\profiles\a7zp1i7x.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_265.dll FF - plugin: c:\windows\system32\npdeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll . ============= SERVICES / DRIVERS =============== . R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [2011-11-16 25968] R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2011-3-29 20592] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-2-22 114984] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2010-2-22 95872] R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2011-10-20 13680] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-10-20 21992] R2 DozeSvc;Lenovo Doze Mode Service;c:\program files\thinkpad\utilities\DOZESVC.EXE [2011-11-16 292200] R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-2-22 810120] R2 NovacomD;Palm Novacom;c:\program files\palm, inc\novacomd\x86\novacomd.exe [2011-3-15 61440] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704] R2 NvtlService;NovaCore SDK Service;c:\program files\novatel wireless\novacore\server\NvtlSrvr.exe [2010-1-11 82944] R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2011-3-31 80896] R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2011-11-16 69632] R2 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files\thinkpad\utilities\PWMEWSVC.exe [2011-11-16 175168] R2 RUBotSrv;Trend Micro RUBotted Service;c:\program files\trend micro\rubotted\RUBotSrv.exe [2012-9-17 439632] R2 smihlp;SMI Helper Driver (smihlp);c:\program files\thinkvantage fingerprint software\smihlp.sys [2009-3-13 12560] R2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\lenovo\hotkey\tphkload.exe [2011-10-20 131432] R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2011-10-20 142696] R2 WebDriveFSD;WebDrive File System Driver;c:\program files\netdrive\rffsd.sys [2012-7-11 67032] R3 NETwLx32; Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [2011-10-20 6609920] R3 VSBC;Virtual Serial Bus Enumerator (Eltima Software);c:\windows\system32\drivers\evsbc.sys [2012-4-3 27904] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-12-8 136176] S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2011-10-20 101736] S3 bcm;WiMAX Network Adapter;c:\windows\system32\drivers\drxvi314.sys [2010-3-26 319488] S3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\drivers\BcmBusCtr.sys [2010-3-26 51456] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2012-8-8 13192] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2012-8-8 8456] S3 evserial;Virtual Serial Ports Driver (Eltima Softwate);c:\windows\system32\drivers\evserial.sys [2012-4-3 53888] S3 GenericMount Helper Service;GenericMount Helper Service;"c:\program files\norton ghost\shared\drivers\genericmounthelper.exe" --> c:\program files\norton ghost\shared\drivers\GenericMountHelper.exe [?] S3 GenericMount;Generic Mount Driver;c:\windows\system32\drivers\genericmount.sys --> c:\windows\system32\drivers\GenericMount.sys [?] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-12-8 136176] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2012-9-6 24576] S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-22 21248] S3 MongoDB;Mongo DB;c:\mongodb\bin\mongod.exe [2012-7-16 3908096] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-30 113120] S3 SER2AT;ATEN USB to Serial port driver;c:\windows\system32\drivers\SER2AT.sys [2012-4-3 51200] S3 SKYSCOUT;Celestron SkyScout driver;c:\windows\system32\drivers\UsbScout.sys [2012-1-27 20480] S3 SymSnapService;SymSnapService;"c:\program files\norton ghost\shared\drivers\symsnapservice.exe" --> c:\program files\norton ghost\shared\drivers\SymSnapService.exe [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 RFNP32;WebDrive Provider; [x] . =============== Created Last 30 ================ . 2012-09-21 19:45:26 6784 -c--a-w- c:\windows\system32\dllcache\serscan.sys 2012-09-21 19:45:26 6784 ----a-w- c:\windows\system32\drivers\serscan.sys 2012-09-21 19:43:54 827392 ----a-w- c:\windows\system32\hpotiop2.dll 2012-09-21 19:43:54 659456 ----a-w- c:\windows\system32\hpowiax2.dll 2012-09-21 19:43:54 254026 ----a-w- c:\windows\system32\hpovst09.dll 2012-09-21 17:53:37 74240 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpzpp054.dll 2012-09-21 17:53:37 38400 ----a-w- c:\windows\system32\hpz3l054.dll 2012-09-21 17:47:04 -------- d-----w- c:\program files\common files\Hewlett-Packard 2012-09-21 17:46:56 69632 ----a-w- c:\windows\system32\HPZipm12.exe 2012-09-21 17:46:56 65536 ----a-w- c:\windows\system32\HPZinw12.exe 2012-09-21 17:46:47 -------- d-----w- c:\program files\HP 2012-09-21 17:46:13 98304 ----a-w- c:\windows\system32\hpzjsn01.dll 2012-09-21 17:46:13 77824 ----a-w- c:\windows\system32\HPZIDS01.dll 2012-09-20 18:37:16 2212440 ----a-w- C:\tdsskiller.exe 2012-09-18 05:17:33 53376 -c--a-w- c:\windows\system32\dllcache\OLD1DB.tmp 2012-09-18 05:17:33 11264 -c--a-w- c:\windows\system32\dllcache\OLD1DF.tmp 2012-09-18 05:17:28 32827 -c--a-w- c:\windows\system32\dllcache\OLD1D3.tmp 2012-09-18 05:17:28 16384 -c--a-w- c:\windows\system32\dllcache\OLD1D6.tmp 2012-09-18 05:17:27 20536 -c--a-w- c:\windows\system32\dllcache\OLD1CD.tmp 2012-09-18 05:17:27 16437 -c--a-w- c:\windows\system32\dllcache\OLD1D0.tmp 2012-09-18 05:17:26 66048 -c--a-w- c:\windows\system32\dllcache\OLD1CA.tmp 2012-09-18 05:14:58 6144 -c--a-w- c:\windows\system32\dllcache\OLD284C.tmp 2012-09-18 05:13:58 702845 -c--a-w- c:\windows\system32\dllcache\i81xdnt5.dll 2012-09-18 05:13:58 58592 -c--a-w- c:\windows\system32\dllcache\OLD2790.tmp 2012-09-18 05:13:58 161020 -c--a-w- c:\windows\system32\dllcache\OLD2796.tmp 2012-09-18 05:13:56 353184 -c--a-w- c:\windows\system32\dllcache\OLD278C.tmp 2012-09-18 05:13:53 18560 -c--a-w- c:\windows\system32\dllcache\i2omp.sys 2012-09-18 05:13:52 8576 -c--a-w- c:\windows\system32\dllcache\i2omgmt.sys 2012-09-18 05:13:50 10129408 -c--a-w- c:\windows\system32\dllcache\OLD2784.tmp 2012-09-18 05:13:49 13463552 -c--a-w- c:\windows\system32\dllcache\OLD2781.tmp 2012-09-18 05:13:41 10096640 -c--a-w- c:\windows\system32\dllcache\OLD277E.tmp 2012-09-18 05:12:38 20352 -c--a-w- c:\windows\system32\dllcache\hidbatt.sys 2012-09-18 05:12:33 28288 -c--a-w- c:\windows\system32\dllcache\grserial.sys 2012-09-18 05:12:29 59136 -c--a-w- c:\windows\system32\dllcache\gckernel.sys 2012-09-18 05:12:28 10624 -c--a-w- c:\windows\system32\dllcache\gameenum.sys 2012-09-18 05:10:31 206976 -c--a-w- c:\windows\system32\dllcache\dot4.sys 2012-09-18 05:10:28 8320 -c--a-w- c:\windows\system32\dllcache\dlttape.sys 2012-09-18 05:09:35 249856 -c--a-w- c:\windows\system32\dllcache\ctmasetp.dll 2012-09-18 05:09:10 8192 -c--a-w- c:\windows\system32\dllcache\changer.sys 2012-09-18 05:09:05 17024 -c--a-w- c:\windows\system32\dllcache\ccdecode.sys 2012-09-18 05:09:00 121856 -c--a-w- c:\windows\system32\dllcache\camext30.dll 2012-09-17 15:28:25 607260 ------r- C:\dds.com 2012-09-17 15:01:55 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys 2012-09-17 15:01:49 13696 -c--a-w- c:\windows\system32\dllcache\avcstrm.sys 2012-09-17 15:01:47 38912 -c--a-w- c:\windows\system32\dllcache\avc.sys 2012-09-17 15:01:19 48128 -c--a-w- c:\windows\system32\dllcache\61883.sys 2012-09-17 15:01:19 12288 -c--a-w- c:\windows\system32\dllcache\4mmdat.sys 2012-09-17 15:01:10 2188928 -c--a-w- c:\windows\system32\dllcache\ntoskrnl.exe 2012-09-17 14:36:25 -------- d-----w- c:\documents and settings\all users\application data\Trend Micro 2012-09-17 14:26:34 256904 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2012-09-17 14:26:34 131384 ----a-w- c:\windows\system32\drivers\tmrkb.sys 2012-09-17 14:26:19 -------- d-----w- c:\program files\WinPcap 2012-09-17 14:25:57 -------- d-----w- c:\program files\Trend Micro 2012-09-17 14:11:11 221184 ----a-w- c:\windows\system32\wmpns.dll 2012-09-17 14:07:00 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll 2012-09-17 14:07:00 1306624 -c----w- c:\windows\system32\dllcache\msxml6.dll 2012-09-17 14:05:39 73216 -c--a-w- c:\windows\system32\dllcache\atintuxx.sys 2012-09-17 13:42:15 -------- d-----w- C:\e888c916eb7ac54122 2012-09-12 18:09:26 -------- d-----w- c:\documents and settings\customer\application data\Malwarebytes 2012-09-12 18:09:20 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-09-12 18:09:19 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-12 18:09:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-09-12 13:21:51 -------- d-----w- c:\documents and settings\customer\application data\QuickScan 2012-09-11 21:44:59 30592 ----a-w- c:\windows\system32\drivers\rndismpx.sys 2012-09-11 21:44:59 12800 ----a-w- c:\windows\system32\drivers\usb8023x.sys 2012-09-11 13:51:29 -------- d-----w- c:\program files\pidgin 2012-09-10 22:34:35 -------- d-----w- c:\program files\KUSO EXIF Viewer 2012-09-10 21:43:40 273408 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpcpp6de.DLL 2012-09-10 21:43:40 149504 ----a-w- c:\windows\system32\hpcpn6de.dll 2012-09-06 17:53:44 24576 ----a-w- c:\windows\system32\drivers\ANDROIDUSB.sys 2012-09-06 17:53:43 -------- d-----w- c:\program files\Spirent Communications 2012-09-06 17:53:41 -------- d-----w- c:\program files\HTC 2012-09-06 17:52:48 -------- d-----w- C:\evo3D 2012-09-05 13:51:08 4608 ------w- c:\windows\system32\drivers\TSMAPIP.SYS 2012-09-05 13:45:14 -------- d-----w- c:\windows\pss 2012-09-04 19:45:19 -------- d-----w- c:\documents and settings\customer\application data\Spreadsheet Compare 2012-09-03 21:22:18 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-09-03 21:22:18 477168 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-09-03 16:57:01 -------- d-----w- c:\documents and settings\customer\application data\WindSolutions 2012-09-03 16:57:01 -------- d-----w- c:\documents and settings\all users\application data\WindSolutions 2012-09-02 19:15:43 21456 ----a-w- c:\windows\system32\drivers\SilvrLnk.sys 2012-09-02 19:15:42 49536 ----a-w- c:\windows\system32\drivers\tiehdusb.sys 2012-09-02 19:15:31 -------- d-----w- c:\program files\TI Education 2012-09-02 19:15:31 -------- d-----w- c:\program files\common files\TI Shared 2012-09-02 19:14:44 -------- d-----w- c:\program files\common files\Wise Installation Wizard 2012-08-27 04:25:02 -------- d-----w- C:\Z . ==================== Find3M ==================== . 2012-09-24 06:23:09 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys 2012-09-20 15:33:39 60304 ----a-w- c:\documents and settings\customer\g2mdlhlpx.exe 2012-09-03 21:22:13 473072 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-03 02:50:04 12312 --sha-w- c:\windows\system32\KGyGaAvL.sys 2012-07-19 17:17:45 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-19 17:17:45 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-05 18:09:37 249856 ------w- c:\windows\Setup1.exe 2012-07-05 18:09:35 73216 ----a-w- c:\windows\ST6UNST.EXE . ============= FINISH: 2:35:08.96 ===============
  10. Running on a Thinkpad T60p XP sp3. When doing various activities, the computer will restart. Most of the time, I don't even get to see a BSOD. It isn't an overheating problem, as it can happen within 1 minute of starting up for the day. Some days it happens a lot, and other days ithe machine will behave the whole time. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_35 Run by Customer at 11:28:55 on 2012-09-17 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.1790 [GMT -4:00] . AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . ============== Running Processes =============== . C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\Program Files\Intel\WiFi\bin\S24EvMon.exe svchost.exe svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe C:\Program Files\Lenovo\Zoom\TpScrex.exe C:\Program Files\MySQL\MySQL Server 5.1\bin\mysqld.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\Program Files\Palm, Inc\novacomd\x86\novacomd.exe C:\Program Files\Novatel Wireless\Novacore\Server\NvtlSrvr.exe C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe C:\WINDOWS\System32\svchost.exe -k HPZ12 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Lenovo\System Update\SUService.exe C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe C:\Program Files\NetDrive\wdservice.exe C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE C:\WINDOWS\system32\wuauclt.exe C:\Program Files\ThinkPad\Utilities\PWMEWSVC.EXE C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe C:\WINDOWS\system32\TpShocks.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe C:\PROGRA~1\THINKV~2\PrdCtr\LPMLCHK.exe C:\Program Files\Sprint\Sprint SmartView\RDVCHG.exe C:\Program Files\Notebook Hardware Control\nhc.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\Program Files\Skype\Phone\Skype.exe C:\PROGRA~1\ThinkPad\UTILIT~1\SCHTASK.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\Drive\googledrivesync.exe C:\Program Files\NetDrive\netdrive.exe C:\Program Files\bmem\bmem.exe C:\Program Files\pidgin\PidginPortable.exe C:\Program Files\Samsung SSD Magician\Samsung SSD Magician.exe C:\Program Files\Google\Drive\googledrivesync.exe C:\Program Files\pidgin\App\Pidgin\pidgin-portable.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\wuauclt.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart uRun: [Netdrive] c:\program files\netdrive\netdrive.exe -tray mRun: [soundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun mRun: [PSQLLauncher] "c:\program files\thinkvantage fingerprint software\launcher.exe" /startup mRun: [TVT Scheduler Proxy] c:\program files\common files\lenovo\scheduler\scheduler_proxy.exe mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe mRun: [LenovoAutoScrollUtility] c:\program files\lenovo\virtscrl\virtscrl.exe mRun: [<NO NAME>] mRun: [TpShocks] TpShocks.exe mRun: [LPManager] c:\progra~1\thinkv~2\prdctr\LPMGR.exe mRun: [LPMailChecker] c:\progra~1\thinkv~2\prdctr\LPMLCHK.exe mRun: [sprint SmartView] "c:\program files\sprint\sprint smartview\SprintSV.exe" -a mRun: [RDVCHG] "c:\program files\sprint\sprint smartview\RDVCHG.exe" mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [NotebookHardwareControl] "c:\program files\notebook hardware control\nhc.exe" -quiet mRun: [PWRMGRTR] rundll32 c:\progra~1\thinkpad\utilit~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [iSUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup mRun: [iSUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start mRun: [WebDriveTray] c:\program files\netdrive\webdrive.exe /trayicon mRun: [TPFNF7] c:\program files\lenovo\npdirect\TPFNF7SP.exe /r mRun: [Trend Micro RUBotted V2.0 Beta] c:\program files\trend micro\rubotted\RUBottedGUI.exe StartupFolder: c:\docume~1\customer\startm~1\programs\startup\bmem.lnk - c:\program files\bmem\bmem.exe StartupFolder: c:\docume~1\customer\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\docume~1\customer\startm~1\programs\startup\pidgin.lnk - c:\program files\pidgin\PidginPortable.exe StartupFolder: c:\docume~1\customer\startm~1\programs\startup\samsun~1.lnk - c:\program files\samsung ssd magician\Samsung SSD Magician.exe IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Open with KUSO EXIF Viewer - c:\program files\kuso exif viewer\EXIF.htm IE: Send to &Bluetooth Device... - c:\program files\thinkpad\bluetooth software\btsendto_ie_ctx.htm IE: Send To Bluetooth - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\thinkpad\bluetooth software\btsendto_ie.htm IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 10.0.1.1 TCP: Interfaces\{88D665B9-B241-42C5-AC72-082E590386E2} : DhcpNameServer = 10.0.1.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: lbxfile - {56831180-F115-11d2-B6AA-00104B2B9943} - c:\program files\libronix dls\system\FileProt.dll Handler: lbxres - {24508F1B-9E94-40EE-9759-9AF5795ADF52} - c:\program files\libronix dls\system\ResProt.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: AtiExtEvent - Ati2evxx.dll Notify: psfus - c:\program files\thinkvantage fingerprint software\psqlpwd.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll LSA: Notification Packages = scecli c:\program files\thinkvantage fingerprint software\psqlpwd.dll Hosts: 127.0.0.1 www.spywareinfo.com Hosts: 173.203.13.74 appserver Hosts: 173.203.13.75 dbserver . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\customer\application data\mozilla\firefox\profiles\a7zp1i7x.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ FF - plugin: c:\documents and settings\customer\application data\mozilla\firefox\profiles\a7zp1i7x.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_265.dll FF - plugin: c:\windows\system32\npdeployJava1.dll FF - plugin: c:\windows\system32\npptools.dll . ============= SERVICES / DRIVERS =============== . R0 DozeHDD;DozeHDD;c:\windows\system32\drivers\DOZEHDD.SYS [2011-11-16 25968] R0 TPDIGIMN;TPDIGIMN;c:\windows\system32\drivers\ApsHM86.sys [2011-3-29 20592] R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-2-22 114984] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2010-2-22 95872] R1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\drivers\smiif32.sys [2011-10-20 13680] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-10-20 21992] R2 DozeSvc;Lenovo Doze Mode Service;c:\program files\thinkpad\utilities\DOZESVC.EXE [2011-11-16 292200] R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2010-2-22 810120] R2 NovacomD;Palm Novacom;c:\program files\palm, inc\novacomd\x86\novacomd.exe [2011-3-15 61440] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2009-10-20 50704] R2 NvtlService;NovaCore SDK Service;c:\program files\novatel wireless\novacore\server\NvtlSrvr.exe [2010-1-11 82944] R2 PassThru Service;Internet Pass-Through Service;c:\program files\htc\internet pass-through\PassThruSvr.exe [2011-3-31 80896] R2 Power Manager DBC Service;Power Manager DBC Service;c:\program files\thinkpad\utilities\PWMDBSVC.exe [2011-11-16 69632] R2 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files\thinkpad\utilities\PWMEWSVC.exe [2011-11-16 175168] R2 RUBotSrv;Trend Micro RUBotted Service;c:\program files\trend micro\rubotted\RUBotSrv.exe [2012-9-17 439632] R2 smihlp;SMI Helper Driver (smihlp);c:\program files\thinkvantage fingerprint software\smihlp.sys [2009-3-13 12560] R2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\lenovo\hotkey\tphkload.exe [2011-10-20 131432] R2 TPHKSVC;On Screen Display;c:\program files\lenovo\hotkey\TPHKSVC.exe [2011-10-20 142696] R2 WebDriveFSD;WebDrive File System Driver;c:\program files\netdrive\rffsd.sys [2012-7-11 67032] R3 NETwLx32; Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit;c:\windows\system32\drivers\NETwLx32.sys [2011-10-20 6609920] R3 VSBC;Virtual Serial Bus Enumerator (Eltima Software);c:\windows\system32\drivers\evsbc.sys [2012-4-3 27904] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-12-8 136176] S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\lenovo\hotkey\micmute.exe [2011-10-20 101736] S3 bcm;WiMAX Network Adapter;c:\windows\system32\drivers\drxvi314.sys [2010-3-26 319488] S3 bcmbusctr;WiMAX Bus Driver;c:\windows\system32\drivers\BcmBusCtr.sys [2010-3-26 51456] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2012-8-8 13192] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2012-8-8 8456] S3 evserial;Virtual Serial Ports Driver (Eltima Softwate);c:\windows\system32\drivers\evserial.sys [2012-4-3 53888] S3 GenericMount Helper Service;GenericMount Helper Service;"c:\program files\norton ghost\shared\drivers\genericmounthelper.exe" --> c:\program files\norton ghost\shared\drivers\GenericMountHelper.exe [?] S3 GenericMount;Generic Mount Driver;c:\windows\system32\drivers\genericmount.sys --> c:\windows\system32\drivers\GenericMount.sys [?] S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-12-8 136176] S3 HTCAND32;HTC Device Driver;c:\windows\system32\drivers\ANDROIDUSB.sys [2012-9-6 24576] S3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\drivers\htcnprot.sys [2010-6-22 21248] S3 MongoDB;Mongo DB;c:\mongodb\bin\mongod.exe [2012-7-16 3908096] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-30 113120] S3 SER2AT;ATEN USB to Serial port driver;c:\windows\system32\drivers\SER2AT.sys [2012-4-3 51200] S3 SKYSCOUT;Celestron SkyScout driver;c:\windows\system32\drivers\UsbScout.sys [2012-1-27 20480] S3 SymSnapService;SymSnapService;"c:\program files\norton ghost\shared\drivers\symsnapservice.exe" --> c:\program files\norton ghost\shared\drivers\SymSnapService.exe [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 RFNP32;WebDrive Provider; [x] . =============== Created Last 30 ================ . 2012-09-17 15:28:25 607260 ------r- C:\dds.com 2012-09-17 15:01:55 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys 2012-09-17 15:01:49 13696 -c--a-w- c:\windows\system32\dllcache\avcstrm.sys 2012-09-17 15:01:47 38912 -c--a-w- c:\windows\system32\dllcache\avc.sys 2012-09-17 15:01:19 48128 -c--a-w- c:\windows\system32\dllcache\61883.sys 2012-09-17 15:01:19 12288 -c--a-w- c:\windows\system32\dllcache\4mmdat.sys 2012-09-17 15:01:17 53376 -c--a-w- c:\windows\system32\dllcache\1394bus.sys 2012-09-17 15:01:10 2188928 -c--a-w- c:\windows\system32\dllcache\ntoskrnl.exe 2012-09-17 14:36:25 -------- d-----w- c:\documents and settings\all users\application data\Trend Micro 2012-09-17 14:26:34 256904 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2012-09-17 14:26:34 131384 ----a-w- c:\windows\system32\drivers\tmrkb.sys 2012-09-17 14:26:19 -------- d-----w- c:\program files\WinPcap 2012-09-17 14:25:57 -------- d-----w- c:\program files\Trend Micro 2012-09-17 14:11:11 221184 ----a-w- c:\windows\system32\wmpns.dll 2012-09-17 14:07:00 79872 -c----w- c:\windows\system32\dllcache\msxml6r.dll 2012-09-17 14:07:00 1306624 -c----w- c:\windows\system32\dllcache\msxml6.dll 2012-09-17 14:05:39 73216 -c--a-w- c:\windows\system32\dllcache\atintuxx.sys 2012-09-17 13:42:15 -------- d-----w- C:\e888c916eb7ac54122 2012-09-12 18:09:26 -------- d-----w- c:\documents and settings\customer\application data\Malwarebytes 2012-09-12 18:09:20 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-09-12 18:09:19 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-12 18:09:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-09-12 13:21:51 -------- d-----w- c:\documents and settings\customer\application data\QuickScan 2012-09-11 21:44:59 30592 ----a-w- c:\windows\system32\drivers\rndismpx.sys 2012-09-11 21:44:59 12800 ----a-w- c:\windows\system32\drivers\usb8023x.sys 2012-09-11 13:51:29 -------- d-----w- c:\program files\pidgin 2012-09-10 22:34:35 -------- d-----w- c:\program files\KUSO EXIF Viewer 2012-09-10 21:43:40 273408 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpcpp6de.DLL 2012-09-10 21:43:40 149504 ----a-w- c:\windows\system32\hpcpn6de.dll 2012-09-06 17:53:44 24576 ----a-w- c:\windows\system32\drivers\ANDROIDUSB.sys 2012-09-06 17:53:43 -------- d-----w- c:\program files\Spirent Communications 2012-09-06 17:53:41 -------- d-----w- c:\program files\HTC 2012-09-06 17:52:48 -------- d-----w- C:\evo3D 2012-09-05 13:51:08 4608 ------w- c:\windows\system32\drivers\TSMAPIP.SYS 2012-09-05 13:45:14 -------- d-----w- c:\windows\pss 2012-09-04 19:45:19 -------- d-----w- c:\documents and settings\customer\application data\Spreadsheet Compare 2012-09-03 21:22:18 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-09-03 21:22:18 477168 ----a-w- c:\windows\system32\npdeployJava1.dll 2012-09-03 16:57:01 -------- d-----w- c:\documents and settings\customer\application data\WindSolutions 2012-09-03 16:57:01 -------- d-----w- c:\documents and settings\all users\application data\WindSolutions 2012-09-02 19:15:43 21456 ----a-w- c:\windows\system32\drivers\SilvrLnk.sys 2012-09-02 19:15:42 49536 ----a-w- c:\windows\system32\drivers\tiehdusb.sys 2012-09-02 19:15:31 -------- d-----w- c:\program files\TI Education 2012-09-02 19:15:31 -------- d-----w- c:\program files\common files\TI Shared 2012-09-02 19:14:44 -------- d-----w- c:\program files\common files\Wise Installation Wizard 2012-08-27 04:25:02 -------- d-----w- C:\Z 2012-08-24 15:50:00 -------- d-----w- c:\documents and settings\customer\temp 2012-08-24 15:49:59 -------- d-----w- c:\documents and settings\customer\application data\TeamViewer 2012-08-21 21:19:04 -------- d-----w- c:\program files\WhoCrashed 2012-08-21 20:43:33 -------- d-----w- C:\ldiag 2012-08-21 20:42:52 -------- d-----w- C:\SWTOOLS . ==================== Find3M ==================== . 2012-09-17 15:23:02 22528 ----a-w- c:\windows\system32\drivers\nhcDriver.sys 2012-09-14 19:58:37 60864 ----a-w- c:\documents and settings\customer\g2mdlhlpx.exe 2012-09-03 21:22:13 473072 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-03 02:50:04 12312 --sha-w- c:\windows\system32\KGyGaAvL.sys 2012-07-19 17:17:45 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-07-19 17:17:45 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-07-05 18:09:37 249856 ------w- c:\windows\Setup1.exe 2012-07-05 18:09:35 73216 ----a-w- c:\windows\ST6UNST.EXE . ============= FINISH: 11:29:20.89 =============== dds.txt attach.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.