DDS
DDS (Ver_09-12-01.01) - NTFSx86
Run by Fred at 17:21:33.08 on Thu 02/11/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_17
Microsoft Windows 7 Enterprise 6.1.7600.0.1252.1.1033.18.3454.1927 [GMT -5:00]
SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Windows\System32\svchost.exe -k HPZ12
H:\Program Files\Blaze Media Pro\NMSAccess32.exe
C:\Windows\System32\svchost.exe -k HPZ12
H:\Program Files\PhotodexProShowGold\ScsiAccess.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Windows\system32\svchost.exe -k imgsvc
H:\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Felitec\Mindful 2\Mindful.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
H:\Program Files\Spybot - Search & Destroy\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Users\Fred\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
H:\Program Files\Microsoft Street & Trip 2010\StreetsOlkShim.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
c:\Program Files\Microsoft Security Essentials\MpCmdRun.exe
C:\Users\Fred\Downloads\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo
HJT Report ===============
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: SnagIt Toolbar Loader: {00c6482d-c502-44c8-8409-fce54ad9c208} - c:\program files\techsmith\snagit 8\SnagItBHO.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - h:\program files\spybot - search & destroy\spybot - search & destroy\SDHelper.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: SnagIt: {8ff5e183-abde-46eb-b09e-d2aab95cabe3} - c:\program files\techsmith\snagit 8\SnagItIEAddin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
TB: {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [SpybotSD TeaTimer] "h:\program files\spybot - search & destroy\spybot - search & destroy\TeaTimer.exe"
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [hpqSRMon] "c:\program files\hp\digital imaging\bin\hpqSRMon.exe"
mRun: [Mindful 2] "c:\program files\felitec\mindful 2\Mindful.exe"
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "c:\program files\google\gmail notifier\gnotify.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
StartupFolder: c:\users\fred\appdata\roaming\micros~1\windows\startm~1\programs\startup\dr opbox.lnk - c:\users\fred\appdata\roaming\dropbox\bin\Dropbox.exe
StartupFolder: c:\users\fred\appdata\roaming\micros~1\windows\startm~1\programs\startup\es etsm~1.lnk - c:\program files\eset\eset smart security\egui.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office11\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - h:\program files\spybot - search & destroy\spybot - search & destroy\SDHelper.dll
Trusted Zone: intuit.com\ttlc
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
================= FIREFOX ===================
FF - ProfilePath - c:\users\fred\appdata\roaming\mozilla\firefox\profiles\5uvqh77u.default\
FF - prefs.
js: browser.startup.homepage - hxxp://www.google.com/
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBook.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpClipBookDB.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpNeoLogger.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSaturn.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartSelect.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSmartWebPrinting.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpSWPOperation.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPLogging.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTC.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXPMTL.dll
FF - component: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\components\hpXREStub.dll
FF - component: c:\users\fred\appdata\roaming\mozilla\firefox\profiles\5uvqh77u.default\ext ensions\{e001c731-5e37-4538-a5cb-8168736a2360}\components\bdqscan.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\hp\digital imaging\smart web printing\mozillaaddon3\plugins\nphpclipbook.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\photodex presenter\npPxPlay.dll
FF - plugin: c:\users\fred\appdata\roaming\mozilla\firefox\profiles\5uvqh77u.default\ext ensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\users\fred\appdata\roaming\mozilla\firefox\profiles\5uvqh77u.default\ext ensions\{e2883e8f-472f-4fb0-9522-ac9bf37916a7}\plugins\np_gp.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
---- FIREFOX POLICIES ----
FF - user.
js: yahoo.homepage.dontask - truec:\program files\mozilla firefox\greprefs\security-prefs.
js - pref("security.ssl3.rsa_seed_sha", true);
============= SERVICES / DRIVERS ===============
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-2-7 207792]
R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 142832]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2010-2-7 112592]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-11-16 735960]
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2009-11-16 38240]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-2-5 236368]
R2 SBSDWSCService;SBSD Security Center Service;h:\program files\spybot - search & destroy\spybot - search & destroy\SDWinSec.exe [2010-1-9 1153368]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2010-2-9 359624]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2010-2-9 1141712]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-12-11 19160]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\drivers\MpNWMon.sys [2009-6-18 42480]
R3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-13 266752]
RUnknown szkg5;szkg5; [x]
RUnknown szkgfs;szkgfs; [x]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
SUnknown is3srv;is3srv; [x]
=============== Created Last 30 ================
2010-02-11 20:51:37 856 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg
2010-02-11 14:53:22 335090342 ----a-w- c:\windows\MEMORY.DMP
2010-02-10 00:50:44 3955288 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-10 00:50:44 292864 ----a-w- c:\windows\system32\apphelp.dll
2010-02-10 00:50:43 3899464 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-10 00:27:04 310784 ----a-w- c:\windows\system32\drivers\srv.sys
2010-02-10 00:27:04 113664 ----a-w- c:\windows\system32\drivers\srvnet.sys
2010-02-10 00:26:32 1328640 ----a-w- c:\windows\system32\quartz.dll
2010-02-10 00:26:31 84480 ----a-w- c:\windows\system32\mciavi32.dll
2010-02-10 00:26:31 31744 ----a-w- c:\windows\system32\msvidc32.dll
2010-02-10 00:26:30 91648 ----a-w- c:\windows\system32\avifil32.dll
2010-02-10 00:26:30 50176 ----a-w- c:\windows\system32\iyuv_32.dll
2010-02-10 00:26:30 22016 ----a-w- c:\windows\system32\msyuv.dll
2010-02-10 00:26:29 13312 ----a-w- c:\windows\system32\msrle32.dll
2010-02-10 00:26:29 12288 ----a-w- c:\windows\system32\tsbyuv.dll
2010-02-10 00:26:24 221184 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2010-02-10 00:26:24 123392 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-10 00:25:55 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-02-10 00:25:54 369152 ----a-w- c:\windows\system32\secproc.dll
2010-02-10 00:25:53 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-02-10 00:25:53 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-02-10 00:25:52 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-02-10 00:25:52 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-02-10 00:25:51 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-02-10 00:25:50 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2010-02-08 15:53:04 0 d-----w- c:\users\fred\appdata\roaming\Easy Thumbnails
2010-02-07 16:09:19 767952 ----a-w- c:\windows\BDTSupport.dll
2010-02-07 16:09:17 882 ----a-w- c:\windows\RegSDImport.xml
2010-02-07 16:09:17 880 ----a-w- c:\windows\RegISSImport.xml
2010-02-07 16:09:17 149456 ----a-w- c:\windows\SGDetectionTool.dll
2010-02-07 16:09:17 131 ----a-w- c:\windows\IDB.zip
2010-02-07 16:09:17 1152444 ----a-w- c:\windows\UDB.zip
2010-02-07 16:09:15 165840 ----a-w- c:\windows\PCTBDRes.dll
2010-02-07 16:09:15 1640400 ----a-w- c:\windows\PCTBDCore.dll
2010-02-07 16:09:04 7387 ----a-w- c:\windows\system32\drivers\pctgntdi.cat
2010-02-07 16:09:03 98600 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2010-02-07 16:09:03 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2010-02-07 16:08:55 7412 ----a-w- c:\windows\system32\drivers\PCTAppEvent.cat
2010-02-07 16:08:55 7383 ----a-w- c:\windows\system32\drivers\pctcore.cat
2010-02-07 16:08:55 207792 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2010-02-07 16:08:54 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2010-02-07 16:08:33 7383 ----a-w- c:\windows\system32\drivers\pctplsg.cat
2010-02-07 16:08:33 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2010-02-07 16:06:57 0 d-----w- c:\program files\common files\PC Tools
2010-02-07 16:06:56 0 d-----w- c:\users\fred\appdata\roaming\PC Tools
2010-02-07 16:06:56 0 d-----w- c:\program files\Spyware Doctor
2010-02-07 05:14:05 0 d-----w- c:\users\fred\appdata\roaming\QuickScan
2010-02-06 15:12:03 0 dc----w- c:\programdata\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2010-02-06 00:34:21 0 d-----w- c:\programdata\PC Tools
2010-02-05 02:18:58 0 d-----w- c:\users\fred\appdata\roaming\FreeAudioPack
2010-02-04 17:24:35 0 d-----w- c:\program files\Creative Home
2010-02-04 15:31:20 0 d-sh--w- C:\$RECYCLE.BIN
2010-02-04 15:21:14 77312 ----a-w- c:\windows\MBR.exe
2010-02-04 15:21:11 261632 ----a-w- c:\windows\PEV.exe
2010-02-04 15:21:11 161792 ----a-w- c:\windows\SWREG.exe
2010-02-04 15:21:10 98816 ----a-w- c:\windows\sed.exe
2010-02-04 14:10:37 0 d-----w- c:\program files\Enigma Software Group
2010-02-04 12:14:43 164 ----a-w- c:\windows\install.dat
2010-02-04 05:26:40 0 --sha-w- C:\ProgramData.LOG2
2010-02-04 05:26:40 0 --sha-w- C:\ProgramData.LOG1
2010-02-04 05:16:26 0 d-----w- c:\program files\MSSOAP
2010-02-04 05:16:26 0 d-----w- c:\program files\common files\MSSoap
2010-02-04 02:23:51 0 d-----w- c:\programdata\SITEguard
2010-02-04 02:23:00 0 d-----w- c:\program files\common files\iS3
2010-02-04 02:22:58 0 d-----w- c:\programdata\STOPzilla!
2010-02-04 01:53:23 606 ----a-w- c:\windows\system32\.crusader
2010-02-04 01:45:24 15944 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2010-02-04 01:43:59 0 d-----w- c:\programdata\Hitman Pro
2010-02-03 04:14:10 102400 --sha-r- c:\windows\system32\sppsvcb.dll
2010-02-02 20:19:24 0 d-----w- c:\users\fred\appdata\roaming\Foxit Software
2010-02-02 19:43:17 0 d-----w- c:\users\fred\appdata\roaming\Foxit
2010-02-02 19:43:16 0 d-----w- c:\program files\Foxit Software
2010-02-02 18:40:34 0 d-----w- c:\users\fred\appdata\roaming\WinMount
2010-02-02 18:39:54 41776 ----a-w- c:\windows\system32\drivers\WMDrive.sys
2010-02-02 05:39:03 0 d-----w- c:\program files\common files\Macrovision Shared
2010-02-02 05:38:46 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll
2010-02-02 04:09:51 0 d-----w- c:\programdata\FLEXnet
2010-01-30 20:29:34 0 d-----w- c:\program files\NVIDIA Corporation
2010-01-30 20:28:17 7437 ----a-w- c:\windows\system32\nvinfo.pb
2010-01-30 20:28:17 68200 ----a-w- c:\windows\system32\OpenCL.dll
2010-01-30 20:28:17 14924392 ----a-w- c:\windows\system32\nvoglv32.dll
2010-01-30 20:28:17 11586280 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2010-01-30 20:28:17 10920 ----a-w- c:\windows\system32\drivers\nvBridge.kmd
2010-01-30 20:28:16 4077672 ----a-w- c:\windows\system32\nvcuvenc.dll
2010-01-30 20:28:16 4061800 ----a-w- c:\windows\system32\nvcuda.dll
2010-01-30 20:28:16 2243176 ----a-w- c:\windows\system32\nvcuvid.dll
2010-01-30 20:28:16 182888 ----a-w- c:\windows\system32\nvcod189.dll
2010-01-30 20:28:16 182888 ----a-w- c:\windows\system32\nvcod.dll
2010-01-30 20:28:16 11639400 ----a-w- c:\windows\system32\nvcompiler.dll
2010-01-30 20:28:14 0 d-----w- C:\NVIDIA
2010-01-30 20:01:57 0 d-----w- c:\program files\SystemRequirementsLab
2010-01-29 21:29:52 51716 ----a-w- c:\windows\system32\pdf995mon.dll
2010-01-29 21:29:52 249856 ----a-w- c:\windows\system32\pdfmona.dll
2010-01-29 21:29:52 142 ----a-w- c:\windows\wpd99.drv
2010-01-29 21:29:52 0 d-----w- c:\programdata\pdf995
2010-01-29 21:29:28 203264 ----a-w- c:\windows\system32\wbem\framedyn.dll
2010-01-28 13:51:01 0 d-----w- c:\users\fred\appdata\roaming\TaxCut
2010-01-28 13:48:48 0 d-----w- c:\program files\PDF995
2010-01-28 13:48:48 0 d-----w- c:\program files\HRBlock2009
2010-01-28 13:47:24 0 d-----w- c:\programdata\TaxCut
2010-01-26 20:15:11 2614272 ----a-w- c:\windows\explorer.exe
2010-01-26 20:15:10 285696 ----a-w- c:\windows\system32\winlogon.exe
2010-01-26 20:15:00 41984 ----a-w- c:\windows\system32\drivers\usbehci.sys
2010-01-26 20:15:00 258560 ----a-w- c:\windows\system32\drivers\usbhub.sys
2010-01-23 01:16:49 0 d-----w- c:\program files\Movie Maker 2.6
2010-01-23 00:38:40 0 d-----w- c:\programdata\Deskshare
2010-01-23 00:37:46 0 d-----w- c:\program files\Deskshare
2010-01-23 00:37:38 0 d-----w- c:\program files\Mpeg2Decoder
2010-01-22 19:43:40 0 d-----w- C:\NOD_upd
2010-01-22 06:08:24 977920 ----a-w- c:\windows\system32\wininet.dll
2010-01-18 18:58:18 243200 ----a-w- c:\program files\UNWISE.EXE
2010-01-16 19:06:41 0 d-----w- c:\program files\MPC HomeCinema
2010-01-13 19:13:26 0 d-----w- c:\users\fred\appdata\roaming\BSplayer PRO
2010-01-13 18:36:07 88 --sh--r- c:\programdata\9545D97103.sys
2010-01-13 18:36:06 2516 --sha-w- c:\programdata\KGyGaAvL.sys
2010-01-13 18:36:03 0 d-----w- c:\users\fred\Corel
2010-01-13 18:35:09 40 ---ha-w- c:\windows\system32\ivireg.ivr
2010-01-13 02:11:45 70656 ----a-w- c:\windows\system32\fontsub.dll
2010-01-13 02:11:45 108544 ----a-w- c:\windows\system32\t2embed.dll
==================== Find3M ====================
2010-01-14 16:12:06 181120 ------w- c:\windows\system32\MpSigStub.exe
2010-01-12 04:03:33 9388648 ----a-w- c:\windows\system32\nvd3dum.dll
2010-01-12 04:03:33 592488 ----a-w- c:\windows\system32\nvudisp.exe
2010-01-12 04:03:33 1280616 ----a-w- c:\windows\system32\nvapi.dll
2010-01-12 03:18:00 962664 ----a-w- c:\windows\system32\nvsvc.dll
2010-01-12 03:18:00 13679720 ----a-w- c:\windows\system32\nvcpl.dll
2010-01-12 03:18:00 129640 ----a-w- c:\windows\system32\nvvsvc.exe
2010-01-12 03:18:00 110696 ----a-w- c:\windows\system32\nvmctray.dll
2010-01-07 21:07:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 21:07:04 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-05 02:10:30 23124 ----a-w- c:\windows\hpqins15.dat
2009-12-14 19:15:14 2146304 ----a-w- c:\windows\system32\GPhotos.scr
2009-12-14 15:37:17 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2009-11-30 18:09:14 114688 ----a-w- c:\windows\keymail.dll
2009-11-23 19:44:24 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-11-23 17:26:13 47360 ----a-w- c:\users\fred\appdata\roaming\pcouffin.sys
2009-11-23 15:10:45 202387 ----a-w- c:\windows\hpoins18.dat
2009-11-23 14:29:31 13824 ----a-w- c:\windows\system32\LAYOUT.DLL
2009-11-21 07:52:02 17177413 ----a-w- c:\users\fred\appdata\roaming\WinZip PRO FINAL v14.0 + Serials By ChattChitto.exe
2009-11-20 02:42:56 592488 ----a-w- c:\windows\system32\nvuninst.exe
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 04:56:42 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 04:56:42 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 04:41:57 174 --sha-w- c:\program files\desktop.ini
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 00:34:40 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 00:34:38 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat
2009-06-10 21:26:35 9633792 --sha-r- c:\windows\fonts\StaticCache.dat
2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
============= FINISH: 17:22:52.29 ===============
Attached
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
DDS (Ver_09-12-01.01)
Microsoft Windows 7 Enterprise
Boot Device: \Device\HarddiskVolume1
Install Date: 11/23/2009 8:02:14 AM
System Uptime: 2/11/2010 3:48:51 PM (2 hours ago)
Motherboard: ECS | | Nettle2
Processor:
AMD Athlon(tm) 64 X2 Dual Core Processor 5000+ | Socket M2 | 2600/201mhz
==== Disk Partitions =========================
C: is FIXED (
NTFS) - 326 GiB total, 193.754 GiB free.
D: is FIXED (
NTFS) - 9 GiB total, 1.204 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is FIXED (
NTFS) - 466 GiB total, 226.092 GiB free.
H: is FIXED (
NTFS) - 466 GiB total, 413.821 GiB free.
I: is Removable
J: is FIXED (
NTFS) - 932 GiB total, 607.112 GiB free.
==== Disabled Device Manager Items =============
==== System Restore Points ===================
No restore point in system.
==== Installed Programs ======================
µTorrent
1st Free Solitaire 1.7.1
2009 Hallmark Bonus Pack
32 Bit HP CIO Components Installer
Adobe Acrobat 9 Pro - English, Français, Deutsch
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.3
Adobe Shockwave Player 11.5
AFPL Ghostscript 8.54
AFPL Ghostscript Fonts
AIO_CDA_ProductContext
AIO_CDA_Software
AIO_Scan
All Media Fixer 2008 9.07
AnswerWorks 5.0 English Runtime
Apple Application Support
Apple Software Update
Ashampoo Burning Studio 3.03
Ashampoo Burning Studio 9.21
Ashampoo ClipFisher1.21
Ashampoo DVD Theme Pack 1
Ashampoo
HDD Control 1.10
Audacity 1.2.6
AVS Audio Converter version 6.1
AVS DVDMenu Editor 1.2.1.19
AVS Update Manager 1.0
AVS Video Converter 6
AVS Video Tools 5.6
AVS4YOU Software Navigator 1.3
Backup4all Professional 4
BitPim 1.0.7.20090805
Blaze Media Pro
Browser Defender 2.0.6.11
BS.Player PRO
BufferChm
C4100
c4100_Help
CCleaner
Collage Maker
Contact Sheets 1.7.0.1
ConvertXtoDVD 4.0.9.322
Copy
Coupon Printer for Windows
DaisyTrail DigiKit Collection 1
DesignPro 5.4 Limited Edition
Destinations
DeviceDiscovery
DocProc
Dropbox
DVDFab 6.2.1.8 (31/12/2009)
ESET Smart Security
Fax
FLV to AVI MPEG WMV 3GP MP4 iPod Converter 5.2.0603
Foxit Reader
FrameShots Video Screen Capture
Google Gmail Notifier
GPBaseService2
H&R Block Deluxe + Efile + State 2009
H&R Block Georgia 2009
Hallmark Card Studio 2009 Deluxe
Hallmark Card Studio 2010 Deluxe
HP Customer Participation Program 13.0
HP Imaging Device Functions 13.0
HP Photosmart All-In-One Driver Software 13.0 Rel. A
HP Photosmart Essential 3.5
HP Smart Web Printing 4.60
HP Solution Center 13.0
HP Update
HPPhotoGadget
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
ImgBurn
ImTOO AVI to DVD Converter
IrfanView (remove only)
iSkysoft Video Converter(Build 2.2.1.0)
IsoBuster 2.7
Java(TM) 6 Update 17
Karen's Directory Printer
LAME v3.98.2 for Audacity
LG USB Modem Drivers
LimeWire PRO 5.3.6
Magic ISO Maker v5.5 (build 0276)
Malwarebytes' Anti-Malware
MarketResearch
Match-Up!
Media Player Classic - Home Cinema v. 1.3.1249.0
Microsoft Antimalware
Microsoft Office Access database engine 2007 (English)
Microsoft Office Professional Edition 2003
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Streets & Trips 2010
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable Package
Mindful version 2
Morpheus Photo Animation Suite v3.11
Moyea FLV Player version: 2.0.2.94
Mozilla Firefox (3.5.7)
Mpeg2Decoder 1.3
MSXML 4.0
SP2 (KB954430)
MSXML 4.0
SP2 (KB973688)
MSXML 4.0
SP2 and SOAP Toolkit 3.0
MSXML 4.0
SP2 Parser and SDK
Network
NVIDIA Display Control Panel
NVIDIA Drivers
OCR Software by I.R.I.S. 13.0
OGA Notifier 2.0.0048.0
OJOsoft Total Video Converter
Paint.NET v3.5.1
Pdf995 (installed by H&R Block)
PdfEdit995 (installed by H&R Block)
Photo Collage Platinum 2.06
Photodex Presenter
Picasa 3
PlayFLV
ProShow Gold
PVSonyDll
Quicken 2009
QuickTime
Scan
SceneGrabber.NET
Scrapbook Factory Deluxe 4.0
SmartWebPrinting
SnagIt 8
SolutionCenter
Spybot - Search & Destroy
Spyware Doctor 7.0
Status
Striata Reader
SyncBackPro
System Requirements Lab
Toolbox
TrayApp
TurboTax 2009
TurboTax 2009 wgaiper
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
Ultra Video Joiner 5.2.0108
Uniblue RegistryBooster 2010
Uniblue SpeedUpMyPC 2009
UnloadSupport
WebReg
WinAVI Video Converter
Windows Media Player Firefox Plugin
Windows Movie Maker 2.6
WinRAR archiver
WinZip 14.0
Xilisoft DVD Ripper Ultimate
XviD Video Codec (remove only)
==== Event Viewer Messages From Past Week ========
2/9/2010 8:21:42 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.75.517.0 Update Source: Microsoft Update Server Update Stage: Install Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.5406.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
2/9/2010 8:21:42 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.75.517.0 Update Source: Microsoft Update Server Update Stage: Install Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.5406.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
2/9/2010 8:21:42 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.75.517.0 Update Source: Microsoft Update Server Update Stage: Download Source Path:
http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.5406.0 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
2/9/2010 11:58:21 AM, Error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
2/7/2010 8:59:03 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk3\DR3.
2/7/2010 4:49:37 PM, Error:
Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume G:.
2/7/2010 4:43:34 PM, Error:
Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume H:.
2/7/2010 4:43:30 PM, Error:
Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume Cavalry Drive.
2/7/2010 4:39:50 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000c2 (0x00000007, 0x00001097, 0x1b210425, 0xb8e93508). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 020710-18985-01.
2/7/2010 4:34:27 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147630792 User: NT AUTHORITY\SYSTEM Name: Worm:Win32/
VB.WA ID: 2147630792 Severity: Severe Category: Worm Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.494.0, AS: 1.75.494.0 Engine Version: 1.1.5406.0
2/7/2010 3:49:41 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147630792 User: NT AUTHORITY\SYSTEM Name: Worm:Win32/
VB.WA ID: 2147630792 Severity: Severe Category: Worm Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.494.0, AS: 1.75.494.0 Engine Version: 1.1.5406.0
2/7/2010 3:49:41 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147600988 User: NT AUTHORITY\SYSTEM Name: Trojan:Win32/Dopip.A ID: 2147600988 Severity: Severe Category: Trojan Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.494.0, AS: 1.75.494.0 Engine Version: 1.1.5406.0
2/7/2010 2:16:46 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147628568 User: NT AUTHORITY\SYSTEM Name: TrojanDownloader:ASX/Wimad.CN ID: 2147628568 Severity: Severe Category: Trojan Downloader Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.494.0, AS: 1.75.494.0 Engine Version: 1.1.5406.0
2/7/2010 2:07:46 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147630792 User: NT AUTHORITY\SYSTEM Name: Worm:Win32/
VB.WA ID: 2147630792 Severity: Severe Category: Worm Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.494.0, AS: 1.75.494.0 Engine Version: 1.1.5406.0
2/7/2010 12:58:08 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
2/7/2010 1:02:37 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Networking Identity Manager service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
2/7/2010 1:02:37 PM, Error: Service Control Manager [7001] - The Peer Name Resolution Protocol service depends on the Peer Networking Identity Manager service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
2/7/2010 1:02:37 PM, Error: Service Control Manager [7000] - The Peer Networking Identity Manager service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/7/2010 1:02:32 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Peer Networking Identity Manager service to connect.
2/7/2010 1:00:05 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intuit Update Service service to connect.
2/7/2010 1:00:05 PM, Error: Service Control Manager [7000] - The Intuit Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/6/2010 8:22:13 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
2/6/2010 7:53:18 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
2/6/2010 2:53:27 AM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2/6/2010 2:53:27 AM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2/6/2010 2:53:27 AM, Error: Service Control Manager [7031] - The Offline Files service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2/6/2010 2:53:27 AM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2/6/2010 2:53:27 AM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2/6/2010 11:30:49 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
2/6/2010 11:30:48 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
2/6/2010 11:30:47 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
2/6/2010 11:30:46 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2/6/2010 11:30:45 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/6/2010 11:30:38 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2/6/2010 11:30:20 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache ehdrv MpFilter spldr TfFsMon TfSysMon Wanarpv6
2/6/2010 10:15:31 AM, Error: Service Control Manager [7034] - The Diagnostic System Host service terminated unexpectedly. It has done this 1 time(s).
2/6/2010 10:15:31 AM, Error: Service Control Manager [7031] - The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2/6/2010 10:15:31 AM, Error: Service Control Manager [7031] - The Windows Audio Endpoint Builder service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2/6/2010 10:15:31 AM, Error: Service Control Manager [7031] - The Superfetch service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2/6/2010 10:15:31 AM, Error: Service Control Manager [7031] - The Program Compatibility Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2/6/2010 10:15:31 AM, Error: Service Control Manager [7031] - The Offline Files service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
2/6/2010 10:15:31 AM, Error: Service Control Manager [7031] - The Network Connections service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service.
2/6/2010 10:15:31 AM, Error: Service Control Manager [7031] - The HomeGroup Listener service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2/6/2010 10:15:31 AM, Error: Service Control Manager [7031] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
2/6/2010 10:15:31 AM, Error: Service Control Manager [7031] - The Desktop Window Manager Session Manager service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2/6/2010 1:52:19 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x00041201, 0xc002f600, 0x98d422f5, 0x85987aa0). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 020610-31808-01.
2/5/2010 9:12:57 PM, Error: Service Control Manager [7000] - The MBAMService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/5/2010 9:12:55 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.
2/5/2010 9:10:29 PM, Error: Service Control Manager [7030] - The ThreatFire service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
2/5/2010 9:08:10 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk2\DR2.
2/5/2010 8:00:20 AM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147628568 User: NT AUTHORITY\SYSTEM Name: TrojanDownloader:ASX/Wimad.CN ID: 2147628568 Severity: Severe Category: Trojan Downloader Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.422.0, AS: 1.75.422.0 Engine Version: 1.1.5406.0
2/5/2010 6:56:53 PM, Error: Service Control Manager [7034] - The Webroot Client Service service terminated unexpectedly. It has done this 1 time(s).
2/5/2010 6:56:46 PM, Error: Service Control Manager [7034] - The Webroot Spy Sweeper Engine service terminated unexpectedly. It has done this 1 time(s).
2/5/2010 6:50:53 PM, Error: Application Popup [876] - Driver ssidrv.sys has been blocked from loading.
2/5/2010 6:28:21 PM, Error: Microsoft-Windows-
DNS-Client [1012] - There was an error while attempting to read the local hosts file.
2/5/2010 6:23:05 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147625188 User: NT AUTHORITY\SYSTEM Name: Worm:Win32/Orbina!rts ID: 2147625188 Severity: High Category: Worm Path: Action: Quarantine Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.422.0, AS: 1.75.422.0 Engine Version: 1.1.5406.0
2/5/2010 5:50:16 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147628568 User: NT AUTHORITY\SYSTEM Name: TrojanDownloader:ASX/Wimad.CN ID: 2147628568 Severity: Severe Category: Trojan Downloader Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.422.0, AS: 1.75.422.0 Engine Version: 1.1.5406.0
2/5/2010 5:19:35 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000008e (0xc0000005, 0x81ec5da9, 0xa3e5bb38, 0x00000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 020510-24242-01.
2/5/2010 5:16:58 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR6.
2/5/2010 5:05:18 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147628568 User: NT AUTHORITY\SYSTEM Name: TrojanDownloader:ASX/Wimad.CN ID: 2147628568 Severity: Severe Category: Trojan Downloader Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.422.0, AS: 1.75.422.0 Engine Version: 1.1.5406.0
2/5/2010 4:59:43 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147628568 User: NT AUTHORITY\SYSTEM Name: TrojanDownloader:ASX/Wimad.CN ID: 2147628568 Severity: Severe Category: Trojan Downloader Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.422.0, AS: 1.75.422.0 Engine Version: 1.1.5406.0
2/5/2010 4:53:49 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xc053e5e8, 0xc0000185, 0x08ec0be0, 0xa7cbd000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 020510-25022-01.
2/5/2010 4:29:31 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147628568 User: NT AUTHORITY\SYSTEM Name: TrojanDownloader:ASX/Wimad.CN ID: 2147628568 Severity: Severe Category: Trojan Downloader Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.422.0, AS: 1.75.422.0 Engine Version: 1.1.5406.0
2/5/2010 12:06:59 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147628568 User: NT AUTHORITY\SYSTEM Name: TrojanDownloader:ASX/Wimad.CN ID: 2147628568 Severity: Severe Category: Trojan Downloader Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.422.0, AS: 1.75.422.0 Engine Version: 1.1.5406.0
2/4/2010 9:17:58 AM, Error: ssidrv [26] -
2/4/2010 8:45:56 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147621024 User: NT AUTHORITY\SYSTEM Name: TrojanDownloader:ASX/Wimad.AZ ID: 2147621024 Severity: Severe Category: Trojan Downloader Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.331.0, AS: 1.75.331.0 Engine Version: 1.1.5406.0
2/4/2010 12:28:46 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: is3srv
2/4/2010 11:34:04 AM, Error: Service Control Manager [7031] - The Portable Device Enumerator Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
2/4/2010 10:29:30 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
2/11/2010 9:54:32 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: TfFsMon TfSysMon
2/11/2010 9:54:29 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SBSD Security Center Service service to connect.
2/11/2010 9:54:29 AM, Error: Service Control Manager [7000] - The SBSD Security Center Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/11/2010 9:53:37 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001a (0x00000031, 0x854542f0, 0x974e5000, 0xb2a8e0ab). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 021110-22323-01.
2/11/2010 9:08:39 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR4.
2/11/2010 3:50:50 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: is3srv TfFsMon TfSysMon
2/11/2010 3:39:50 AM, Error:
Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume FreeAgent Drive.
2/10/2010 12:24:19 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
2/10/2010 1:14:50 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147624825 User: NT AUTHORITY\SYSTEM Name: VirTool:Win32/Obfuscator.XX ID: 2147624825 Severity: Severe Category: Tool Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.517.0, AS: 1.75.517.0 Engine Version: 1.1.5406.0
2/10/2010 1:14:50 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147624825 User: NT AUTHORITY\SYSTEM Name: VirTool:Win32/Obfuscator.XX ID: 2147624825 Severity: Severe Category: Tool Path: Action: Quarantine Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.517.0, AS: 1.75.517.0 Engine Version: 1.1.5406.0
2/10/2010 1:10:39 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147624825 User: NT AUTHORITY\SYSTEM Name: VirTool:Win32/Obfuscator.XX ID: 2147624825 Severity: Severe Category: Tool Path: Action: Quarantine Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.517.0, AS: 1.75.517.0 Engine Version: 1.1.5406.0
2/10/2010 1:10:38 PM, Error: Microsoft Antimalware [1008] - Microsoft Antimalware has encountered an error when taking action on spyware or other potentially unwanted software. For more information please see the following:
http://go.microsoft.com/fwlink/?link...tid=2147624825 User: NT AUTHORITY\SYSTEM Name: VirTool:Win32/Obfuscator.XX ID: 2147624825 Severity: Severe Category: Tool Path: Action: Remove Error Code: 0x80508023 Error description: The program could not find the spyware and other potentially unwanted software on this computer. Status: Signature Version: AV: 1.75.517.0, AS: 1.75.517.0 Engine Version: 1.1.5406.0
==== End Of File ===========================
