Author Topic: [Resolved] Windows Update does not work. Error code 8024402C (Read 4539 times)

Hoov · « **Reply #15 on:** March 05, 2011, 09:13:44 PM »

The first thing I see right off is that you have Avast and AdAware. AdAware used to be a nice polite malware removal tool. But a few years ago they added an AV scanner to the lineup. Two AV scanners can cause problems, so the first thing I am going to suggest is turning off AdAware so that it will not start with windows startup. Then reboot the computer and see how that goes.

If that does not work, follow the instructions below and see if it boots faster. Don't go online because your protection is not on. Wait until the second reboot to let me know.

I need you to reboot windows cleanly. To do that please go to the run command and type in msconfig . Once that starts, select selective startup, and then uncheck the load startup items. Now click on the services tab, and down near the bottom of the window, check the box that says Hide all Microsoft Services now go up and uncheck all the services still listed, make sure you scroll down the list if need to unselect all the non Microsoft services. Now click apply, then click OK and reboot the computer.

Once you are sure if windows is starting faster, then run msconfig and select normal startup, click apply then OK and reboot.

bdunn0 · « **Reply #16 on:** March 05, 2011, 09:43:37 PM »

Is this correct to UNCHECK all the services still listed?

Hide all Microsoft Services now go up and uncheck all the services still listed

Hoov · « **Reply #17 on:** March 05, 2011, 10:07:08 PM »

Once you hide the MS services, then yes uncheck all the rest remaining.

bdunn0 · « **Reply #18 on:** March 05, 2011, 10:11:56 PM »

CPU usage drops in about 2 minutes, but the hard drive runs for abour 9 minutes before stopping.

bdunn0 · « **Reply #19 on:** March 05, 2011, 10:23:08 PM »

I forgot to tell you that I uninstalled AdAware. It did not seem to make a difference.

Hoov · « **Reply #20 on:** March 06, 2011, 11:52:44 AM »

Please run ccleaner to remove temporary files from your system, and to improve the scanning time of the other scans we may be running. Then please run Malwarebytes' Anti-Malware to check for malware. Both sets of instructions are below

1.Download and scan with CCleaner
When you get to the website, there is a dark grey box on the left side with two tabs along the top. Inside this Dark Grey box is a light grey box. Below that light grey box is where the download links are at. The pay amount is for paid support.
2. Before first use, select Options > Advanced and UNCHECK "Only delete files in Windows Temp folder older than 48 hours"
3. Then select the items you wish to clean up.
In the Windows Tab:

Clean all entries in the "Internet Explorer" section except Cookies if you want to keep those.
Clean all the entries in the "Windows Explorer" section.
Clean all entries in the "System" section.
Clean all entries in the "Advanced" section.
Clean any others that you choose.

In the Applications Tab:

Clean all except cookies in the Firefox/Mozilla section if you use it.
Clean all in the Opera section if you use it.
Clean Sun Java in the Internet Section.
Clean any others that you choose.

4. Click the "Run Cleaner" button.
5. A pop up box will appear advising this process will permanently delete files from your system.
6. Click "OK" and it will scan and clean your system.
7. Click "exit" when done.

Please download Malwarebytes Anti-Malware and save it to your desktop.
alternate download link 1
alternate download link 2

MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

Make sure you are connected to the Internet.
Double-click on mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware

Then click Finish.

MBAM will automatically start and you will be asked to update the program before performing a scan.

If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.

On the Scanner tab:

Make sure the "Perform Quick Scan" option is selected.
Then click on the Scan button.
If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.

Back at the main Scanner screen:

Click on the Show Results button to see a list of any malware that was found.
Make sure that everything is checked, and click Remove Selected.
When removal is completed, a log report will open in Notepad.
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
Exit MBAM when done.

Note: If MBAM encounters a file that is difficult to remove, you will be asked to reboot your computer so MBAM can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.

bdunn0 · « **Reply #21 on:** March 06, 2011, 04:50:38 PM »

Ran CCleaner.

Here is the MBAM Log File.

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5977

Windows 6.0.6000
Internet Explorer 7.0.6000.16982

3/6/2011 5:45:57 PM
mbam-log-2011-03-06 (17-45-57).txt

Scan type: Quick scan
Objects scanned: 246048
Time elapsed: 10 minute(s), 51 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Hoov · « **Reply #22 on:** March 06, 2011, 04:55:26 PM »

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

bdunn0 · « **Reply #23 on:** March 06, 2011, 05:20:47 PM »

2011/03/06 18:17:41.0154 101980   TDSS rootkit removing tool 2.4.20.0 Mar 2 2011 10:44:30
2011/03/06 18:17:41.0403 101980   ================================================================================
2011/03/06 18:17:41.0403 101980   SystemInfo:
2011/03/06 18:17:41.0403 101980
2011/03/06 18:17:41.0403 101980   OS Version: 6.0.6000 ServicePack: 0.0
2011/03/06 18:17:41.0403 101980   Product type: Workstation
2011/03/06 18:17:41.0403 101980   ComputerName: ANAND-SZ791N
2011/03/06 18:17:41.0403 101980   UserName: GM
2011/03/06 18:17:41.0403 101980   Windows directory: C:\Windows
2011/03/06 18:17:41.0403 101980   System windows directory: C:\Windows
2011/03/06 18:17:41.0403 101980   Processor architecture: Intel x86
2011/03/06 18:17:41.0403 101980   Number of processors: 2
2011/03/06 18:17:41.0403 101980   Page size: 0x1000
2011/03/06 18:17:41.0403 101980   Boot type: Normal boot
2011/03/06 18:17:41.0403 101980   ================================================================================
2011/03/06 18:17:41.0809 101980   Initialize success
2011/03/06 18:18:09.0515 102264   ================================================================================
2011/03/06 18:18:09.0515 102264   Scan started
2011/03/06 18:18:09.0515 102264   Mode: Manual;
2011/03/06 18:18:09.0515 102264   ================================================================================
2011/03/06 18:18:10.0295 102264   ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
2011/03/06 18:18:10.0388 102264   adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
2011/03/06 18:18:10.0466 102264   adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
2011/03/06 18:18:10.0529 102264   adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
2011/03/06 18:18:10.0622 102264   adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
2011/03/06 18:18:10.0731 102264   AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
2011/03/06 18:18:10.0809 102264   agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
2011/03/06 18:18:10.0934 102264   aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
2011/03/06 18:18:10.0997 102264   aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
2011/03/06 18:18:11.0090 102264   amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
2011/03/06 18:18:11.0137 102264   amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
2011/03/06 18:18:11.0199 102264   AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
2011/03/06 18:18:11.0309 102264   AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
2011/03/06 18:18:11.0418 102264   ApfiltrService (18bff317bdb10c64a35e1ca85f1ec051) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/03/06 18:18:11.0527 102264   arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
2011/03/06 18:18:11.0636 102264   arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
2011/03/06 18:18:11.0730 102264   ArcSoftKsUFilter (97422da56910a24b7ac8d295f5fd9535) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
2011/03/06 18:18:11.0823 102264   aswFsBlk (1c2e6bb4fe8621b1b863855b02bc33eb) C:\Windows\system32\drivers\aswFsBlk.sys
2011/03/06 18:18:11.0964 102264   aswMonFlt (b0f137f664f10829cd2380b0e20e7c29) C:\Windows\system32\drivers\aswMonFlt.sys
2011/03/06 18:18:12.0057 102264   aswRdr (b6a9373619d851be80fb5f1b5eed0d4e) C:\Windows\system32\drivers\aswRdr.sys
2011/03/06 18:18:12.0151 102264   aswSnx (9be41c1ae8bc481eb662d85c98d979c2) C:\Windows\system32\drivers\aswSnx.sys
2011/03/06 18:18:12.0291 102264   aswSP (4b1a54ba2bc5873a774df6b70ab8b0b3) C:\Windows\system32\drivers\aswSP.sys
2011/03/06 18:18:12.0385 102264   aswTdi (c7f1cea32766184911293f4e1ee653f5) C:\Windows\system32\drivers\aswTdi.sys
2011/03/06 18:18:12.0463 102264   AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/03/06 18:18:12.0588 102264   atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
2011/03/06 18:18:12.0728 102264   Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
2011/03/06 18:18:12.0869 102264   bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
2011/03/06 18:18:12.0978 102264   BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
2011/03/06 18:18:13.0025 102264   BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
2011/03/06 18:18:13.0103 102264   Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
2011/03/06 18:18:13.0181 102264   BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
2011/03/06 18:18:13.0274 102264   BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
2011/03/06 18:18:13.0337 102264   BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
2011/03/06 18:18:13.0430 102264   BthEnum (cf97c2d6a011ee9403b42191b5f95ba8) C:\Windows\system32\DRIVERS\BthEnum.sys
2011/03/06 18:18:13.0508 102264   BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/03/06 18:18:13.0617 102264   BthPan (b8c3d9ddf85fd197c3e5f849fef71144) C:\Windows\system32\DRIVERS\bthpan.sys
2011/03/06 18:18:13.0711 102264   BTHPORT (b4ce8000aab30a9ab16cd0fb3db4d7cf) C:\Windows\system32\Drivers\BTHport.sys
2011/03/06 18:18:13.0805 102264   BTHprint (61fbdaf3483d8b29c9c1eee85a3ac6dd) C:\Windows\system32\DRIVERS\bthprint.sys
2011/03/06 18:18:13.0898 102264   BTHUSB (9a4ddc8544c1459aa2a118a8858dade3) C:\Windows\system32\Drivers\BTHUSB.sys
2011/03/06 18:18:13.0992 102264   btwaudio (7f256d9fff384faa40df5db1cb8531d9) C:\Windows\system32\drivers\btwaudio.sys
2011/03/06 18:18:14.0054 102264   btwavdt (d87d990131aaabb27d4046790292366d) C:\Windows\system32\drivers\btwavdt.sys
2011/03/06 18:18:14.0132 102264   btwl2cap (d02f4d18aa4a38f781beefeb1892e144) C:\Windows\system32\DRIVERS\btwl2cap.sys
2011/03/06 18:18:14.0210 102264   btwrchid (e1771c0fb49e747ab2b2d29da50510f9) C:\Windows\system32\DRIVERS\btwrchid.sys
2011/03/06 18:18:14.0304 102264   cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
2011/03/06 18:18:14.0382 102264   cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
2011/03/06 18:18:14.0522 102264   circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
2011/03/06 18:18:14.0585 102264   CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
2011/03/06 18:18:14.0694 102264   CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/03/06 18:18:14.0756 102264   cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
2011/03/06 18:18:14.0881 102264   Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
2011/03/06 18:18:14.0928 102264   crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
2011/03/06 18:18:15.0021 102264   Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
2011/03/06 18:18:15.0146 102264   CSC (ee95a5f89766f199557e5900ce6b2d7d) C:\Windows\system32\drivers\csc.sys
2011/03/06 18:18:15.0271 102264   DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
2011/03/06 18:18:15.0396 102264   disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
2011/03/06 18:18:15.0474 102264   DMICall (f206e28ed74c491fd5d7c0a1119ce37f) C:\Windows\system32\DRIVERS\DMICall.sys
2011/03/06 18:18:15.0645 102264   Dot4 (57b2d433a08b95e4f1b53a919937f3e5) C:\Windows\system32\DRIVERS\Dot4.sys
2011/03/06 18:18:15.0692 102264   Dot4Print (d93fa484bb62fbe7e5ef335c5415d3cf) C:\Windows\system32\DRIVERS\Dot4Prt.sys
2011/03/06 18:18:15.0739 102264   dot4usb (599742c4260fb3e8edb3be148b8ce856) C:\Windows\system32\DRIVERS\dot4usb.sys
2011/03/06 18:18:15.0801 102264   drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
2011/03/06 18:18:15.0848 102264   DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
2011/03/06 18:18:15.0942 102264   E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
2011/03/06 18:18:16.0035 102264   Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
2011/03/06 18:18:16.0113 102264   elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
2011/03/06 18:18:16.0238 102264   fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
2011/03/06 18:18:16.0347 102264   fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
2011/03/06 18:18:16.0457 102264   FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
2011/03/06 18:18:16.0503 102264   Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
2011/03/06 18:18:16.0597 102264   flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/03/06 18:18:16.0706 102264   FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
2011/03/06 18:18:16.0753 102264   Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
2011/03/06 18:18:16.0831 102264   gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
2011/03/06 18:18:16.0893 102264   GEARAspiWDM (4ac51459805264affd5f6fdfb9d9235f) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2011/03/06 18:18:17.0034 102264   HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
2011/03/06 18:18:17.0096 102264   HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
2011/03/06 18:18:17.0174 102264   HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
2011/03/06 18:18:17.0237 102264   HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
2011/03/06 18:18:17.0315 102264   HidUsb (01e7971e9f4bd6ac6a08db52d0ea0418) C:\Windows\system32\DRIVERS\hidusb.sys
2011/03/06 18:18:17.0393 102264   HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
2011/03/06 18:18:17.0549 102264   HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
2011/03/06 18:18:17.0673 102264   HSF_DPV (53229dcf431d76434816cd29251168a0) C:\Windows\system32\DRIVERS\HSX_DPV.sys
2011/03/06 18:18:17.0751 102264   HSXHWAZL (31f949d452201f2f0af0c88d7db512cd) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
2011/03/06 18:18:17.0829 102264   HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
2011/03/06 18:18:17.0970 102264   i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
2011/03/06 18:18:18.0079 102264   i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
2011/03/06 18:18:18.0157 102264   iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
2011/03/06 18:18:18.0297 102264   iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
2011/03/06 18:18:18.0407 102264   intelide (988981c840084f480ba9e3319cebde1b) C:\Windows\system32\drivers\intelide.sys
2011/03/06 18:18:18.0469 102264   intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
2011/03/06 18:18:18.0563 102264   IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/03/06 18:18:18.0750 102264   IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
2011/03/06 18:18:18.0812 102264   IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
2011/03/06 18:18:18.0890 102264   IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
2011/03/06 18:18:18.0984 102264   isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
2011/03/06 18:18:19.0046 102264   iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
2011/03/06 18:18:19.0124 102264   iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
2011/03/06 18:18:19.0187 102264   iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
2011/03/06 18:18:19.0327 102264   kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
2011/03/06 18:18:19.0405 102264   kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
2011/03/06 18:18:19.0499 102264   KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
2011/03/06 18:18:19.0701 102264   lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
2011/03/06 18:18:19.0795 102264   LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
2011/03/06 18:18:19.0842 102264   LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
2011/03/06 18:18:19.0889 102264   LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
2011/03/06 18:18:19.0951 102264   luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
2011/03/06 18:18:20.0060 102264   mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
2011/03/06 18:18:20.0154 102264   megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
2011/03/06 18:18:20.0216 102264   Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
2011/03/06 18:18:20.0325 102264   monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
2011/03/06 18:18:20.0435 102264   mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
2011/03/06 18:18:20.0513 102264   mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
2011/03/06 18:18:20.0591 102264   MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
2011/03/06 18:18:20.0637 102264   mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
2011/03/06 18:18:20.0747 102264   mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
2011/03/06 18:18:20.0825 102264   Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
2011/03/06 18:18:20.0887 102264   MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
2011/03/06 18:18:20.0965 102264   mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/03/06 18:18:21.0012 102264   mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/03/06 18:18:21.0059 102264   mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/03/06 18:18:21.0183 102264   msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
2011/03/06 18:18:21.0277 102264   msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
2011/03/06 18:18:21.0371 102264   Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
2011/03/06 18:18:21.0464 102264   msisadrv (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
2011/03/06 18:18:21.0589 102264   MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
2011/03/06 18:18:21.0636 102264   MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/03/06 18:18:21.0683 102264   MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
2011/03/06 18:18:21.0729 102264   MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
2011/03/06 18:18:21.0792 102264   mssmbios (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
2011/03/06 18:18:21.0839 102264   MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
2011/03/06 18:18:21.0901 102264   Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
2011/03/06 18:18:21.0979 102264   NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
2011/03/06 18:18:22.0088 102264   NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
2011/03/06 18:18:22.0135 102264   NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/03/06 18:18:22.0182 102264   Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/03/06 18:18:22.0229 102264   NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/03/06 18:18:22.0307 102264   NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
2011/03/06 18:18:22.0369 102264   NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
2011/03/06 18:18:22.0431 102264   netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
2011/03/06 18:18:22.0665 102264   NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
2011/03/06 18:18:22.0775 102264   nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
2011/03/06 18:18:22.0868 102264   Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
2011/03/06 18:18:22.0931 102264   nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
2011/03/06 18:18:23.0071 102264   Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
2011/03/06 18:18:23.0149 102264   ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
2011/03/06 18:18:23.0243 102264   Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
2011/03/06 18:18:23.0555 102264   nvlddmkm (39d8f5a92427c57309355199592ead9f) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/03/06 18:18:23.0726 102264   nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
2011/03/06 18:18:23.0789 102264   nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
2011/03/06 18:18:23.0882 102264   nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
2011/03/06 18:18:24.0007 102264   NWADI (67fb86eeb94059177642050718d57460) C:\Windows\system32\DRIVERS\NWADIenum.sys
2011/03/06 18:18:24.0210 102264   NWUSBModem (4e651808b35656ac88a4dcdaf6cc1169) C:\Windows\system32\DRIVERS\nwusbmdm.sys
2011/03/06 18:18:24.0335 102264   NWUSBPort (4e651808b35656ac88a4dcdaf6cc1169) C:\Windows\system32\DRIVERS\nwusbser.sys
2011/03/06 18:18:24.0413 102264   NWUSBPort2 (4e651808b35656ac88a4dcdaf6cc1169) C:\Windows\system32\DRIVERS\nwusbser2.sys
2011/03/06 18:18:24.0491 102264   ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
2011/03/06 18:18:24.0662 102264   Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
2011/03/06 18:18:24.0709 102264   partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
2011/03/06 18:18:24.0771 102264   Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
2011/03/06 18:18:24.0849 102264   PCASp50 (1961590aa191b6b7dcf18a6a693af7b8) C:\Windows\system32\Drivers\PCASp50.sys
2011/03/06 18:18:24.0912 102264   pci (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
2011/03/06 18:18:25.0005 102264   pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
2011/03/06 18:18:25.0083 102264   pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/03/06 18:18:25.0193 102264   PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
2011/03/06 18:18:25.0458 102264   PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
2011/03/06 18:18:25.0536 102264   Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
2011/03/06 18:18:25.0661 102264   PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
2011/03/06 18:18:25.0754 102264   PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
2011/03/06 18:18:25.0910 102264   ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
2011/03/06 18:18:26.0004 102264   ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
2011/03/06 18:18:26.0160 102264   QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
2011/03/06 18:18:26.0238 102264   R5U870FLx86 (50f35d449e84d74d3e06e89e62365108) C:\Windows\system32\Drivers\R5U870FLx86.sys
2011/03/06 18:18:26.0285 102264   R5U870FUx86 (093e7b7f21ddb79da81b07e660da22f7) C:\Windows\system32\Drivers\R5U870FUx86.sys
2011/03/06 18:18:26.0316 102264   RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
2011/03/06 18:18:26.0394 102264   Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/03/06 18:18:26.0425 102264   RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/03/06 18:18:26.0472 102264   rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
2011/03/06 18:18:26.0534 102264   RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/03/06 18:18:26.0628 102264   rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\DRIVERS\rdpdr.sys
2011/03/06 18:18:26.0690 102264   RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
2011/03/06 18:18:26.0784 102264   RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
2011/03/06 18:18:26.0877 102264   regi (001b4278407f4303efc902a2b16f2453) C:\Windows\system32\drivers\regi.sys
2011/03/06 18:18:26.0987 102264   RFCOMM (7ec90c316177ba3f1bce92005264b447) C:\Windows\system32\DRIVERS\rfcomm.sys
2011/03/06 18:18:27.0252 102264   RimVSerPort (d9b34325ee5df78b8f28a3de9f577c7d) C:\Windows\system32\DRIVERS\RimSerial.sys
2011/03/06 18:18:27.0345 102264   ROOTMODEM (d49d61312b273de069584d48c81c8b1d) C:\Windows\system32\Drivers\RootMdm.sys
2011/03/06 18:18:27.0439 102264   rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
2011/03/06 18:18:27.0533 102264   RTL8169 (283392af1860ecdb5e0f8ebd7f3d72df) C:\Windows\system32\DRIVERS\Rtlh86.sys
2011/03/06 18:18:27.0611 102264   sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
2011/03/06 18:18:27.0829 102264   secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
2011/03/06 18:18:27.0923 102264   Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\DRIVERS\serenum.sys
2011/03/06 18:18:28.0016 102264   Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\DRIVERS\serial.sys
2011/03/06 18:18:28.0079 102264   sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
2011/03/06 18:18:28.0281 102264   SFEP (8b7c1768d2cde2e02e09a66563ddfd16) C:\Windows\system32\DRIVERS\SFEP.sys
2011/03/06 18:18:28.0328 102264   sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys
2011/03/06 18:18:28.0359 102264   sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys
2011/03/06 18:18:28.0406 102264   sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys
2011/03/06 18:18:28.0437 102264   sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/03/06 18:18:28.0515 102264   shpf (5b36e43a535345599515d20fa77c8026) C:\Windows\system32\DRIVERS\shpf.sys
2011/03/06 18:18:28.0562 102264   sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
2011/03/06 18:18:28.0625 102264   SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
2011/03/06 18:18:28.0671 102264   SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
2011/03/06 18:18:28.0734 102264   Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
2011/03/06 18:18:28.0812 102264   SPI (225a17c6ad0207a058d728c0fa87e61d) C:\Windows\system32\DRIVERS\SonyPI.sys
2011/03/06 18:18:28.0859 102264   spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
2011/03/06 18:18:28.0968 102264   srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
2011/03/06 18:18:29.0030 102264   srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
2011/03/06 18:18:29.0077 102264   srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
2011/03/06 18:18:29.0217 102264   STHDA (167909a1c36aa3e8f2582962f0ccc748) C:\Windows\system32\drivers\stwrt.sys
2011/03/06 18:18:29.0311 102264   swenum (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
2011/03/06 18:18:29.0405 102264   Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
2011/03/06 18:18:29.0467 102264   Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
2011/03/06 18:18:29.0545 102264   Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
2011/03/06 18:18:29.0717 102264   Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
2011/03/06 18:18:29.0810 102264   Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
2011/03/06 18:18:29.0904 102264   tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
2011/03/06 18:18:29.0982 102264   TcUsb (53900527fa5e2ccc818c5894383772d1) C:\Windows\system32\Drivers\tcusb.sys
2011/03/06 18:18:30.0044 102264   TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
2011/03/06 18:18:30.0122 102264   TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
2011/03/06 18:18:30.0185 102264   tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
2011/03/06 18:18:30.0278 102264   TermDD (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
2011/03/06 18:18:30.0465 102264   ti21sony (909cd987b54a8179c9aee874d754721a) C:\Windows\system32\drivers\ti21sony.sys
2011/03/06 18:18:30.0528 102264   TPM (6d9ad3534a9cf7e4b86c6eae8bc335f6) C:\Windows\system32\drivers\tpm.sys
2011/03/06 18:18:30.0637 102264   tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/03/06 18:18:30.0731 102264   tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
2011/03/06 18:18:30.0824 102264   tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
2011/03/06 18:18:30.0933 102264   U2SP (228d8e60bc9c5238587b0bf1654ec580) C:\Windows\system32\DRIVERS\u2s2kxp.sys
2011/03/06 18:18:31.0027 102264   uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
2011/03/06 18:18:31.0105 102264   udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
2011/03/06 18:18:31.0214 102264   uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
2011/03/06 18:18:31.0277 102264   uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
2011/03/06 18:18:31.0401 102264   UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
2011/03/06 18:18:31.0479 102264   ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
2011/03/06 18:18:31.0542 102264   umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
2011/03/06 18:18:31.0667 102264   usbccgp (03b01e8dbd2da2b49157b7e51912aaf2) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/03/06 18:18:31.0776 102264   usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
2011/03/06 18:18:31.0885 102264   usbcm (a31c1f4b2448eeeff7c0d4e4d58bd9b3) C:\Windows\system32\DRIVERS\usbcm.sys
2011/03/06 18:18:31.0947 102264   usbehci (2f83363f98484f8edaf49f9b41520d14) C:\Windows\system32\DRIVERS\usbehci.sys
2011/03/06 18:18:32.0025 102264   usbhub (14d2a4dcd92c0b3368667aed6893463d) C:\Windows\system32\DRIVERS\usbhub.sys
2011/03/06 18:18:32.0135 102264   usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
2011/03/06 18:18:32.0197 102264   usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
2011/03/06 18:18:32.0306 102264   usbscan (b1f95285c08ddfe00c0b955462637ec7) C:\Windows\system32\DRIVERS\usbscan.sys
2011/03/06 18:18:32.0369 102264   USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/03/06 18:18:32.0415 102264   usbuhci (7747b902f6b7d0096f9c2bf55d3247f1) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/03/06 18:18:32.0540 102264   usbvideo (8cffeb4af074fd3e24bad6381cc33361) C:\Windows\system32\Drivers\usbvideo.sys
2011/03/06 18:18:32.0712 102264   vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/03/06 18:18:32.0759 102264   VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
2011/03/06 18:18:32.0821 102264   viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
2011/03/06 18:18:32.0852 102264   ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
2011/03/06 18:18:32.0883 102264   viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
2011/03/06 18:18:32.0977 102264   volmgr (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
2011/03/06 18:18:33.0039 102264   volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
2011/03/06 18:18:33.0133 102264   volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
2011/03/06 18:18:33.0195 102264   vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
2011/03/06 18:18:33.0367 102264   WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
2011/03/06 18:18:33.0429 102264   Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/06 18:18:33.0461 102264   Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
2011/03/06 18:18:33.0554 102264   wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\Windows\system32\DRIVERS\wanatw4.sys
2011/03/06 18:18:33.0695 102264   Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
2011/03/06 18:18:33.0819 102264   Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
2011/03/06 18:18:33.0991 102264   WimFltr (f9ad3a5e3fd7e0bdb18b8202b0fdd4e4) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/03/06 18:18:34.0069 102264   winachsf (6d2350bb6e77e800fc4be4e5b7a2e89a) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
2011/03/06 18:18:34.0256 102264   WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
2011/03/06 18:18:34.0350 102264   ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
2011/03/06 18:18:34.0475 102264   WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/03/06 18:18:34.0568 102264   XAudio (5a7ff9a18ff6d7e0527fe3abf9204ef8) C:\Windows\system32\DRIVERS\xaudio.sys
2011/03/06 18:18:34.0662 102264   yukonwlh (ade7a4943003020216952b56a6741ec7) C:\Windows\system32\DRIVERS\yk60x86.sys
2011/03/06 18:18:34.0740 102264   ================================================================================
2011/03/06 18:18:34.0740 102264   Scan finished
2011/03/06 18:18:34.0740 102264   ================================================================================

Hoov · « **Reply #24 on:** March 06, 2011, 06:23:37 PM »

One more scan,

* Anyone other than the originator of this thread, you would be best advised to not run combofix without guidance from someone trained in its use. It is a very powerful tool that can cause damage to your computer if used wrong.

Run comboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Also make sure you close all your browsers just before the instructions tell you to start the scanner.

Please include the C:\ComboFix.txt in your next reply for further review.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall

bdunn0 · « **Reply #25 on:** March 06, 2011, 09:46:13 PM »

ComboFix 11-03-06.02 - GM 03/06/2011 21:28:57.1.2 - x86
Microsoft® Windows Vista™ Business 6.0.6000.0.1252.1.1033.18.3070.1516 [GMT -5:00]
Running from: c:\users\gm\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\netzeroinstaller\NetZeroInstaller.exe
c:\users\gm\g2mdlhlpx.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-02-07 to 2011-03-07 )))))))))))))))))))))))))))))))
.
.
2011-03-07 02:35 . 2011-03-07 02:42   --------   d-----w-   c:\users\gm\AppData\Local\temp
2011-03-07 02:35 . 2011-03-07 02:35   --------   d-----w-   c:\users\sylvia\AppData\Local\temp
2011-03-07 02:35 . 2011-03-07 02:35   --------   d-----w-   c:\users\robert\AppData\Local\temp
2011-03-07 02:35 . 2011-03-07 02:35   --------   d-----w-   c:\users\Default\AppData\Local\temp
2011-03-07 02:35 . 2011-03-07 02:35   --------   d-----w-   c:\users\mac\AppData\Local\temp
2011-03-07 02:35 . 2011-03-07 02:35   --------   d-----w-   c:\users\Anand\AppData\Local\temp
2011-03-07 02:35 . 2011-03-07 02:35   --------   d-----w-   c:\users\anand.HRM\AppData\Local\temp
2011-03-07 02:35 . 2011-03-07 02:35   --------   d-----w-   c:\users\tina\AppData\Local\temp
2011-03-07 02:35 . 2011-03-07 02:35   --------   d-----w-   c:\users\administrator\AppData\Local\temp
2011-03-06 03:06 . 2011-03-06 03:08   --------   d-----w-   C:\Attach.zip
2011-03-06 02:49 . 2011-03-06 02:49   --------   d-----w-   c:\program files\7-Zip
2011-03-06 02:47 . 2011-03-06 19:01   --------   d-----w-   C:\Downloads
2011-03-06 01:07 . 2011-03-06 01:07   --------   d-----w-   c:\program files\Common Files\Windows Live
2011-03-05 00:47 . 2006-09-13 01:00   69632   ----a-w-   c:\windows\system32\Spool\prtprocs\w32x86\CNMPP83.DLL
2011-03-05 00:47 . 2006-09-13 01:00   27136   ----a-w-   c:\windows\system32\Spool\prtprocs\w32x86\CNMPD83.DLL
2011-03-05 00:45 . 2008-04-03 01:00   198656   ----a-w-   c:\windows\system32\CNMLM83.DLL
2011-03-04 15:22 . 2011-02-23 14:56   371544   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
2011-03-04 15:21 . 2011-02-23 15:04   40648   ----a-w-   c:\windows\avastSS.scr
2011-03-04 15:21 . 2011-03-04 15:21   --------   d-----w-   c:\program files\AVAST Software
2011-03-04 15:20 . 2011-03-04 15:20   --------   d-----w-   c:\programdata\AVAST Software
2011-03-04 14:43 . 2011-03-04 14:43   95232   ----a-w-   c:\windows\system32\PortableDeviceClassExtension.dll
2011-03-04 14:43 . 2011-03-04 14:43   241152   ----a-w-   c:\windows\system32\PortableDeviceApi.dll
2011-03-04 14:43 . 2011-03-04 14:43   160768   ----a-w-   c:\windows\system32\PortableDeviceTypes.dll
2011-03-04 14:42 . 2006-09-13 10:00   197632   ----a-w-   c:\windows\system32\CNMLM7R.DLL
2011-03-04 14:40 . 2011-03-04 14:40   713728   ----a-w-   c:\windows\system32\timedate.cpl
2011-03-04 14:40 . 2011-03-04 14:40   712192   ----a-w-   c:\windows\system32\WindowsCodecs.dll
2011-03-04 14:40 . 2011-03-04 14:40   425472   ----a-w-   c:\windows\system32\PhotoMetadataHandler.dll
2011-03-04 14:40 . 2011-03-04 14:40   347136   ----a-w-   c:\windows\system32\WindowsCodecsExt.dll
2011-03-04 14:38 . 2011-03-04 14:38   523776   ----a-w-   c:\windows\system32\RMActivate_isv.exe
2011-03-04 14:38 . 2011-03-04 14:38   515584   ----a-w-   c:\windows\system32\RMActivate.exe
2011-03-04 14:38 . 2011-03-04 14:38   473088   ----a-w-   c:\windows\system32\secproc_isv.dll
2011-03-04 14:38 . 2011-03-04 14:38   472576   ----a-w-   c:\windows\system32\secproc.dll
2011-03-04 14:38 . 2011-03-04 14:38   435712   ----a-w-   c:\windows\system32\RMActivate_ssp.exe
2011-03-04 14:38 . 2011-03-04 14:38   431104   ----a-w-   c:\windows\system32\RMActivate_ssp_isv.exe
2011-03-04 14:38 . 2011-03-04 14:38   312320   ----a-w-   c:\windows\system32\msdrm.dll
2011-03-04 14:38 . 2011-03-04 14:38   154624   ----a-w-   c:\windows\system32\secproc_ssp_isv.dll
2011-03-04 14:38 . 2011-03-04 14:38   154112   ----a-w-   c:\windows\system32\secproc_ssp.dll
2011-03-04 14:37 . 2011-03-04 14:37   28672   ----a-w-   c:\windows\system32\Apphlpdm.dll
2011-03-04 14:37 . 2011-03-04 14:37   4247552   ----a-w-   c:\windows\system32\GameUXLegacyGDFs.dll
2011-03-04 14:37 . 2011-03-04 14:37   1686528   ----a-w-   c:\windows\system32\gameux.dll
2011-03-04 14:36 . 2011-03-04 14:36   1645568   ----a-w-   c:\windows\system32\connect.dll
2011-03-04 14:35 . 2011-03-04 14:35   8147968   ----a-w-   c:\windows\system32\wmploc.DLL
2011-03-04 14:35 . 2011-03-04 14:35   7680   ----a-w-   c:\windows\system32\spwmp.dll
2011-03-04 14:35 . 2011-03-04 14:35   168960   ----a-w-   c:\program files\Windows Media Player\wmplayer.exe
2011-03-04 14:35 . 2011-03-04 14:35   107520   ----a-w-   c:\program files\Windows Media Player\wmpshare.exe
2011-03-04 14:35 . 2011-03-04 14:35   4096   ----a-w-   c:\windows\system32\msdxm.ocx
2011-03-04 14:35 . 2011-03-04 14:35   4096   ----a-w-   c:\windows\system32\dxmasf.dll
2011-03-04 14:35 . 2011-03-04 14:35   107520   ----a-w-   c:\program files\Windows Media Player\wmpconfig.exe
2011-03-04 14:35 . 2011-03-04 14:35   311296   ----a-w-   c:\windows\system32\unregmp2.exe
2011-03-04 14:35 . 2011-03-04 14:35   1418240   ----a-w-   c:\program files\Windows Media Player\setup_wm.exe
2011-03-04 13:12 . 2011-02-11 06:54   5943120   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{B9AFB3C5-C6E6-4BB8-AD54-34E0F209F0CB}\mpengine.dll
2011-03-04 13:12 . 2011-03-04 13:12   378368   ----a-w-   c:\windows\system32\winhttp.dll
2011-03-04 07:00 . 2011-03-04 07:00   72704   ----a-w-   c:\windows\system32\fontsub.dll
2011-03-04 07:00 . 2011-03-04 07:00   34304   ----a-w-   c:\windows\system32\atmlib.dll
2011-03-04 07:00 . 2011-03-04 07:00   289792   ----a-w-   c:\windows\system32\atmfd.dll
2011-03-04 07:00 . 2011-03-04 07:00   24064   ----a-w-   c:\windows\system32\lpk.dll
2011-03-04 07:00 . 2011-03-04 07:00   156672   ----a-w-   c:\windows\system32\t2embed.dll
2011-03-04 07:00 . 2011-03-04 07:00   10240   ----a-w-   c:\windows\system32\dciman32.dll
2011-03-04 06:58 . 2011-03-04 06:58   78336   ----a-w-   c:\windows\system32\ieencode.dll
2011-03-04 06:56 . 2011-03-04 06:56   61440   ----a-w-   c:\windows\system32\winipsec.dll
2011-03-04 06:56 . 2011-03-04 06:56   361984   ----a-w-   c:\windows\system32\IPSECSVC.DLL
2011-03-04 06:56 . 2011-03-04 06:56   28672   ----a-w-   c:\windows\system32\FwRemoteSvr.dll
2011-03-04 06:56 . 2011-03-04 06:56   272896   ----a-w-   c:\windows\system32\polstore.dll
2011-03-04 06:55 . 2011-03-04 06:55   84992   ----a-w-   c:\windows\system32\drivers\srvnet.sys
2011-03-04 06:55 . 2011-03-04 06:55   306688   ----a-w-   c:\windows\system32\drivers\srv.sys
2011-03-04 06:53 . 2011-03-04 06:53   15360   ----a-w-   c:\windows\system32\netevent.dll
2011-03-04 06:53 . 2011-03-04 06:53   9728   ----a-w-   c:\windows\system32\TCPSVCS.EXE
2011-03-04 06:53 . 2011-03-04 06:53   8704   ----a-w-   c:\windows\system32\HOSTNAME.EXE
2011-03-04 06:53 . 2011-03-04 06:53   27136   ----a-w-   c:\windows\system32\NETSTAT.EXE
2011-03-04 06:53 . 2011-03-04 06:53   19968   ----a-w-   c:\windows\system32\ARP.EXE
2011-03-04 06:53 . 2011-03-04 06:53   17920   ----a-w-   c:\windows\system32\ROUTE.EXE
2011-03-04 06:53 . 2011-03-04 06:53   11264   ----a-w-   c:\windows\system32\MRINFO.EXE
2011-03-04 06:53 . 2011-03-04 06:53   103936   ----a-w-   c:\windows\system32\netiohlp.dll
2011-03-04 06:53 . 2011-03-04 06:53   10240   ----a-w-   c:\windows\system32\finger.exe
2011-03-04 06:52 . 2011-03-04 06:52   123904   ----a-w-   c:\windows\system32\L2SecHC.dll
2011-03-04 06:52 . 2011-03-04 06:52   67584   ----a-w-   c:\windows\system32\wlanhlp.dll
2011-03-04 06:52 . 2011-03-04 06:52   502272   ----a-w-   c:\windows\system32\wlansvc.dll
2011-03-04 06:52 . 2011-03-04 06:52   47104   ----a-w-   c:\windows\system32\wlanapi.dll
2011-03-04 06:52 . 2011-03-04 06:52   297984   ----a-w-   c:\windows\system32\wlansec.dll
2011-03-04 06:52 . 2011-03-04 06:52   290816   ----a-w-   c:\windows\system32\wlanmsm.dll
2011-03-04 06:51 . 2011-03-04 06:51   2048   ----a-w-   c:\windows\system32\msxml3r.dll
2011-03-04 06:51 . 2011-03-04 06:51   1260032   ----a-w-   c:\windows\system32\msxml3.dll
2011-03-04 06:51 . 2011-03-04 06:51   2048   ----a-w-   c:\windows\system32\msxml6r.dll
2011-03-04 06:51 . 2011-03-04 06:51   1406464   ----a-w-   c:\windows\system32\msxml6.dll
2011-03-04 06:50 . 2011-03-04 06:50   216576   ----a-w-   c:\windows\system32\msv1_0.dll
2011-03-04 06:48 . 2011-03-04 06:48   58368   ----a-w-   c:\windows\system32\drivers\mrxsmb20.sys
2011-03-04 06:48 . 2011-03-04 06:48   211968   ----a-w-   c:\windows\system32\drivers\mrxsmb10.sys
2011-03-04 06:48 . 2011-03-04 06:48   102400   ----a-w-   c:\windows\system32\drivers\mrxsmb.sys
2011-03-04 06:47 . 2011-03-04 06:47   98816   ----a-w-   c:\windows\system32\mfps.dll
2011-03-04 06:47 . 2011-03-04 06:47   52736   ----a-w-   c:\windows\system32\rrinstaller.exe
2011-03-04 06:47 . 2011-03-04 06:47   2855424   ----a-w-   c:\windows\system32\mf.dll
2011-03-04 06:47 . 2011-03-04 06:47   24576   ----a-w-   c:\windows\system32\mfpmp.exe
2011-03-04 06:47 . 2011-03-04 06:47   2048   ----a-w-   c:\windows\system32\mferror.dll
2011-03-04 06:46 . 2011-03-04 06:46   3502480   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2011-03-04 06:46 . 2011-03-04 06:46   3468168   ----a-w-   c:\windows\system32\ntoskrnl.exe
2011-03-04 06:44 . 2011-03-04 06:44   434176   ----a-w-   c:\windows\system32\vbscript.dll
2011-03-04 06:43 . 2011-03-04 06:43   71680   ----a-w-   c:\windows\system32\atl.dll
2011-03-04 06:42 . 2011-03-04 06:42   297472   ----a-w-   c:\windows\system32\gdi32.dll
2011-03-04 06:39 . 2011-03-04 06:39   500736   ----a-w-   c:\windows\system32\msdtcprx.dll
2011-03-04 06:39 . 2011-03-04 06:39   30208   ----a-w-   c:\windows\system32\xolehlp.dll
2011-03-04 06:38 . 2011-03-04 06:38   156160   ----a-w-   c:\windows\system32\wkssvc.dll
2011-03-04 06:37 . 2011-03-04 06:37   36352   ----a-w-   c:\windows\system32\tsgqec.dll
2011-03-04 06:37 . 2011-03-04 06:37   116736   ----a-w-   c:\windows\system32\aaclient.dll
2011-03-04 06:37 . 2011-03-04 06:37   1871872   ----a-w-   c:\windows\system32\mstscax.dll
2011-03-04 06:36 . 2011-03-04 06:36   268800   ----a-w-   c:\windows\system32\es.dll
2011-03-04 06:35 . 2011-03-04 06:35   303616   ----a-w-   c:\windows\system32\wmpeffects.dll
2011-03-04 06:32 . 2011-03-04 06:32   150016   ----a-w-   c:\program files\Movie Maker\MOVIEMK.exe
2011-03-04 06:32 . 2011-03-04 06:32   10922496   ----a-w-   c:\program files\Movie Maker\MOVIEMK.dll
2011-03-04 06:32 . 2011-03-04 06:32   23040   ----a-w-   c:\program files\Movie Maker\WMM2EXT.dll
2011-03-04 06:32 . 2011-03-04 06:32   195072   ----a-w-   c:\program files\Movie Maker\WMM2AE.dll
2011-03-04 06:28 . 2011-03-04 06:28   2048   ----a-w-   c:\windows\system32\tzres.dll
2011-03-04 06:27 . 2011-03-04 06:27   696832   ----a-w-   c:\windows\system32\localspl.dll
2011-03-04 06:26 . 2011-03-04 06:26   2923520   ----a-w-   c:\windows\explorer.exe
2011-03-04 06:24 . 2011-03-04 06:24   171520   ----a-w-   c:\windows\system32\wintrust.dll
2011-03-04 06:23 . 2011-03-04 06:23   7680   ----a-w-   c:\windows\system32\lsass.exe
2011-03-04 06:23 . 2011-03-04 06:23   72704   ----a-w-   c:\windows\system32\secur32.dll
2011-03-04 06:23 . 2011-03-04 06:23   494592   ----a-w-   c:\windows\system32\kerberos.dll
2011-03-04 06:23 . 2011-03-04 06:23   408136   ----a-w-   c:\windows\system32\drivers\ksecdd.sys
2011-03-04 06:23 . 2011-03-04 06:23   175104   ----a-w-   c:\windows\system32\wdigest.dll
2011-03-04 06:23 . 2011-03-04 06:23   1233920   ----a-w-   c:\windows\system32\lsasrv.dll
2011-03-04 06:23 . 2011-03-04 06:23   272384   ----a-w-   c:\windows\system32\schannel.dll
2011-03-04 06:18 . 2011-03-04 06:18   220160   ----a-w-   c:\windows\system32\drivers\bthport.sys
2011-03-04 06:18 . 2011-03-04 06:18   19456   ----a-w-   c:\windows\system32\drivers\bthenum.sys
2011-03-04 06:18 . 2011-03-04 06:18   181760   ----a-w-   c:\windows\system32\fsquirt.exe
2011-03-04 06:18 . 2011-03-04 06:18   29184   ----a-w-   c:\windows\system32\drivers\BTHUSB.SYS
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-03-04 14:37 . 2011-03-04 14:37   2560   ----a-w-   c:\windows\apppatch\AcRes.dll
2011-03-04 14:37 . 2011-03-04 14:37   537600   ----a-w-   c:\windows\apppatch\AcLayers.dll
2011-03-04 14:37 . 2011-03-04 14:37   449024   ----a-w-   c:\windows\apppatch\AcSpecfc.dll
2011-03-04 14:37 . 2011-03-04 14:37   2143744   ----a-w-   c:\windows\apppatch\AcGenral.dll
2011-03-04 14:37 . 2011-03-04 14:37   173056   ----a-w-   c:\windows\apppatch\AcXtrnal.dll
2011-03-04 13:10 . 2011-03-04 13:10   36864   ----a-w-   c:\windows\system32\drivers\en-US\http.sys.mui
2011-03-04 06:59 . 2011-03-04 06:59   52736   ----a-w-   c:\windows\apppatch\iebrshim.dll
2011-03-04 06:07 . 2011-03-04 06:07   40960   ----a-w-   c:\windows\apppatch\apihex86.dll
2011-02-23 15:04 . 2008-02-20 19:33   190016   ----a-w-   c:\windows\system32\aswBoot.exe
2011-02-23 14:56 . 2008-04-16 02:15   301528   ----a-w-   c:\windows\system32\drivers\aswSP.sys
2011-02-23 14:55 . 2008-02-20 19:33   49240   ----a-w-   c:\windows\system32\drivers\aswTdi.sys
2011-02-23 14:55 . 2008-02-20 19:33   25432   ----a-w-   c:\windows\system32\drivers\aswRdr.sys
2011-02-23 14:55 . 2008-02-20 19:33   53592   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2011-02-23 14:54 . 2008-04-16 02:15   19544   ----a-w-   c:\windows\system32\drivers\aswFsBlk.sys
2011-02-02 22:11 . 2009-10-08 19:11   222080   ------w-   c:\windows\system32\MpSigStub.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-02-23 15:04   122512   ----a-w-   c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AOLOverlayIcon]
@="{AB0C8BE3-041C-47d6-8195-E089D32B38DD}"
[HKEY_CLASSES_ROOT\CLSID\{AB0C8BE3-041C-47d6-8195-E089D32B38DD}]
2007-10-05 18:54   303104   ------w-   c:\ddi\OverIcon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@="{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}"
[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2007-06-06 07:16   2955264   ----a-w-   c:\program files\Protector Suite QL\farchns.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@="{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}"
[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2007-06-06 07:16   2955264   ----a-w-   c:\program files\Protector Suite QL\farchns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-05-21 39408]
"SmileboxTray"="c:\users\gm\AppData\Roaming\Smilebox\SmileboxTray.exe" [2011-01-22 312640]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-05-23 1232896]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VWLASU"="c:\program files\Sony\VAIO PC Wireless LAN Wizard\AutoLaunchWLASU.exe" [2007-10-13 45056]
"VAIOSurvey"="c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe" [2007-07-20 577536]
"VAIORegistration"="c:\program files\Sony\First Experience\WelcomeLauncher.exe" [2007-10-17 20480]
"VAIO Help and Support Demo"="c:\program files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe" [2007-08-28 290816]
"VAIO Center Access Bar"="c:\program files\sony\VAIO Center Access Bar\VCAB.exe" [2007-09-06 53248]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-07-25 149280]
"SmartWiHelper"="c:\program files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe" [2007-07-06 65536]
"PSQLLauncher"="c:\program files\Protector Suite QL\launcher.exe" [2007-06-06 49168]
"OpwareSE2"="c:\program files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-07-24 86016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-07-24 81920]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-07-24 8429568]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-02-03 233304]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-09-19 311296]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-06-10 49208]
"DRCU"="c:\program files\Sony\DRCU\DRCU.exe" [2007-06-18 73728]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-02-23 3451496]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2007-10-12 118784]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
.
c:\users\gm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
2X Client.lnk - c:\program files\2X\Client\APPServerClient.exe [2009-6-25 1108472]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-10-30 748072]
Event Reminder.lnk - c:\program files\Broderbund\PrintMaster\PMremind.exe [2009-7-15 331776]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-10-16 214360]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2008-1-13 972064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoWelcomeScreen"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
2007-06-06 07:03   90112   ----a-w-   c:\windows\System32\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-08-15 04:05   98304   ----a-w-   c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer3"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ     autocheck autochk *\0SsiEfr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 135664]
R3 NWUSBPort2;Novatel Wireless USB Status2 Port Driver;c:\windows\system32\DRIVERS\nwusbser2.sys [2007-04-19 99200]
R3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [2007-01-11 745472]
R3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [2007-08-09 397312]
R3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [2007-08-09 1089536]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2007-09-29 292128]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [2007-09-21 79136]
S0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\DRIVERS\shpf.sys [2007-10-09 21408]
S1 aswSnx;aswSnx;

S1 aswSP;aswSP;

S2 2X SSO Service;2X SSO Service;c:\program files\2X\Client\\TUXCredProv.exe [2009-06-25 268792]
S2 aswFsBlk;aswFsBlk;

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-02-23 53592]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-04-18 11032]
S2 uCamMonitor;CamMonitor;c:\program files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [2007-10-31 125440]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2007-10-30 17920]
S3 BTHprint;Microsoft Bluetooth Printer Class;c:\windows\system32\DRIVERS\bthprint.sys [2006-11-02 28672]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2007-11-16 28464]
S3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\Drivers\R5U870FLx86.sys [2007-06-06 75392]
S3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\Drivers\R5U870FUx86.sys [2007-06-06 43904]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-09-06 9344]
S3 SPI;Sony Programmable I/O Control Device;c:\windows\system32\DRIVERS\SonyPI.sys [2007-09-01 14720]
S3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2007-07-09 812544]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork   REG_MULTI_SZ     PLA DPS BFE mpssvc
bthsvcs   REG_MULTI_SZ     BthServ
HPZ12   REG_MULTI_SZ     Pml Driver HPZ12 Net Driver HPZ12
HPService   REG_MULTI_SZ     HPSLPSVC
hpdevmgmt   REG_MULTI_SZ     hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2011-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 19:14]
.
2011-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 19:14]
.
2011-03-07 c:\windows\Tasks\User_Feed_Synchronization-{3743522E-0CBA-4DCF-9594-9EE1CBD6F9D4}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Supplementary Scan -------
.
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - (no file)
HKCU-Run-RegistryBooster - c:\program files\Uniblue\RegistryBooster\launcher.exe
SSODL-xkefqtgs-{4D2F6D91-DC54-4A85-BD6D-AA63A02DDECC} - c:\windows\xkefqtgs.dll
SSODL-rnopbfgt-{45EF9A8B-2C64-442C-921E-8141696A5A7C} - c:\windows\rnopbfgt.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-03-06 21:40
Windows 6.0.6000 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(3532)
c:\program files\ScanSoft\OmniPageSE2.0\ophookSE2.dll
c:\ddi\overicon.dll
c:\program files\Protector Suite QL\farchns.dll
c:\program files\Protector Suite QL\infra.dll
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\2X\Client\TUXCredProv.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\PSIService.exe
c:\program files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\windows\system32\stacsv.exe
c:\program files\Sony\VAIO Event Service\VESMgr.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files\Protector Suite QL\upeksvr.exe
c:\program files\Sony\VAIO Power Management\SPMgr.exe
c:\windows\System32\rundll32.exe
c:\windows\System32\rundll32.exe
c:\program files\Apoint\ApMsgFwd.exe
c:\program files\Apoint\Apntex.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
.
**************************************************************************
.
Completion time: 2011-03-06 21:47:29 - machine was rebooted
ComboFix-quarantined-files.txt 2011-03-07 02:47
.
Pre-Run: 164,771,500,032 bytes free
Post-Run: 164,442,165,248 bytes free
.
Current=1 Default=1 Failed=0 LastKnownGood=6 Sets=1,2,3,4,5,6
- - End Of File - - 8DA354271D95D7CE08BAABF83BB24806

Hoov · « **Reply #26 on:** March 06, 2011, 09:51:22 PM »

How is the computer running now?

bdunn0 · « **Reply #27 on:** March 06, 2011, 10:03:05 PM »

CPU usage drops to 5% or less in about 2 minutes. The hard drive still continues to run for about 9 minutes before setteling down. Otherwise everything seems to be working well. I don't understand why it takes so long for the hard drive to settle.

Hoov · « **Reply #28 on:** March 06, 2011, 10:22:34 PM »

OK lets try something a tad different. Download Hijackthis and install it. Then run it. Select the Misc tools section (or main menu and then Misc Tools). Up at the top there is a button marked Generate Startuplist log. Click that button, and then once a log is created, copy it and paste the results back here. Do not check the two boxes next to the button.

bdunn0 · « **Reply #29 on:** March 06, 2011, 10:31:03 PM »

Automatic update appears to be working. It just downloaded Vista Service Pack 1 and in installing it now. As soon as it finishes, I will run HiJackThis.

News:

Author Topic: [Resolved] Windows Update does not work. Error code 8024402C (Read 4539 times)

Hoov

Re: [In Progress] Windows Update does not work. Error code 8024402C

bdunn0

Re: [In Progress] Windows Update does not work. Error code 8024402C

Hoov

Re: [In Progress] Windows Update does not work. Error code 8024402C

bdunn0

Re: [In Progress] Windows Update does not work. Error code 8024402C

bdunn0

Re: [In Progress] Windows Update does not work. Error code 8024402C

Hoov

Re: [In Progress] Windows Update does not work. Error code 8024402C

bdunn0

Re: [In Progress] Windows Update does not work. Error code 8024402C

Hoov

Re: [In Progress] Windows Update does not work. Error code 8024402C

bdunn0

Re: [In Progress] Windows Update does not work. Error code 8024402C

Hoov

Re: [In Progress] Windows Update does not work. Error code 8024402C

bdunn0

Re: [In Progress] Windows Update does not work. Error code 8024402C

Hoov

Re: [In Progress] Windows Update does not work. Error code 8024402C

bdunn0

Re: [In Progress] Windows Update does not work. Error code 8024402C

Hoov

Re: [In Progress] Windows Update does not work. Error code 8024402C

bdunn0

Re: [In Progress] Windows Update does not work. Error code 8024402C