Author Topic: [Inactive]Serious Problem With XP Computer. Hardware & Interrupts (Read 1776 times)

L-Tek · « **on:** February 08, 2012, 06:32:33 PM »

Hi there, I hope you can help me. I've been referred here from the dell forums. Please let me know if i've posted this is the wrong place. I havn't been able to find a similar post.

http://en.community.dell.com/support-forums/virus-spyware/f/3522/t/19435736.aspx#20048529

Over the past few months my pc has slowed considerably. I have noticed the pc is affected both while running programs and the speed at which my pc connects to the internet. Heres a list of the things I have done to combat this problem (to no avail).

*Firstly I downloaded 'Malwarebytes' and performed a scan. I found a few malware viruses, which I deleted, rebooted and again run a scan.

*Secondly I downloaded 'Kaspersky Rescue Disk' which found a number of trojans and malware viruses. Again I ran the scan and it found no further problems.

*After doing this I contacted Virgin as I was recieving a extremely slow connection speed to the internet (around 0.5mbs). I wasn't sure if these two problems were seperate. He installed a new modem and other computers around the house are running at 20mbs. My computer when using www.speedtest.net peeks at 20mbs but instantly goes down again. The virgin tech guy showed me on other pc's that the internet connection remains at 20mbs throughout the test (not peeking momentarily).

At this stage had it not been my work pc i would have just reinstalled windows but i can not afford to loose data or programs.

*I then downloaded sysinternals processes explorer and found my 'hardware and interrupts' running on average at 50%. This is the case even while no programs are running and when they are this shoots up to 100%.

*I checked both my primary and secondary drivers are both running on DMA (not POI).

*I downloaded Hijack this. Here is a copy of my scan:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 02:30:25, on 08/02/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\Eraser\Eraser.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ralink\Common\RaUI.exe
C:\WINDOWS\usb-audio.deAAVersaPort\CONTROLVERSAPORT.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://bfc.myway.com/search/de_srchlft.html?p=DK
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.facebook.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.dell.co.uk/myway
R3 - URLSearchHook: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: VersaPort Control Panel.lnk = ?
O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\Ralink\Common\RaUI.exe
O9 - Extra button: (no name) - {3B8FB116-D358-48A3-A5C7-DB84F15CBB04} - http://www.expresstoolie.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IExplorer Security - {3B8FB116-D358-48A3-A5C7-DB84F15CBB04} - http://www.expresstoolie.com/redirect.php (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O15 - Trusted Zone: *.line6.net
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe

--
End of file - 6975 bytes

**NOTE I WAS USING FIREFOX WHILST RUNNING THIS SCAN.

MY SYSTEM:

DELL MICROSOFT XP HOME EDITION 2002, SERVICE PACK 3, DELL DIMENSION DIM3000, INTEL (R) CELERON (R) CPU 3.06GHZ 512MB RAM

I hope someone can help me with this as I rely on my pc to make a living and its almost become unusable.

Thanks in advance.

Luke.

Hoov · « **Reply #1 on:** February 08, 2012, 06:46:14 PM »

Hello, welcome to SpywareHammer.

I am moving your thread to the malware removal board for now. I suspect that you still have malware installed. Please read the instructions in this thread, [NEW Instructions!] What Do I Do First? and post the DDS logs back to this thread.

I go by Hoov, and I will be helping you with your problem. I must ask you to do a few things for me.

First, tell me everything that you have done (other than what you have already listed), if anything, to try and fix this problem.Also tell me any other problems you are having, no matter how small or long you have been dealing with them.

Second, please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.

Third, follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go.

Fourth, Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try.

Fifth, if we start this fix, I need you to stick with me until the end. Just because your computer is running better does not mean it is fixed.

Before we start trying to fix your computer, you need to make sure your data is backed up. Also let me know of any software you have running that encrypts your harddrive.

One last thing, I need you to tell me if this computer belongs to a school or to a company or orginization of some kind. If it does, please let me know. Also tell me if there is an IT department responsible for this computer.

Now onto trying to fix your computer.

L-Tek · « **Reply #2 on:** February 09, 2012, 07:05:23 AM »

Hi Hoov, thanks for taking the time to reply.

These are the only steps i've taken apart from freeing up space.

In regards to other problems. I have noticed from time to time that i get a warning message in the lower right hand of my screen saying certain files are 'corrupt'. These usually pop up with different file names. I believe they are files from my registry. But I can't really say much more about that as they dont pop up very often (in hindsight perhaps i should have noted which files they were). Obviously something is wrong there.

Also my windows updates dont seem to be able to download for some reason. It often comes up with a message saying that it had failed to connect. (I should note though that I have done this fairly recently.)

I've gone through all my Malwarebytes logs, here are the viruses my computer has been affected with within the past 4 months:

PUM.Disabled.SecurityCenter

Quarantined and repaired successfully (apparently)

PUP.Adware.Installer

Quarantined and repaired successfully (apparently)

Worm.Brontok

Quarantined and repaired successfully (apparently)

HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\Security Protection (Rogue.Spypro) -> Value: Security Protection

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Value: (default)

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Value: *.securewebinfo.com

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Value: *.safetyincludes.com

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Value: *.securemanaging.com

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SHELL (Hijack.Shell.Gen) -> Value: SHELL

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{8B3EE1B3-1B8C-6C6C-D09A-A81BD41F248B} (Trojan.ZbotR.Gen) -> Value: {8B3EE1B3-1B8C-6C6C-D09A-A81BD41F248B}

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer (PUM.Bad.Proxy) -> Value: ProxyServer

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\ANTIVIRUSDISABLENOTIFY (PUM.Disabled.SecurityCenter)

All Quarantined and deleted successfully (apparently)

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo)

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo)

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch)

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch)

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch)

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch)

All Quarantined and deleted successfully (apparently)

AS YOU CAN SEE, IT WAS ONCE A VERY INFECTED PC!

I can't tell you what trojans and malware i found when using kaspersky rescue disk because there is no log. But i can tell you there where between 7-9 trojans that malwarebytes couldnt pick up and also between 3-4 malware viruses.

Malwarebytes and Kaspersky are currently picking up no further viruses.

This is the following conversation I had on the dell forums. It should better help you to understand the problems I face fixing my pc and the nature of my pc use.

DELL: If you earn a living with your PC, is there any reason you're still using XP? It's much more susceptible to malware than Windows 7.

ME: I produce music.. so the files, folders & programs have to remain in the same place otherwise it can seriously affect projects. I daren't change anything in that respect just incase i loose vital things. If a project becomes corrupted I have no proof that I made that piece of music.

DELL: XP is deprecated and in two years Microsoft plans abandon it. I do concede that some expensive and specialized hardware lacks Windows 7 drivers and will never function under anything but XP.

You might consider imaging your current drive to a backup, and reformatting and reinstalling. With all the malware you're reporting, it may well be that you won't get it all even using cleanup tools from multiple vendors. And once reinstalled, don't be using products like Kazaa, which allows malware to efficiently propagate.

ME: Exactly that, some of the the programs which i use only run on XP. The system was running fine until this problem arose so I have no issue with XP. I do back my pc up on a daily basis, i was speaking more of files specific to software.

It seems I may have to reinstall which is going to be a nightmare as some of the musical plugins i own dont exsist in the public domain anymore (therefore corrupting my saves). & from what i understand if I image the drive I could just be putting the same problems back onto the pc, so is it really worth the risk?

There was more to the conversation but hopefully you get the idea of my dilema a little more with that post.

Here is a logs from DDS:

StartupFolder: c:\docume~1\lukey\startm~1\programs\startup\versap~1.lnk - c:\windows\usb-audio.deaaversaport\CONTROLVERSAPORT.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ralink~1.lnk - c:\program files\ralink\common\RaUI.exe
IE: &Search
IE: {3B8FB116-D358-48A3-A5C7-DB84F15CBB04} - http://www.expresstoolie.com/redirect.php
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: hotmail.co.uk\.www
Trusted Zone: line6.net
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{E6B27906-451D-4F38-A7D4-5921DE6C1A5F} : DhcpNameServer = 192.168.2.1 192.168.2.1
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\lukey\application data\mozilla\firefox\profiles\1jonz51o.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4dd54479&v=7.004.022.004&i=26&tp=ab&iy=&ychte=uk&lng=en-GB&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 54889
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\lukey\application data\mozilla\firefox\profiles\1jonz51o.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\lukey\application data\mozilla\firefox\profiles\1jonz51o.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\lukey\application data\mozilla\firefox\profiles\1jonz51o.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-5 652360]
R2 RalinkRegistryWriter;Ralink Registry Writer;c:\program files\ralink\common\RalinkRegistryWriter.exe [2010-9-8 69632]
R3 AA_VERSAPORT;usb-audio.de driver for American Audio VersaPort;c:\windows\system32\drivers\aavportu.sys [2009-1-23 398912]
R3 AA_VERSAPORT_A_WDM;VersaPort WDM Audio;c:\windows\system32\drivers\aavporta.sys [2009-1-23 39488]
R3 L6DP;L6DP;c:\windows\system32\drivers\l6dp.sys [2006-9-29 29312]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-5 20464]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2010-9-8 619136]
S1 MpKsl24246200;MpKsl24246200;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c4ae175f-9d1c-45f0-ab43-760f4e229e6f}\mpksl24246200.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c4ae175f-9d1c-45f0-ab43-760f4e229e6f}\MpKsl24246200.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\ekdiscovery.exe [2009-8-5 284016]
S3 cpudrv;cpudrv;\??\c:\program files\systemrequirementslab\cpudrv.sys --> c:\program files\systemrequirementslab\cpudrv.sys [?]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-5-19 102448]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-10-5 36640]
S3 L6TPortB;Service - Line 6 TonePort UX2;c:\windows\system32\drivers\l6tportb.sys --> c:\windows\system32\drivers\L6TPortB.sys [?]
S3 PROCEXP150;PROCEXP150;\??\c:\windows\system32\drivers\procexp150.sys --> c:\windows\system32\drivers\PROCEXP150.SYS [?]
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);c:\windows\system32\drivers\sea1bus.sys [2008-4-15 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter;c:\windows\system32\drivers\sea1mdfl.sys [2008-4-15 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver;c:\windows\system32\drivers\sea1mdm.sys [2008-4-15 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea1mgmt.sys [2008-4-15 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS);c:\windows\system32\drivers\sea1nd5.sys [2008-4-15 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface;c:\windows\system32\drivers\sea1obex.sys [2008-4-15 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM);c:\windows\system32\drivers\sea1unic.sys [2008-4-15 90800]
S3 USBMIDI;UF USB MIDI Driver;c:\windows\system32\drivers\mdusb.sys --> c:\windows\system32\drivers\Mdusb.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-10 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-02-08 01:25:25   388096   ----a-r-   c:\documents and settings\lukey\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-02-08 01:25:18   --------   d-----w-   c:\program files\Trend Micro
2012-02-07 22:02:48   --------   d-----w-   c:\documents and settings\lukey\local settings\application data\Eraser 6
2012-02-07 12:44:14   --------   d-----w-   c:\program files\VS Revo Group
2012-02-07 12:25:07   --------   d-----w-   c:\documents and settings\lukey\local settings\application data\VS Revo Group
2012-02-06 00:51:25   --------   d-----w-   c:\documents and settings\lukey\application data\Waves Audio
2012-02-06 00:25:23   --------   d-----w-   c:\program files\Waves
2012-01-31 22:29:50   --------   d-----w-   c:\program files\NCH Software
2012-01-19 13:08:57   21976   ----a-w-   c:\program files\mozilla firefox\plc4.dll
2012-01-19 13:08:57   20440   ----a-w-   c:\program files\mozilla firefox\plds4.dll
2012-01-19 13:08:57   16856   ----a-w-   c:\program files\mozilla firefox\plugin-container.exe
2012-01-19 13:08:57   105432   ----a-w-   c:\program files\mozilla firefox\smime3.dll
2012-01-19 13:08:56   715216   ----a-w-   c:\program files\mozilla firefox\uninstall\helper.exe
2012-01-19 13:08:56   269272   ----a-w-   c:\program files\mozilla firefox\updater.exe
2012-01-19 13:08:56   170968   ----a-w-   c:\program files\mozilla firefox\softokn3.dll
2012-01-19 13:08:56   154584   ----a-w-   c:\program files\mozilla firefox\ssl3.dll
2012-01-19 13:08:55   19928   ----a-w-   c:\program files\mozilla firefox\xpcom.dll
2012-01-17 15:40:48   --------   d-----w-   c:\program files\Microsoft
.
==================== Find3M ====================
.
2011-12-16 01:36:55   414368   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 15:24:06   20464   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-11-15 14:29:56   222080   ------w-   c:\windows\system32\MpSigStub.exe
.
============= FINISH: 7:44:12.25 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 23/08/2005 12:52:14
System Uptime: 09/02/2012 07:36:26 (0 hours ago)
.
Motherboard: Dell Computer Corp. | | 0TC666
Processor: Intel(R) Celeron(R) CPU 3.06GHz | Microprocessor | 3059/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 146 GiB total, 78.214 GiB free.
D: is CDROM ()
E: is CDROM ()
G: is CDROM ()
H: is CDROM ()
I: is FIXED (FAT32) - 466 GiB total, 240.226 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/100 VE Network Connection
Device ID: PCI\VEN_8086&DEV_1050&SUBSYS_019D1028&REV_02\4&1C660DD6&0&40F0
Manufacturer: Intel
Name: Intel(R) PRO/100 VE Network Connection
PNP Device ID: PCI\VEN_8086&DEV_1050&SUBSYS_019D1028&REV_02\4&1C660DD6&0&40F0
Service: E100B
.
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: SoundMAX Integrated Digital Audio
Device ID: PCI\VEN_8086&DEV_24D5&SUBSYS_019D1028&REV_02\3&172E68DD&0&FD
Manufacturer: Analog Devices, Inc.
Name: SoundMAX Integrated Digital Audio
PNP Device ID: PCI\VEN_8086&DEV_24D5&SUBSYS_019D1028&REV_02\3&172E68DD&0&FD
Service: smwdm
.
==== System Restore Points ===================
.
RP12: 26/12/2011 18:59:10 - System Checkpoint
RP13: 29/12/2011 19:38:08 - Installed STOIK Smart Resizer 3.
RP14: 07/01/2012 07:05:03 - Software Distribution Service 3.0
RP15: 08/01/2012 07:01:33 - Software Distribution Service 3.0
RP16: 08/01/2012 07:10:51 - Software Distribution Service 3.0
RP17: 09/01/2012 07:01:24 - Software Distribution Service 3.0
RP18: 11/01/2012 07:01:51 - Software Distribution Service 3.0
RP19: 12/01/2012 07:00:50 - Software Distribution Service 3.0
RP20: 13/01/2012 07:01:19 - Software Distribution Service 3.0
RP21: 14/01/2012 07:00:36 - Software Distribution Service 3.0
RP22: 14/01/2012 14:04:52 - Software Distribution Service 3.0
RP23: 15/01/2012 07:00:43 - Software Distribution Service 3.0
RP24: 16/01/2012 07:01:26 - Software Distribution Service 3.0
RP25: 17/01/2012 07:00:41 - Software Distribution Service 3.0
RP26: 18/01/2012 07:00:44 - Software Distribution Service 3.0
RP27: 19/01/2012 07:00:41 - Software Distribution Service 3.0
RP28: 20/01/2012 07:00:34 - Software Distribution Service 3.0
RP29: 21/01/2012 07:00:35 - Software Distribution Service 3.0
RP30: 21/01/2012 14:48:16 - Installed Java(TM) 6 Update 30
RP31: 21/01/2012 15:31:46 - Software Distribution Service 3.0
RP32: 23/01/2012 07:00:36 - Software Distribution Service 3.0
RP33: 24/01/2012 07:00:58 - Software Distribution Service 3.0
RP34: 25/01/2012 07:00:41 - Software Distribution Service 3.0
RP35: 26/01/2012 07:00:50 - Software Distribution Service 3.0
RP36: 27/01/2012 07:00:37 - Software Distribution Service 3.0
RP37: 28/01/2012 10:57:32 - Software Distribution Service 3.0
RP38: 29/01/2012 07:00:40 - Software Distribution Service 3.0
RP39: 30/01/2012 07:00:39 - Software Distribution Service 3.0
RP40: 31/01/2012 07:02:03 - Software Distribution Service 3.0
RP41: 01/02/2012 07:01:08 - Software Distribution Service 3.0
RP42: 02/02/2012 07:01:24 - Software Distribution Service 3.0
RP43: 03/02/2012 07:01:20 - Software Distribution Service 3.0
RP44: 04/02/2012 07:00:44 - Software Distribution Service 3.0
RP45: 05/02/2012 07:01:36 - Software Distribution Service 3.0
RP46: 06/02/2012 00:48:11 - Installed Microsoft Visual C++ 2005 Redistributable
RP47: 06/02/2012 07:02:20 - Software Distribution Service 3.0
RP48: 07/02/2012 07:02:22 - Software Distribution Service 3.0
RP49: 07/02/2012 13:19:41 - Installed Eraser 6.0.9.2343
RP50: 08/02/2012 00:33:23 - Removed Eraser 6.0.9.2343
RP51: 08/02/2012 01:25:10 - Installed HiJackThis
RP52: 08/02/2012 07:02:37 - Software Distribution Service 3.0
RP53: 09/02/2012 06:23:16 - Revo Uninstaller's restore point - Ohm Force - Mobilohm VST2
RP54: 09/02/2012 06:31:17 - Revo Uninstaller's restore point - BitLord 1.1
RP55: 09/02/2012 06:43:36 - Revo Uninstaller's restore point - Ohm Force - Ohmicide VST
RP56: 09/02/2012 06:52:20 - Revo Uninstaller's restore point - Ohm Force - Quad Frohmage VST2
RP57: 09/02/2012 07:01:43 - Revo Uninstaller's restore point - OhmForce Predatohm VST2
RP58: 09/02/2012 07:02:21 - Software Distribution Service 3.0
RP59: 09/02/2012 07:29:58 - Installed LiquidInstrument Standalone 1.5
RP60: 09/02/2012 07:32:48 - Removed LiquidInstrument Standalone 1.5
.
==== Installed Programs ======================
.
1600
1600_Help
1600Trb
7-Zip 9.20
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Reader 9.4.4
AiO_Scan
aiofw
aioprnt
aioscnnr
AiOSoftware
ARTEuro
Audacity 1.2.6
Beta Bugs Chorrosive VST
Beta Bugs FloFi VST
Beta Bugs SVF2 VST
Camel Audio Alchemy
center
Dell Driver Download Manager
Dell Driver Reset Tool
Dell Media Experience
Dell Media Experience Update
Dell Support 5.0.0 (630)
Dell System Restore
East West EWQLSO Gold Edition
Fax
FFmpeg 2009-01-08 for Audacity
Free Alarm Clock 2.3.3
G21922EN
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB981793)
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Software Update
Indeo® software
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet for Wired Connections
Interlok driver setup x32
Internet Explorer Default Page
Java Auto Updater
Java(TM) 6 Update 30
JourneySoftware
JourneySoftwarePromo
K-Lite Codec Pack 3.2.5 Standard
KODAK AiO Home Center
ksDIP
LADSPA_plugins-win-0.4.15
LAME v3.98.2 for Audacity
Learn2 Player (Uninstall Only)
Lennar Digital Sylenth VSTi v1.2.1
LightScribe System Software 1.12.33.2
LiquidInstrumentVst 1.5
Live 5.2.2
Malwarebytes Anti-Malware version 1.60.1.1000
Melodyne 3.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Professional
Microsoft SQL Server Database Publishing Wizard 1.2
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Works 7.0
Microsoft WSE 3.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 9.0.1 (x86 en-GB)
MSVCRT
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
MusicLab RealGuitar 2.0
My Way Search Assistant
Native Instruments - Rig Kontrol 3 Driver
Native Instruments Kontakt 5
Native Instruments Massive v1.0.1.008 VSTi DXi RTAS
Native.Instruments Battery v3.0.1.005 VSTi DXi RTAS
Nero 7 Ultra Edition
neroxml
OrangeVocoder VST 2.02
PreReq
ProductContext
PSP VintageWarmer 2.0.0
QuickTime
Ralink RT2870 Wireless LAN Card
Readme
Reason 4.0
Revo Uninstaller 1.93
Rob Papen Albino 3
RON Tool Offersfortoday
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SHOUTcast Source DSP 1.9.0 (remove only)
Sonic DLA
Sonic Update Manager
Steinberg Cubase 5
Steinberg Drum Loop Expansion 01
Steinberg HALionOne
Steinberg HALionOne Additional Content Set 01
Steinberg HALionOne Expression Set
Steinberg HALionOne GM Drum Set
Steinberg HALionOne GM Set
Steinberg HALionOne Pro Set
Steinberg HALionOne Studio Drum Set
Steinberg HALionOne Studio Set
Steinberg REVerence Content 01
System Requirements Lab
System Requirements Lab for Intel
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
VersaPort USB ASIO driver
Waves Complete v8.0.11
WebFldrs XP
Winamp
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
XML Paper Specification Shared Components Pack 1.0
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
08/02/2012 00:47:29, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
07/02/2012 22:07:56, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IntelIde
07/02/2012 07:07:49, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2657424).
07/02/2012 07:02:39, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070570: Security Update for Windows XP (KB2603381).
06/02/2012 00:47:05, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
06/02/2012 00:46:57, error: Service Control Manager [7034] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s).
05/02/2012 00:13:04, error: Service Control Manager [7003] - The Kodak AiO Network Discovery Service service depends on the following nonexistent service: Bonjour Service
.
==== End Of File ===========================

I have noticed program ''LiquidInstrumentVst 1.5'' which I actually uninstalled a while ago but it seems its still on there. I tried reinstalling it and uninstalling again but it's still there! Hmmm.

I am a music producer and this is my personal PC. I'm not part of any organisation.

My PC is backed up daily.

I will follow you instructions to the word. I hope this is enough info! If you require more please let me know.

Again thanks so much for your help. I really appreciate it.

Best Wishes, Luke.

P.S Let me know if you need me to highlight the software which relates to my music production.

Hoov · « **Reply #3 on:** February 09, 2012, 09:16:45 AM »

The first DDS log seems to be missing the first part, could you post it again please. Other than that we should have enough information to start.

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
Extract its contents to your desktop.
Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

L-Tek · « **Reply #4 on:** February 09, 2012, 04:33:07 PM »

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 23/08/2005 12:52:14
System Uptime: 09/02/2012 07:36:26 (0 hours ago)
.
Motherboard: Dell Computer Corp. | | 0TC666
Processor: Intel(R) Celeron(R) CPU 3.06GHz | Microprocessor | 3059/533mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 146 GiB total, 78.214 GiB free.
D: is CDROM ()
E: is CDROM ()
G: is CDROM ()
H: is CDROM ()
I: is FIXED (FAT32) - 466 GiB total, 240.226 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel(R) PRO/100 VE Network Connection
Device ID: PCI\VEN_8086&DEV_1050&SUBSYS_019D1028&REV_02\4&1C660DD6&0&40F0
Manufacturer: Intel
Name: Intel(R) PRO/100 VE Network Connection
PNP Device ID: PCI\VEN_8086&DEV_1050&SUBSYS_019D1028&REV_02\4&1C660DD6&0&40F0
Service: E100B
.
Class GUID: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Description: SoundMAX Integrated Digital Audio
Device ID: PCI\VEN_8086&DEV_24D5&SUBSYS_019D1028&REV_02\3&172E68DD&0&FD
Manufacturer: Analog Devices, Inc.
Name: SoundMAX Integrated Digital Audio
PNP Device ID: PCI\VEN_8086&DEV_24D5&SUBSYS_019D1028&REV_02\3&172E68DD&0&FD
Service: smwdm
.
==== System Restore Points ===================
.
RP12: 26/12/2011 18:59:10 - System Checkpoint
RP13: 29/12/2011 19:38:08 - Installed STOIK Smart Resizer 3.
RP14: 07/01/2012 07:05:03 - Software Distribution Service 3.0
RP15: 08/01/2012 07:01:33 - Software Distribution Service 3.0
RP16: 08/01/2012 07:10:51 - Software Distribution Service 3.0
RP17: 09/01/2012 07:01:24 - Software Distribution Service 3.0
RP18: 11/01/2012 07:01:51 - Software Distribution Service 3.0
RP19: 12/01/2012 07:00:50 - Software Distribution Service 3.0
RP20: 13/01/2012 07:01:19 - Software Distribution Service 3.0
RP21: 14/01/2012 07:00:36 - Software Distribution Service 3.0
RP22: 14/01/2012 14:04:52 - Software Distribution Service 3.0
RP23: 15/01/2012 07:00:43 - Software Distribution Service 3.0
RP24: 16/01/2012 07:01:26 - Software Distribution Service 3.0
RP25: 17/01/2012 07:00:41 - Software Distribution Service 3.0
RP26: 18/01/2012 07:00:44 - Software Distribution Service 3.0
RP27: 19/01/2012 07:00:41 - Software Distribution Service 3.0
RP28: 20/01/2012 07:00:34 - Software Distribution Service 3.0
RP29: 21/01/2012 07:00:35 - Software Distribution Service 3.0
RP30: 21/01/2012 14:48:16 - Installed Java(TM) 6 Update 30
RP31: 21/01/2012 15:31:46 - Software Distribution Service 3.0
RP32: 23/01/2012 07:00:36 - Software Distribution Service 3.0
RP33: 24/01/2012 07:00:58 - Software Distribution Service 3.0
RP34: 25/01/2012 07:00:41 - Software Distribution Service 3.0
RP35: 26/01/2012 07:00:50 - Software Distribution Service 3.0
RP36: 27/01/2012 07:00:37 - Software Distribution Service 3.0
RP37: 28/01/2012 10:57:32 - Software Distribution Service 3.0
RP38: 29/01/2012 07:00:40 - Software Distribution Service 3.0
RP39: 30/01/2012 07:00:39 - Software Distribution Service 3.0
RP40: 31/01/2012 07:02:03 - Software Distribution Service 3.0
RP41: 01/02/2012 07:01:08 - Software Distribution Service 3.0
RP42: 02/02/2012 07:01:24 - Software Distribution Service 3.0
RP43: 03/02/2012 07:01:20 - Software Distribution Service 3.0
RP44: 04/02/2012 07:00:44 - Software Distribution Service 3.0
RP45: 05/02/2012 07:01:36 - Software Distribution Service 3.0
RP46: 06/02/2012 00:48:11 - Installed Microsoft Visual C++ 2005 Redistributable
RP47: 06/02/2012 07:02:20 - Software Distribution Service 3.0
RP48: 07/02/2012 07:02:22 - Software Distribution Service 3.0
RP49: 07/02/2012 13:19:41 - Installed Eraser 6.0.9.2343
RP50: 08/02/2012 00:33:23 - Removed Eraser 6.0.9.2343
RP51: 08/02/2012 01:25:10 - Installed HiJackThis
RP52: 08/02/2012 07:02:37 - Software Distribution Service 3.0
RP53: 09/02/2012 06:23:16 - Revo Uninstaller's restore point - Ohm Force - Mobilohm VST2
RP54: 09/02/2012 06:31:17 - Revo Uninstaller's restore point - BitLord 1.1
RP55: 09/02/2012 06:43:36 - Revo Uninstaller's restore point - Ohm Force - Ohmicide VST
RP56: 09/02/2012 06:52:20 - Revo Uninstaller's restore point - Ohm Force - Quad Frohmage VST2
RP57: 09/02/2012 07:01:43 - Revo Uninstaller's restore point - OhmForce Predatohm VST2
RP58: 09/02/2012 07:02:21 - Software Distribution Service 3.0
RP59: 09/02/2012 07:29:58 - Installed LiquidInstrument Standalone 1.5
RP60: 09/02/2012 07:32:48 - Removed LiquidInstrument Standalone 1.5
.
==== Installed Programs ======================
.
1600
1600_Help
1600Trb
7-Zip 9.20
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Reader 9.4.4
AiO_Scan
aiofw
aioprnt
aioscnnr
AiOSoftware
ARTEuro
Audacity 1.2.6
Beta Bugs Chorrosive VST
Beta Bugs FloFi VST
Beta Bugs SVF2 VST
Camel Audio Alchemy
center
Dell Driver Download Manager
Dell Driver Reset Tool
Dell Media Experience
Dell Media Experience Update
Dell Support 5.0.0 (630)
Dell System Restore
East West EWQLSO Gold Edition
Fax
FFmpeg 2009-01-08 for Audacity
Free Alarm Clock 2.3.3
G21922EN
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976002-v5)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB981793)
HP Product Assistant
HP PSC & OfficeJet 4.7
HP Software Update
Indeo® software
Intel(R) Extreme Graphics 2 Driver
Intel(R) PRO Network Adapters and Drivers
Intel(R) PROSet for Wired Connections
Interlok driver setup x32
Internet Explorer Default Page
Java Auto Updater
Java(TM) 6 Update 30
JourneySoftware
JourneySoftwarePromo
K-Lite Codec Pack 3.2.5 Standard
KODAK AiO Home Center
ksDIP
LADSPA_plugins-win-0.4.15
LAME v3.98.2 for Audacity
Learn2 Player (Uninstall Only)
Lennar Digital Sylenth VSTi v1.2.1
LightScribe System Software 1.12.33.2
LiquidInstrumentVst 1.5
Live 5.2.2
Malwarebytes Anti-Malware version 1.60.1.1000
Melodyne 3.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Professional
Microsoft SQL Server Database Publishing Wizard 1.2
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft Works 7.0
Microsoft WSE 3.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox 9.0.1 (x86 en-GB)
MSVCRT
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
MusicLab RealGuitar 2.0
My Way Search Assistant
Native Instruments - Rig Kontrol 3 Driver
Native Instruments Kontakt 5
Native Instruments Massive v1.0.1.008 VSTi DXi RTAS
Native.Instruments Battery v3.0.1.005 VSTi DXi RTAS
Nero 7 Ultra Edition
neroxml
OrangeVocoder VST 2.02
PreReq
ProductContext
PSP VintageWarmer 2.0.0
QuickTime
Ralink RT2870 Wireless LAN Card
Readme
Reason 4.0
Revo Uninstaller 1.93
Rob Papen Albino 3
RON Tool Offersfortoday
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB963027)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969897)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976325)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SHOUTcast Source DSP 1.9.0 (remove only)
Sonic DLA
Sonic Update Manager
Steinberg Cubase 5
Steinberg Drum Loop Expansion 01
Steinberg HALionOne
Steinberg HALionOne Additional Content Set 01
Steinberg HALionOne Expression Set
Steinberg HALionOne GM Drum Set
Steinberg HALionOne GM Set
Steinberg HALionOne Pro Set
Steinberg HALionOne Studio Drum Set
Steinberg HALionOne Studio Set
Steinberg REVerence Content 01
System Requirements Lab
System Requirements Lab for Intel
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
VersaPort USB ASIO driver
Waves Complete v8.0.11
WebFldrs XP
Winamp
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Messenger
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0
Windows XP Service Pack 3
XML Paper Specification Shared Components Pack 1.0
Yahoo! Detect
.
==== Event Viewer Messages From Past Week ========
.
08/02/2012 00:47:29, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.
07/02/2012 22:07:56, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: IntelIde
07/02/2012 07:07:49, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5 SP1 on Windows XP, Server 2003, Vista, Server 2008 x86 (KB2657424).
07/02/2012 07:02:39, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070570: Security Update for Windows XP (KB2603381).
06/02/2012 00:47:05, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
06/02/2012 00:46:57, error: Service Control Manager [7034] - The Windows Installer service terminated unexpectedly. It has done this 1 time(s).
05/02/2012 00:13:04, error: Service Control Manager [7003] - The Kodak AiO Network Discovery Service service depends on the following nonexistent service: Bonjour Service
.
==== End Of File ===========================

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_30
Run by lukey at 7:41:09 on 2012-02-09
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.133 [GMT 0:00]
.
FW: Norton Internet Worm Protection *Disabled*
FW: AVG Firewall *Disabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Ralink\Common\RalinkRegistryWriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ralink\Common\RaUI.exe
C:\WINDOWS\usb-audio.deAAVersaPort\CONTROLVERSAPORT.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.facebook.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.dell.co.uk/myway
uSearch Bar = hxxp://bfc.myway.com/search/de_srchlft.html?p=DK
uInternet Connection Wizard,ShellNext = hxxp://www.dell.co.uk/myway
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: H - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [AdobeBridge]
mRun: [SoundMAXPnP] c:\program files\analog devices\core\smax4pnp.exe
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\lukey\startm~1\programs\startup\versap~1.lnk - c:\windows\usb-audio.deaaversaport\CONTROLVERSAPORT.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ralink~1.lnk - c:\program files\ralink\common\RaUI.exe
IE: &Search
IE: {3B8FB116-D358-48A3-A5C7-DB84F15CBB04} - http://www.expresstoolie.com/redirect.php
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: hotmail.co.uk\.www
Trusted Zone: line6.net
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces\{E6B27906-451D-4F38-A7D4-5921DE6C1A5F} : DhcpNameServer = 192.168.2.1 192.168.2.1
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\lukey\application data\mozilla\firefox\profiles\1jonz51o.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4dd54479&v=7.004.022.004&i=26&tp=ab&iy=&ychte=uk&lng=en-GB&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 54889
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\lukey\application data\mozilla\firefox\profiles\1jonz51o.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\lukey\application data\mozilla\firefox\profiles\1jonz51o.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\lukey\application data\mozilla\firefox\profiles\1jonz51o.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-9-5 652360]
R2 RalinkRegistryWriter;Ralink Registry Writer;c:\program files\ralink\common\RalinkRegistryWriter.exe [2010-9-8 69632]
R3 AA_VERSAPORT;usb-audio.de driver for American Audio VersaPort;c:\windows\system32\drivers\aavportu.sys [2009-1-23 398912]
R3 AA_VERSAPORT_A_WDM;VersaPort WDM Audio;c:\windows\system32\drivers\aavporta.sys [2009-1-23 39488]
R3 L6DP;L6DP;c:\windows\system32\drivers\l6dp.sys [2006-9-29 29312]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-9-5 20464]
R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2010-9-8 619136]
S1 MpKsl24246200;MpKsl24246200;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c4ae175f-9d1c-45f0-ab43-760f4e229e6f}\mpksl24246200.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c4ae175f-9d1c-45f0-ab43-760f4e229e6f}\MpKsl24246200.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\kodak\aio\center\ekdiscovery.exe [2009-8-5 284016]
S3 cpudrv;cpudrv;\??\c:\program files\systemrequirementslab\cpudrv.sys --> c:\program files\systemrequirementslab\cpudrv.sys [?]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2011-5-19 102448]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [2010-10-5 36640]
S3 L6TPortB;Service - Line 6 TonePort UX2;c:\windows\system32\drivers\l6tportb.sys --> c:\windows\system32\drivers\L6TPortB.sys [?]
S3 PROCEXP150;PROCEXP150;\??\c:\windows\system32\drivers\procexp150.sys --> c:\windows\system32\drivers\PROCEXP150.SYS [?]
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);c:\windows\system32\drivers\sea1bus.sys [2008-4-15 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter;c:\windows\system32\drivers\sea1mdfl.sys [2008-4-15 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver;c:\windows\system32\drivers\sea1mdm.sys [2008-4-15 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea1mgmt.sys [2008-4-15 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS);c:\windows\system32\drivers\sea1nd5.sys [2008-4-15 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface;c:\windows\system32\drivers\sea1obex.sys [2008-4-15 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM);c:\windows\system32\drivers\sea1unic.sys [2008-4-15 90800]
S3 USBMIDI;UF USB MIDI Driver;c:\windows\system32\drivers\mdusb.sys --> c:\windows\system32\drivers\Mdusb.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2004-8-10 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-02-08 01:25:25   388096   ----a-r-   c:\documents and settings\lukey\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-02-08 01:25:18   --------   d-----w-   c:\program files\Trend Micro
2012-02-07 22:02:48   --------   d-----w-   c:\documents and settings\lukey\local settings\application data\Eraser 6
2012-02-07 12:44:14   --------   d-----w-   c:\program files\VS Revo Group
2012-02-07 12:25:07   --------   d-----w-   c:\documents and settings\lukey\local settings\application data\VS Revo Group
2012-02-06 00:51:25   --------   d-----w-   c:\documents and settings\lukey\application data\Waves Audio
2012-02-06 00:25:23   --------   d-----w-   c:\program files\Waves
2012-01-31 22:29:50   --------   d-----w-   c:\program files\NCH Software
2012-01-19 13:08:57   21976   ----a-w-   c:\program files\mozilla firefox\plc4.dll
2012-01-19 13:08:57   20440   ----a-w-   c:\program files\mozilla firefox\plds4.dll
2012-01-19 13:08:57   16856   ----a-w-   c:\program files\mozilla firefox\plugin-container.exe
2012-01-19 13:08:57   105432   ----a-w-   c:\program files\mozilla firefox\smime3.dll
2012-01-19 13:08:56   715216   ----a-w-   c:\program files\mozilla firefox\uninstall\helper.exe
2012-01-19 13:08:56   269272   ----a-w-   c:\program files\mozilla firefox\updater.exe
2012-01-19 13:08:56   170968   ----a-w-   c:\program files\mozilla firefox\softokn3.dll
2012-01-19 13:08:56   154584   ----a-w-   c:\program files\mozilla firefox\ssl3.dll
2012-01-19 13:08:55   19928   ----a-w-   c:\program files\mozilla firefox\xpcom.dll
2012-01-17 15:40:48   --------   d-----w-   c:\program files\Microsoft
.
==================== Find3M ====================
.
2011-12-16 01:36:55   414368   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 15:24:06   20464   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-11-15 14:29:56   222080   ------w-   c:\windows\system32\MpSigStub.exe
.
============= FINISH: 7:44:12.25 ===============

Hoov · « **Reply #5 on:** February 09, 2012, 04:35:39 PM »

Did you used to have Norton AntiVirus or other Norton product that had their AntiVirus product as part of it?

L-Tek · « **Reply #6 on:** February 09, 2012, 05:31:01 PM »

Hi Hoov, sorry for the delay on posting this one I had to wait because the previous message was too long. I believe at some stage I had tried a trial version of norton. This would have been quite some time ago though. Apart from malwarebytes & the kaspersky rescue disk I have no current protection.

22:16:06.0484 2356   TDSS rootkit removing tool 2.7.11.0 Feb 9 2012 10:12:57
22:16:07.0015 2356   ============================================================
22:16:07.0015 2356   Current date / time: 2012/02/09 22:16:07.0015
22:16:07.0015 2356   SystemInfo:
22:16:07.0015 2356
22:16:07.0015 2356   OS Version: 5.1.2600 ServicePack: 3.0
22:16:07.0015 2356   Product type: Workstation
22:16:07.0015 2356   ComputerName: D9MDJS1J
22:16:07.0015 2356   UserName: lukey
22:16:07.0015 2356   Windows directory: C:\WINDOWS
22:16:07.0015 2356   System windows directory: C:\WINDOWS
22:16:07.0015 2356   Processor architecture: Intel x86
22:16:07.0015 2356   Number of processors: 1
22:16:07.0015 2356   Page size: 0x1000
22:16:07.0015 2356   Boot type: Normal boot
22:16:07.0015 2356   ============================================================
22:16:10.0156 2356   Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:16:10.0203 2356   Drive \Device\Harddisk1\DR4 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:16:10.0250 2356   \Device\Harddisk0\DR0:
22:16:10.0265 2356   MBR used
22:16:10.0265 2356   \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x12403974
22:16:10.0265 2356   \Device\Harddisk1\DR4:
22:16:10.0265 2356   MBR used
22:16:10.0265 2356   \Device\Harddisk1\DR4\Partition0: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x3A384C02
22:16:10.0421 2356   Initialize success
22:16:10.0421 2356   ============================================================
22:17:11.0562 2212   ============================================================
22:17:11.0562 2212   Scan started
22:17:11.0562 2212   Mode: Manual;
22:17:11.0562 2212   ============================================================
22:17:12.0171 2212   AA_VERSAPORT (e85690570241d6bef2a7a8deb84f85f1) C:\WINDOWS\system32\Drivers\aavportu.sys
22:17:12.0218 2212   AA_VERSAPORT - ok
22:17:12.0500 2212   AA_VERSAPORT_A_WDM (8f901eb57768a7f85f215610d350fa76) C:\WINDOWS\system32\drivers\aavporta.sys
22:17:12.0515 2212   AA_VERSAPORT_A_WDM - ok
22:17:12.0765 2212   Abiosdsk - ok
22:17:13.0078 2212   abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:17:13.0078 2212   abp480n5 - ok
22:17:13.0390 2212   ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:17:13.0390 2212   ACPI - ok
22:17:13.0687 2212   ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
22:17:13.0687 2212   ACPIEC - ok
22:17:14.0000 2212   adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:17:14.0015 2212   adpu160m - ok
22:17:14.0312 2212   aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
22:17:14.0312 2212   aec - ok
22:17:14.0609 2212   AegisP (023867b6606fbabcdd52e089c4a507da) C:\WINDOWS\system32\DRIVERS\AegisP.sys
22:17:14.0656 2212   AegisP - ok
22:17:14.0953 2212   AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
22:17:14.0953 2212   AFD - ok
22:17:15.0234 2212   agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys
22:17:15.0250 2212   agp440 - ok
22:17:15.0562 2212   agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:17:15.0578 2212   agpCPQ - ok
22:17:15.0875 2212   Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:17:15.0890 2212   Aha154x - ok
22:17:16.0171 2212   aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:17:16.0171 2212   aic78u2 - ok
22:17:16.0437 2212   aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:17:16.0453 2212   aic78xx - ok
22:17:16.0765 2212   AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys
22:17:16.0765 2212   AliIde - ok
22:17:17.0046 2212   alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:17:17.0046 2212   alim1541 - ok
22:17:17.0359 2212   amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:17:17.0359 2212   amdagp - ok
22:17:17.0609 2212   amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys
22:17:17.0609 2212   amsint - ok
22:17:17.0890 2212   asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys
22:17:17.0890 2212   asc - ok
22:17:18.0171 2212   asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:17:18.0171 2212   asc3350p - ok
22:17:18.0453 2212   asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:17:18.0453 2212   asc3550 - ok
22:17:18.0796 2212   AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:17:18.0796 2212   AsyncMac - ok
22:17:19.0093 2212   atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
22:17:19.0125 2212   atapi - ok
22:17:19.0437 2212   Atdisk - ok
22:17:19.0718 2212   Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:17:19.0718 2212   Atmarpc - ok
22:17:20.0015 2212   audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
22:17:20.0031 2212   audstub - ok
22:17:20.0375 2212   Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
22:17:20.0375 2212   Beep - ok
22:17:20.0671 2212   BLKWGU(Belkin) - ok
22:17:20.0968 2212   cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:17:20.0984 2212   cbidf - ok
22:17:21.0250 2212   cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
22:17:21.0250 2212   cbidf2k - ok
22:17:21.0531 2212   CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
22:17:21.0531 2212   CCDECODE - ok
22:17:21.0812 2212   cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:17:21.0812 2212   cd20xrnt - ok
22:17:22.0109 2212   Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
22:17:22.0125 2212   Cdaudio - ok
22:17:22.0421 2212   Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
22:17:22.0421 2212   Cdfs - ok
22:17:22.0718 2212   Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:17:22.0718 2212   Cdrom - ok
22:17:23.0015 2212   Changer - ok
22:17:23.0359 2212   CmdIde (e5dcb56c533014ecbc556a8357c929d5) C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:17:23.0359 2212   CmdIde - ok
22:17:23.0687 2212   Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:17:23.0687 2212   Cpqarray - ok
22:17:23.0765 2212   cpudrv - ok
22:17:24.0109 2212   dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:17:24.0125 2212   dac2w2k - ok
22:17:24.0421 2212   dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:17:24.0421 2212   dac960nt - ok
22:17:24.0703 2212   dgderdrv - ok
22:17:25.0015 2212   Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
22:17:25.0062 2212   Disk - ok
22:17:25.0390 2212   dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
22:17:25.0437 2212   dmboot - ok
22:17:25.0734 2212   dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
22:17:25.0734 2212   dmio - ok
22:17:26.0000 2212   dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
22:17:26.0000 2212   dmload - ok
22:17:26.0343 2212   DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
22:17:26.0359 2212   DMusic - ok
22:17:26.0671 2212   dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:17:26.0671 2212   dpti2o - ok
22:17:26.0968 2212   drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
22:17:26.0968 2212   drmkaud - ok
22:17:27.0281 2212   drvmcdb (e814854e6b246ccf498874839ab64d77) C:\WINDOWS\system32\drivers\drvmcdb.sys
22:17:27.0296 2212   drvmcdb - ok
22:17:27.0593 2212   drvnddm (ee83a4ebae70bc93cf14879d062f548b) C:\WINDOWS\system32\drivers\drvnddm.sys
22:17:27.0609 2212   drvnddm - ok
22:17:27.0890 2212   E100B (7d91dc6342248369f94d6eba0cf42e99) C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:17:27.0890 2212   E100B - ok
22:17:28.0125 2212   eeCtrl (089296aedb9b72b4916ac959752bdc89) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:17:28.0187 2212   eeCtrl - ok
22:17:28.0390 2212   EraserUtilRebootDrv (850259334652d392e33ee3412562e583) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
22:17:28.0437 2212   EraserUtilRebootDrv - ok
22:17:28.0796 2212   Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
22:17:28.0812 2212   Fastfat - ok
22:17:29.0125 2212   Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
22:17:29.0140 2212   Fdc - ok
22:17:29.0468 2212   Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
22:17:29.0500 2212   Fips - ok
22:17:29.0796 2212   Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:17:29.0796 2212   Flpydisk - ok
22:17:30.0093 2212   FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
22:17:30.0093 2212   FltMgr - ok
22:17:30.0375 2212   FsUsbExDisk (b07663a810e861eebfd0eac7e82ca62d) C:\WINDOWS\system32\FsUsbExDisk.SYS
22:17:30.0406 2212   FsUsbExDisk - ok
22:17:30.0734 2212   Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:17:30.0734 2212   Fs_Rec - ok
22:17:31.0015 2212   Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:17:31.0062 2212   Ftdisk - ok
22:17:31.0375 2212   GEARAspiWDM (f2f431d1573ee632975c524418655b84) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:17:31.0375 2212   GEARAspiWDM - ok
22:17:31.0687 2212   Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:17:31.0687 2212   Gpc - ok
22:17:32.0000 2212   HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:17:32.0000 2212   HidUsb - ok
22:17:32.0406 2212   hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys
22:17:32.0406 2212   hpn - ok
22:17:32.0671 2212   HPZid412 (9f1d80908658eb7f1bf70809e0b51470) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:17:32.0687 2212   HPZid412 - ok
22:17:32.0968 2212   HPZipr12 (f7e3e9d50f9cd3de28085a8fdaa0a1c3) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:17:32.0968 2212   HPZipr12 - ok
22:17:33.0281 2212   HPZius12 (cf1b7951b4ec8d13f3c93b74bb2b461b) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:17:33.0281 2212   HPZius12 - ok
22:17:33.0625 2212   HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
22:17:33.0640 2212   HTTP - ok
22:17:33.0937 2212   i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys
22:17:33.0953 2212   i2omgmt - ok
22:17:34.0281 2212   i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:17:34.0281 2212   i2omp - ok
22:17:34.0593 2212   i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:17:34.0593 2212   i8042prt - ok
22:17:34.0953 2212   ialm (9a883c3c4d91292c0d09de7c728e781c) C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
22:17:35.0046 2212   ialm - ok
22:17:35.0390 2212   Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
22:17:35.0390 2212   Imapi - ok
22:17:35.0703 2212   ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:17:35.0718 2212   ini910u - ok
22:17:36.0046 2212   IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
22:17:36.0078 2212   IntelIde - ok
22:17:36.0390 2212   intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:17:36.0390 2212   intelppm - ok
22:17:36.0687 2212   Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
22:17:36.0687 2212   Ip6Fw - ok
22:17:36.0953 2212   IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:17:36.0984 2212   IpFilterDriver - ok
22:17:37.0265 2212   IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:17:37.0265 2212   IpInIp - ok
22:17:37.0593 2212   IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:17:37.0593 2212   IpNat - ok
22:17:37.0906 2212   IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:17:37.0906 2212   IPSec - ok
22:17:38.0203 2212   IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
22:17:38.0203 2212   IRENUM - ok
22:17:38.0531 2212   isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:17:38.0531 2212   isapnp - ok
22:17:38.0859 2212   Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:17:38.0859 2212   Kbdclass - ok
22:17:39.0171 2212   kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:17:39.0171 2212   kbdhid - ok
22:17:39.0500 2212   kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
22:17:39.0500 2212   kmixer - ok
22:17:39.0812 2212   KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
22:17:39.0812 2212   KSecDD - ok
22:17:40.0125 2212   L6DP (6359428617222f5f5fc947cb3e4cd3b1) C:\WINDOWS\system32\Drivers\l6dp.sys
22:17:40.0125 2212   L6DP - ok
22:17:40.0437 2212   L6TPortB - ok
22:17:40.0718 2212   lbrtfdc - ok
22:17:41.0062 2212   MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys
22:17:41.0078 2212   MBAMProtector - ok
22:17:41.0390 2212   mcdbus - ok
22:17:41.0703 2212   mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
22:17:41.0703 2212   mnmdd - ok
22:17:41.0984 2212   Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
22:17:41.0984 2212   Modem - ok
22:17:42.0281 2212   Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:17:42.0281 2212   Mouclass - ok
22:17:42.0593 2212   mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:17:42.0625 2212   mouhid - ok
22:17:42.0953 2212   MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
22:17:42.0968 2212   MountMgr - ok
22:17:43.0109 2212   MpKsl24246200 - ok
22:17:43.0406 2212   mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:17:43.0406 2212   mraid35x - ok
22:17:43.0703 2212   MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:17:43.0703 2212   MRxDAV - ok
22:17:44.0031 2212   MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:17:44.0078 2212   MRxSmb - ok
22:17:44.0406 2212   Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
22:17:44.0406 2212   Msfs - ok
22:17:44.0703 2212   MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:17:44.0703 2212   MSKSSRV - ok
22:17:45.0015 2212   MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:17:45.0015 2212   MSPCLOCK - ok
22:17:45.0328 2212   MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
22:17:45.0328 2212   MSPQM - ok
22:17:45.0656 2212   mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:17:45.0656 2212   mssmbios - ok
22:17:45.0953 2212   MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
22:17:45.0953 2212   MSTEE - ok
22:17:46.0265 2212   Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
22:17:46.0265 2212   Mup - ok
22:17:46.0562 2212   NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
22:17:46.0578 2212   NABTSFEC - ok
22:17:46.0937 2212   NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
22:17:46.0937 2212   NDIS - ok
22:17:47.0234 2212   NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
22:17:47.0234 2212   NdisIP - ok
22:17:47.0515 2212   NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:17:47.0531 2212   NdisTapi - ok
22:17:47.0796 2212   Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:17:47.0812 2212   Ndisuio - ok
22:17:48.0125 2212   NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:17:48.0156 2212   NdisWan - ok
22:17:48.0484 2212   NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
22:17:48.0484 2212   NDProxy - ok
22:17:48.0781 2212   NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
22:17:48.0781 2212   NetBIOS - ok
22:17:49.0093 2212   NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
22:17:49.0125 2212   NetBT - ok
22:17:49.0546 2212   Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
22:17:49.0546 2212   Npfs - ok
22:17:49.0859 2212   Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
22:17:49.0921 2212   Ntfs - ok
22:17:50.0234 2212   Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
22:17:50.0250 2212   Null - ok
22:17:50.0609 2212   nv (2b298519edbfcf451d43e0f1e8f1006d) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:17:50.0687 2212   nv - ok
22:17:50.0953 2212   NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:17:50.0968 2212   NwlnkFlt - ok
22:17:51.0281 2212   NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:17:51.0281 2212   NwlnkFwd - ok
22:17:51.0562 2212   Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
22:17:51.0578 2212   Parport - ok
22:17:51.0875 2212   PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
22:17:51.0875 2212   PartMgr - ok
22:17:52.0156 2212   ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
22:17:52.0156 2212   ParVdm - ok
22:17:52.0437 2212   PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
22:17:52.0437 2212   PCI - ok
22:17:52.0718 2212   PCIDump - ok
22:17:53.0031 2212   PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
22:17:53.0046 2212   PCIIde - ok
22:17:53.0343 2212   Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
22:17:53.0343 2212   Pcmcia - ok
22:17:53.0625 2212   PDCOMP - ok
22:17:53.0875 2212   PDFRAME - ok
22:17:54.0140 2212   PDRELI - ok
22:17:54.0390 2212   PDRFRAME - ok
22:17:54.0671 2212   perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys
22:17:54.0671 2212   perc2 - ok
22:17:54.0937 2212   perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:17:54.0937 2212   perc2hib - ok
22:17:55.0296 2212   PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:17:55.0296 2212   PptpMiniport - ok
22:17:55.0593 2212   PROCEXP150 - ok
22:17:55.0906 2212   PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
22:17:55.0921 2212   PSched - ok
22:17:56.0250 2212   Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:17:56.0250 2212   Ptilink - ok
22:17:56.0546 2212   PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:17:56.0562 2212   PxHelp20 - ok
22:17:56.0859 2212   ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:17:56.0859 2212   ql1080 - ok
22:17:57.0171 2212   Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:17:57.0187 2212   Ql10wnt - ok
22:17:57.0453 2212   ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:17:57.0468 2212   ql12160 - ok
22:17:57.0734 2212   ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:17:57.0734 2212   ql1240 - ok
22:17:58.0000 2212   ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:17:58.0015 2212   ql1280 - ok
22:17:58.0312 2212   RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:17:58.0312 2212   RasAcd - ok
22:17:58.0640 2212   Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:17:58.0640 2212   Rasl2tp - ok
22:17:58.0953 2212   RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:17:58.0953 2212   RasPppoe - ok
22:17:59.0265 2212   Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
22:17:59.0265 2212   Raspti - ok
22:17:59.0562 2212   Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:17:59.0593 2212   Rdbss - ok
22:17:59.0890 2212   RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:17:59.0890 2212   RDPCDD - ok
22:18:00.0203 2212   rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:18:00.0203 2212   rdpdr - ok
22:18:00.0500 2212   RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
22:18:00.0531 2212   RDPWD - ok
22:18:00.0843 2212   redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
22:18:00.0875 2212   redbook - ok
22:18:01.0234 2212   rt2870 (5532f69d0a845ffe9d70b9e0392fe50a) C:\WINDOWS\system32\DRIVERS\rt2870.sys
22:18:01.0312 2212   rt2870 - ok
22:18:01.0718 2212   sea1bus (d2654321192037bae90204e2fa6697ce) C:\WINDOWS\system32\DRIVERS\sea1bus.sys
22:18:01.0718 2212   sea1bus - ok
22:18:02.0000 2212   sea1mdfl (8146d9ec5142bd364956d3807f09ca9a) C:\WINDOWS\system32\DRIVERS\sea1mdfl.sys
22:18:02.0015 2212   sea1mdfl - ok
22:18:02.0328 2212   sea1mdm (afe065da777dc4408c64df5c87472bb9) C:\WINDOWS\system32\DRIVERS\sea1mdm.sys
22:18:02.0328 2212   sea1mdm - ok
22:18:02.0609 2212   sea1mgmt (a0bbd60222ad053d52f3a5c4f79904c7) C:\WINDOWS\system32\DRIVERS\sea1mgmt.sys
22:18:02.0625 2212   sea1mgmt - ok
22:18:02.0890 2212   sea1nd5 (6549babfc3362f1621a8c0eff288fb14) C:\WINDOWS\system32\DRIVERS\sea1nd5.sys
22:18:02.0890 2212   sea1nd5 - ok
22:18:03.0234 2212   sea1obex (957510ab44e84497733f53322351f6e8) C:\WINDOWS\system32\DRIVERS\sea1obex.sys
22:18:03.0234 2212   sea1obex - ok
22:18:03.0546 2212   sea1unic (c1517e6a7ce1191ab076472bdf1b0e6e) C:\WINDOWS\system32\DRIVERS\sea1unic.sys
22:18:03.0546 2212   sea1unic - ok
22:18:03.0812 2212   Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:18:03.0828 2212   Secdrv - ok
22:18:04.0156 2212   senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
22:18:04.0250 2212   senfilt - ok
22:18:04.0562 2212   serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
22:18:04.0562 2212   serenum - ok
22:18:04.0875 2212   Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
22:18:04.0875 2212   Serial - ok
22:18:05.0265 2212   Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
22:18:05.0265 2212   Sfloppy - ok
22:18:05.0562 2212   Simbad - ok
22:18:05.0875 2212   sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:18:05.0890 2212   sisagp - ok
22:18:06.0171 2212   SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
22:18:06.0187 2212   SLIP - ok
22:18:06.0531 2212   smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
22:18:06.0562 2212   smwdm - ok
22:18:06.0875 2212   Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:18:06.0890 2212   Sparrow - ok
22:18:07.0187 2212   splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
22:18:07.0187 2212   splitter - ok
22:18:07.0531 2212   sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
22:18:07.0531 2212   Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
22:18:07.0531 2212   sptd ( LockedFile.Multi.Generic ) - warning
22:18:07.0531 2212   sptd - detected LockedFile.Multi.Generic (1)
22:18:07.0828 2212   sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
22:18:07.0828 2212   sr - ok
22:18:08.0140 2212   Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
22:18:08.0203 2212   Srv - ok
22:18:08.0500 2212   sscdbhk5 (d7968049be0adbb6a57cee3960320911) C:\WINDOWS\system32\drivers\sscdbhk5.sys
22:18:08.0531 2212   sscdbhk5 - ok
22:18:08.0828 2212   ssrtln (c3ffd65abfb6441e7606cf74f1155273) C:\WINDOWS\system32\drivers\ssrtln.sys
22:18:08.0843 2212   ssrtln - ok
22:18:09.0140 2212   streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
22:18:09.0156 2212   streamip - ok
22:18:09.0453 2212   swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
22:18:09.0453 2212   swenum - ok
22:18:09.0781 2212   swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
22:18:09.0796 2212   swmidi - ok
22:18:10.0125 2212   symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys
22:18:10.0125 2212   symc810 - ok
22:18:10.0421 2212   symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:18:10.0453 2212   symc8xx - ok
22:18:10.0765 2212   sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:18:10.0765 2212   sym_hi - ok
22:18:11.0046 2212   sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:18:11.0046 2212   sym_u3 - ok
22:18:11.0312 2212   sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
22:18:11.0328 2212   sysaudio - ok
22:18:11.0671 2212   Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:18:11.0718 2212   Tcpip - ok
22:18:12.0015 2212   TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
22:18:12.0015 2212   TDPIPE - ok
22:18:12.0281 2212   TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
22:18:12.0281 2212   TDTCP - ok
22:18:12.0578 2212   TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
22:18:12.0609 2212   TermDD - ok
22:18:12.0921 2212   tfsnboio (30698355067d07da5f9eb81132c9fdd6) C:\WINDOWS\system32\dla\tfsnboio.sys
22:18:12.0937 2212   tfsnboio - ok
22:18:13.0250 2212   tfsncofs (fb9d825bb4a2abdf24600f7505050e2b) C:\WINDOWS\system32\dla\tfsncofs.sys
22:18:13.0250 2212   tfsncofs - ok
22:18:13.0546 2212   tfsndrct (cafd8cca11aa1e8b6d2ea1ba8f70ec33) C:\WINDOWS\system32\dla\tfsndrct.sys
22:18:13.0546 2212   tfsndrct - ok
22:18:13.0859 2212   tfsndres (8db1e78fbf7c426d8ec3d8f1a33d6485) C:\WINDOWS\system32\dla\tfsndres.sys
22:18:13.0859 2212   tfsndres - ok
22:18:14.0171 2212   tfsnifs (b92f67a71cc8176f331b8aa8d9f555ad) C:\WINDOWS\system32\dla\tfsnifs.sys
22:18:14.0171 2212   tfsnifs - ok
22:18:14.0484 2212   tfsnopio (85985faa9a71e2358fcc2edefc2a3c5c) C:\WINDOWS\system32\dla\tfsnopio.sys
22:18:14.0484 2212   tfsnopio - ok
22:18:14.0765 2212   tfsnpool (bba22094f0f7c210567efdaf11f64495) C:\WINDOWS\system32\dla\tfsnpool.sys
22:18:14.0781 2212   tfsnpool - ok
22:18:15.0078 2212   tfsnudf (81340bef80b9811e98ce64611e67e3ff) C:\WINDOWS\system32\dla\tfsnudf.sys
22:18:15.0078 2212   tfsnudf - ok
22:18:15.0390 2212   tfsnudfa (c035fd116224ccc8325f384776b6a8bb) C:\WINDOWS\system32\dla\tfsnudfa.sys
22:18:15.0406 2212   tfsnudfa - ok
22:18:15.0687 2212   TosIde (f2790f6af01321b172aa62f8e1e187d9) C:\WINDOWS\system32\DRIVERS\toside.sys
22:18:15.0687 2212   TosIde - ok
22:18:16.0000 2212   TPkd (5815ae5ef8519066f19e575d67f6f191) C:\WINDOWS\system32\drivers\TPkd.sys
22:18:16.0015 2212   TPkd - ok
22:18:16.0328 2212   Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
22:18:16.0328 2212   Udfs - ok
22:18:16.0671 2212   ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys
22:18:16.0671 2212   ultra - ok
22:18:17.0000 2212   Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
22:18:17.0031 2212   Update - ok
22:18:17.0343 2212   USBAAPL - ok
22:18:17.0640 2212   usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
22:18:17.0671 2212   usbaudio - ok
22:18:17.0984 2212   usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:18:17.0984 2212   usbccgp - ok
22:18:18.0296 2212   usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:18:18.0296 2212   usbehci - ok
22:18:18.0609 2212   usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:18:18.0640 2212   usbhub - ok
22:18:18.0921 2212   USBMIDI - ok
22:18:19.0203 2212   usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:18:19.0203 2212   usbprint - ok
22:18:19.0500 2212   usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:18:19.0515 2212   usbscan - ok
22:18:19.0875 2212   USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:18:19.0875 2212   USBSTOR - ok
22:18:20.0187 2212   usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:18:20.0187 2212   usbuhci - ok
22:18:20.0500 2212   usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
22:18:20.0500 2212   usbvideo - ok
22:18:20.0765 2212   usb_rndisx (b6cc50279d6cd28e090a5d33244adc9a) C:\WINDOWS\system32\DRIVERS\usb8023x.sys
22:18:20.0765 2212   usb_rndisx - ok
22:18:21.0078 2212   VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
22:18:21.0078 2212   VgaSave - ok
22:18:21.0375 2212   viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:18:21.0375 2212   viaagp - ok
22:18:21.0656 2212   ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
22:18:21.0656 2212   ViaIde - ok
22:18:21.0937 2212   VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
22:18:21.0937 2212   VolSnap - ok
22:18:22.0281 2212   Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:18:22.0281 2212   Wanarp - ok
22:18:22.0578 2212   wanatw - ok
22:18:22.0843 2212   WDICA - ok
22:18:23.0125 2212   wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
22:18:23.0156 2212   wdmaud - ok
22:18:23.0593 2212   WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:18:23.0609 2212   WpdUsb - ok
22:18:23.0968 2212   WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
22:18:23.0968 2212   WSTCODEC - ok
22:18:24.0296 2212   WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:18:24.0296 2212   WudfPf - ok
22:18:24.0593 2212   WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:18:24.0593 2212   WudfRd - ok
22:18:24.0890 2212   ZDPSp50 - ok
22:18:24.0968 2212   MBR (0x1B8) (b16a2359f4962b0c622d81a1c1f4b703) \Device\Harddisk0\DR0
22:18:25.0000 2212   \Device\Harddisk0\DR0 - ok
22:18:25.0046 2212   MBR (0x1B8) (5fb38429d5d77768867c76dcbdb35194) \Device\Harddisk1\DR4
22:18:25.0046 2212   \Device\Harddisk1\DR4 - ok
22:18:25.0062 2212   Boot (0x1200) (ada3b733fea2ed1adcaba540c8a10b38) \Device\Harddisk0\DR0\Partition0
22:18:25.0078 2212   \Device\Harddisk0\DR0\Partition0 - ok
22:18:25.0093 2212   Boot (0x1200) (f9dce506273e5f199e4f18970d80a9fc) \Device\Harddisk1\DR4\Partition0
22:18:25.0093 2212   \Device\Harddisk1\DR4\Partition0 - ok
22:18:25.0093 2212   ============================================================
22:18:25.0093 2212   Scan finished
22:18:25.0093 2212   ============================================================
22:18:25.0125 3284   Detected object count: 1
22:18:25.0125 3284   Actual detected object count: 1
22:23:13.0390 3284   sptd ( LockedFile.Multi.Generic ) - skipped by user
22:23:13.0390 3284   sptd ( LockedFile.Multi.Generic ) - User select action: Skip
22:28:34.0171 1808   Deinitialize success

Hoov · « **Reply #7 on:** February 09, 2012, 10:36:44 PM »

No worries about the posting, but I am surprised TDSSKiller did not find anything.

Please run Norton Removal tool and get rid of it. The program you pick doesn't matter because the tool remains the same, just the instructions to save your license.

* Anyone other than the originator of this thread, you would be best advised to not run combofix without guidance from someone trained in its use. It is a very powerful tool that can cause damage to your computer if used wrong.

Run comboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Also make sure you close all your browsers just before the instructions tell you to start the scanner.

Please include the C:\ComboFix.txt in your next reply for further review.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall

L-Tek · « **Reply #8 on:** February 10, 2012, 02:27:36 AM »

Hi Hoov,

Right where to begin. I followed your instructions and completed the uninstall of norton (i wasn't even aware it was still on there!).

I opted to restart the computer even thought it didn't ask me to do it. Upon restart my computer came up with a light blue screen (This was the most info from the screen I could write down as it was going through the process quite fast):

CHKDSK Verifying files deleted
Corrupt attribute list entry with type code 128 in file 100167
Corrupt attribute list entry with type code 128 in file 100177
Corrupt attribute list entry with type code 128 in file 100184
Deleting orphan file record segment 100177
Deleting orphan file record segment 100184
Correcting error in index $i30 for file 58551
CHKDSK is verifying security descriptors
Went on to loads of messages saying 'recovering orhpaned file'
Went on to loads of messages saying 'inserting data attribute'
CHKDSK is verifying USN journal
CHKDSK is verifying file data
CHKDSK is verifying freespace
AND THEN it loaded fine.

Right so here is the log from combofix (I've listed a few notes underneath the log):

ComboFix 12-02-09.04 - lukey 10/02/2012 7:45.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.510.291 [GMT 0:00]
Running from: c:\documents and settings\lukey\My Documents\Downloads\ComboFix.exe
FW: AVG Firewall *Disabled* {8decf618-9569-4340-b34a-d78d28969b66}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Application Data\TEMP\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}\PostBuild.exe
c:\documents and settings\All Users\Application Data\TEMP\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\PostBuild.exe
c:\documents and settings\lukey\Application Data\Local
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\0.ddi
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\1.ddi
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\127aa42fa05db8c.avi.ddr
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\2.ddi
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\3.ddi
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\4.ddi
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\5.ddi
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\6.ddi
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\7.ddi
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\8.ddi
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\9.ddi
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\j8g9gcpsura6t.avi.ddr
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\rcistlf814iyz.avi(2).ddr
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\rcistlf814iyz.avi(3).ddr
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\rcistlf814iyz.avi.ddr
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\settings.ddi
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\video.avi.ddp
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\Temporary Downloaded Files\zyuqzlijibjs.avi
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\video.avi(2).ddr
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\video.avi(3).ddr
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\video.avi(4).ddr
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\video.avi.ddr
c:\documents and settings\lukey\Application Data\Local\Temp\DDM\Settings\zyuqzlijibjs.avi.ddr
c:\documents and settings\lukey\System
c:\documents and settings\lukey\System\win_qs8.jqx
c:\documents and settings\lukey\WINDOWS
c:\windows\system32\system32
c:\windows\system32\system32\cis-2.4.dll
c:\windows\system32\system32\issacapi_bs-2.3.dll
c:\windows\system32\system32\issacapi_pe-2.3.dll
c:\windows\system32\system32\issacapi_se-2.3.dll
c:\windows\system32\system32\MACXMLProto.dll
c:\windows\system32\system32\MaDRM.dll
c:\windows\system32\system32\MaJGUILib.dll
c:\windows\system32\system32\MaJUtilLib.dll
c:\windows\system32\system32\MAMACExtract.dll
c:\windows\system32\system32\MASetupCaller.dll
c:\windows\system32\system32\MASetupCleaner.exe
c:\windows\system32\system32\MaXMLProto.dll
c:\windows\system32\system32\MetaStore2.dll
c:\windows\system32\system32\Microsoft.Synchronization.dll
c:\windows\system32\system32\MK_Lyric.dll
c:\windows\system32\system32\MSCLib.dll
c:\windows\system32\system32\MSFLib.dll
c:\windows\system32\system32\MSLUR71.dll
c:\windows\system32\system32\msvcp60.dll
c:\windows\system32\system32\MTTELECHIP.dll
c:\windows\system32\system32\MTXSYNCICON.dll
c:\windows\system32\system32\muzaf1.dll
c:\windows\system32\system32\muzapp.dll
c:\windows\system32\system32\muzapp.exe
c:\windows\system32\system32\muzdecode.ax
c:\windows\system32\system32\muzeffect.ax
c:\windows\system32\system32\muzmp4sp.ax
c:\windows\system32\system32\muzmpgsp.ax
c:\windows\system32\system32\muzoggsp.ax
c:\windows\system32\system32\muzwmts.dll
c:\windows\system32\system32\psapi.dll
c:\windows\system32\system32\Synchronization2.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-01-10 to 2012-02-10 )))))))))))))))))))))))))))))))
.
.
2012-02-10 07:29 . 2012-02-10 07:29   --------   d-----w-   c:\windows\LastGood
2012-02-08 01:25 . 2012-02-08 01:25   388096   ----a-r-   c:\documents and settings\lukey\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-02-08 01:25 . 2012-02-08 01:25   --------   d-----w-   c:\program files\Trend Micro
2012-02-07 22:02 . 2012-02-08 03:50   --------   d-----w-   c:\documents and settings\lukey\Local Settings\Application Data\Eraser 6
2012-02-07 12:44 . 2012-02-07 12:44   --------   d-----w-   c:\program files\VS Revo Group
2012-02-07 12:25 . 2012-02-07 12:25   --------   d-----w-   c:\documents and settings\lukey\Local Settings\Application Data\VS Revo Group
2012-02-06 00:51 . 2012-02-06 01:06   --------   d-----w-   c:\documents and settings\lukey\Application Data\Waves Audio
2012-02-06 00:25 . 2012-02-06 00:50   --------   d-----w-   c:\program files\Waves
2012-02-01 20:06 . 2012-02-01 20:06   --------   d-----w-   c:\documents and settings\All Users\Application Data\NCH Swift Sound
2012-01-31 22:29 . 2012-01-31 22:29   --------   d-----w-   c:\program files\NCH Software
2012-01-31 22:29 . 2012-01-31 22:29   --------   d-----w-   c:\documents and settings\lukey\Application Data\NCH Swift Sound
2012-01-21 14:50 . 2012-01-21 14:50   --------   d-----w-   c:\program files\Common Files\Java
2012-01-19 13:08 . 2012-01-19 13:08   21976   ----a-w-   c:\program files\Mozilla Firefox\plc4.dll
2012-01-19 13:08 . 2012-01-19 13:08   20440   ----a-w-   c:\program files\Mozilla Firefox\plds4.dll
2012-01-19 13:08 . 2012-01-19 13:08   16856   ----a-w-   c:\program files\Mozilla Firefox\plugin-container.exe
2012-01-19 13:08 . 2012-01-19 13:08   105432   ----a-w-   c:\program files\Mozilla Firefox\smime3.dll
2012-01-19 13:08 . 2012-01-19 13:08   170968   ----a-w-   c:\program files\Mozilla Firefox\softokn3.dll
2012-01-19 13:08 . 2012-01-19 13:08   715216   ----a-w-   c:\program files\Mozilla Firefox\uninstall\helper.exe
2012-01-19 13:08 . 2012-01-19 13:08   269272   ----a-w-   c:\program files\Mozilla Firefox\updater.exe
2012-01-19 13:08 . 2012-01-19 13:08   154584   ----a-w-   c:\program files\Mozilla Firefox\ssl3.dll
2012-01-19 13:08 . 2012-01-19 13:08   19928   ----a-w-   c:\program files\Mozilla Firefox\xpcom.dll
2012-01-17 15:40 . 2012-01-17 15:40   --------   d-----w-   c:\program files\Microsoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-16 01:36 . 2011-09-21 18:04   414368   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-10 15:24 . 2011-09-05 03:04   20464   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-11-15 14:29 . 2011-04-04 17:05   222080   ------w-   c:\windows\system32\MpSigStub.exe
2012-01-19 13:09 . 2012-01-19 13:09   121816   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
c:\documents and settings\lukey\Start Menu\Programs\Startup\
VersaPort Control Panel.lnk - c:\windows\usb-audio.deAAVersaPort\CONTROLVERSAPORT.EXE [2011-12-4 638976]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Ralink Wireless Utility.lnk - c:\program files\Ralink\Common\RaUI.exe [2010-9-8 1585152]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44   35760   ----a-w-   c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-27 18:03   152872   ----a-w-   c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2009-10-30 11:57   369200   ----a-w-   c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DMXLauncher]
2004-09-15 00:01   86016   ----a-w-   c:\program files\Dell\Media Experience\DMXLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FreeAC]
2011-05-27 16:42   1368912   ----a-w-   c:\program files\FreeAlarmClock\FreeAlarmClock.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2004-09-13 15:49   49152   ----a-w-   c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-07-27 15:50   81920   ----a-w-   c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2010-04-16 22:12   3872080   ----a-w-   c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 14:57   153136   ----a-w-   c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\AiOHomeCenter.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\Kodak.Statistics.exe"=
"c:\\Program Files\\Kodak\\AiO\\Center\\NetworkPrinterDiscovery.exe"=
"c:\\Program Files\\Kodak\\AiO\\Firmware\\KodakAiOUpdater.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Kodak\\Installer\\Setup.exe"=
"c:\\WINDOWS\\system32\\dpnsvr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
"9322:TCP"= 9322:TCP:EKDiscovery
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [19/01/2010 20:58 691696]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [05/09/2011 03:04 652360]
R3 AA_VERSAPORT;usb-audio.de driver for American Audio VersaPort;c:\windows\system32\drivers\aavportu.sys [23/01/2009 16:57 398912]
R3 AA_VERSAPORT_A_WDM;VersaPort WDM Audio;c:\windows\system32\drivers\aavporta.sys [23/01/2009 16:57 39488]
R3 L6DP;L6DP;c:\windows\system32\drivers\l6dp.sys [29/09/2006 16:05 29312]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [05/09/2011 03:04 20464]
S1 MpKsl24246200;MpKsl24246200;\??\c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C4AE175F-9D1C-45F0-AB43-760F4E229E6F}\MpKsl24246200.sys --> c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{C4AE175F-9D1C-45F0-AB43-760F4E229E6F}\MpKsl24246200.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 12:16 130384]
S2 Kodak AiO Network Discovery Service;Kodak AiO Network Discovery Service;c:\program files\Kodak\AiO\Center\ekdiscovery.exe [05/08/2009 12:49 284016]
S3 cpudrv;cpudrv;\??\c:\program files\SystemRequirementsLab\cpudrv.sys --> c:\program files\SystemRequirementsLab\cpudrv.sys [?]
S3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys --> c:\windows\system32\drivers\dgderdrv.sys [?]
S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [05/10/2010 18:53 36640]
S3 L6TPortB;Service - Line 6 TonePort UX2;c:\windows\system32\Drivers\L6TPortB.sys --> c:\windows\system32\Drivers\L6TPortB.sys [?]
S3 PROCEXP150;PROCEXP150;\??\c:\windows\system32\Drivers\PROCEXP150.SYS --> c:\windows\system32\Drivers\PROCEXP150.SYS [?]
S3 sea1bus;Sony Ericsson Device 0A1 driver (WDM);c:\windows\system32\drivers\sea1bus.sys [15/04/2008 19:01 61536]
S3 sea1mdfl;Sony Ericsson Device 0A1 USB WMC Modem Filter;c:\windows\system32\drivers\sea1mdfl.sys [15/04/2008 19:01 9360]
S3 sea1mdm;Sony Ericsson Device 0A1 USB WMC Modem Driver;c:\windows\system32\drivers\sea1mdm.sys [15/04/2008 19:01 97088]
S3 sea1mgmt;Sony Ericsson Device 0A1 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\sea1mgmt.sys [15/04/2008 19:02 88624]
S3 sea1nd5;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (NDIS);c:\windows\system32\drivers\sea1nd5.sys [15/04/2008 19:07 18704]
S3 sea1obex;Sony Ericsson Device 0A1 USB WMC OBEX Interface;c:\windows\system32\drivers\sea1obex.sys [15/04/2008 19:02 86432]
S3 sea1unic;Sony Ericsson Device 0A1 USB Ethernet Emulation SEMCA1 (WDM);c:\windows\system32\drivers\sea1unic.sys [15/04/2008 19:02 90800]
S3 USBMIDI;UF USB MIDI Driver;c:\windows\system32\Drivers\Mdusb.sys --> c:\windows\system32\Drivers\Mdusb.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [10/08/2004 11:51 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 12:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WINRM   REG_MULTI_SZ     WINRM
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2008-02-26 14:06   451872   ----a-w-   c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
.
------- Supplementary Scan -------
.
uStart Page = www.facebook.com
uInternet Connection Wizard,ShellNext = hxxp://www.dell.co.uk/myway
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Trusted Zone: hotmail.co.uk\.www
Trusted Zone: line6.net
TCP: DhcpNameServer = 192.168.2.1 192.168.2.1
FF - ProfilePath - c:\documents and settings\lukey\Application Data\Mozilla\Firefox\Profiles\1jonz51o.default\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4dd54479&v=7.004.022.004&i=26&tp=ab&iy=&ychte=uk&lng=en-GB&q=
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 54889
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKCU-Run-AdobeBridge - (no file)
AddRemove-Chorrosive - c:\program files\Steinberg\VstPlugins\Chorrosive\Chorrosive Uninstall.exe
AddRemove-FloFi - i:\flofi\FloFi Uninstall.exe
AddRemove-Lennar Digital Sylenth VSTi v1.2.1 - c:\progra~1\STEINB~1\VSTPLU~1\Sylenth1\UNINST~1\UNWISE.EXE
AddRemove-Live 5.2.2 - c:\progra~1\Ableton\LIVE52~1.2\Install\UNWISE.EXE
AddRemove-Native Instruments - Rig Kontrol 3 Driver - c:\program files\Native Instruments\Rig Kontrol 3 Driver\uninst.exe Software\Native Instruments\Rig Kontrol 3 Driver\Setup
AddRemove-Native Instruments Massive v1.0.1.008 VSTi DXi RTAS - c:\progra~1\NATIVE~1\Massive\UNWISE.EXE
AddRemove-pnreqoyfhzrh - c:\windows\system32\pnreqoyfhzrh.exe
AddRemove-Rob Papen Albino 3 - I:\UninstalAlbino3.exe
AddRemove-SVF2 - c:\program files\Steinberg\VstPlugins\SVF2\SVF2 Uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-02-10 07:59
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-2147893550-3486111833-3558755326-1009\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*Öš€|¾Z¥œJd]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2147893550-3486111833-3558755326-1009\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*jpg*Öš€|¾Z¥œJd\OpenWithList]
@Class="Shell"
"a"="Corel PaintShop Pro.exe"
"MRUList"="a"
.
Completion time: 2012-02-10 08:07:06
ComboFix-quarantined-files.txt 2012-02-10 08:07
.
Pre-Run: 88,072,781,824 bytes free
Post-Run: 88,412,823,552 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 1FD73F878EE48C2D5ED472447C4EEFB1

These programs i deleted years ago! I'm not sure why they are showing up on the scans.

'Sony Ericsson Device'
'Line 6 TonePort'

Thanks again for your time

Hoov · « **Reply #9 on:** February 10, 2012, 10:02:09 AM »

Both of those are devices that are installed, we can deal with them when your computer is clean.

That first part of what you saw was your computer running chkdsk on your harddrive. Either your drive has a physical problem, or the NTFS table was corrupted.

How is the computer running now?

Also I need you to go to the administration tools in XP. They are in the Control Panel. Open the Admin tools, then open the event viewer. Over on the left hand side and click on System. Then up at the top click on Action and then click on Save Events As, type in system as the file name, make sure file type EVT is selected, and then navigate so it will save the file to your desktop, then click save. Over on the left hand side and click on Application. Then up at the top click on Action and then click on Save Events As, type in application as the file name, make sure file type EVT is selected, and then navigate so it will save the file to your desktop, then click save. Zip them both up into a single zip file, post them back here in your next reply as attachments.

L-Tek · « **Reply #10 on:** February 10, 2012, 05:18:03 PM »

Hey,

The computer doesn't seem to have improved. The internet is still runnng slowly, the hardware and interrupts are still between 40-50% CPU and upon running software it still eating my CPU.

I don't think my drive has a physical problem more likely a NTFS corrupt. This only happend when uninstalling norton. But your the expert ;)

Hoov · « **Reply #11 on:** February 10, 2012, 06:57:25 PM »

Removing Norton should not have caused a problem, but the event viewer logs also do not indicate a file system corruption, so I am not sure why it ran. The event log does indicate a few strange events.

Click Start. click run, type: cmd, and press Enter
Type: netsh winsock reset, and then press the ENTER key.
Type: Exit and press ENTER.
Restart the computer.

I would like you to try rebooting windows cleanly to see how the computer acts.

I need you to reboot windows cleanly. To do that please go to the run command and type in msconfig . Once that starts, select selective startup, and then uncheck the load startup items. Now click on the services tab, and down near the bottom of the window, check the box that says Hide all Microsoft Services now go up and uncheck all the services still listed, make sure you scroll down the list if need to unselect all the non Microsoft services. Now click apply, then click OK and reboot the computer.

Test your computer. If you browse on the internet to check that, make sure to stick to reputable websites. Once you have decided how it is running, run msconfig and select normal startup then click apply then OK and reboot your computer. Let me know how it went.

There are a few questions I have about what showed up in the event viewer logs.

Do you have a FaxModem installed? Any program that would try and faxing something?

Is Winamp fully updated? Does it seem to work OK?

Are you connected to a router or a modem that is doing DHCP? Do you have a network or is it just a single computer connected to it?

L-Tek · « **Reply #12 on:** February 10, 2012, 09:25:54 PM »

I did what you told me to do and no improvement once loaded. Though I have to say (even with normal start up) it seems my computer is loading up alot faster!

I did my usual checks on software, processes & internet.

None of them seem to have improved. My CPU was still running at 40-50% while under the 'load startup items' & 'Hide all Microsoft Services' step of your instructions. And speedtest showed peaking in my internet speed (mostly remaining at a low mbs). Software still slow and unresponsive.

In regards to winamp. I don't think I'd ever updated it

I uninstalled it using revo and reinstalled with thier lastest version. You ask wether it works ok, it had been freezing recently. But every program I have has been freezing recently, so i didnt think that it was winamp the issue.

I have just updated adobe too (I do stay ontop of those updates) & it has made no difference.

I don't have a fax machine set up at'all. I noticed that also. I have a kodak printer set up which stays disconnected until i need to use it (which isnt very often). This machine has never been used for faxes.

The set up which I have goes like this

Modem > Main Household PC with router/wifi > My PC with a USB reciever (Ralink)

From what I understand from virgin tech the USB recievers aren't the best for signal strength. But i should add that mine was working fine before these issues arose. And my USB reciever is literally 1 meter from the Main PC in the same room. The link speed is 65mbps and we pay for 20mbps so there shouldnt be an issue there. All running at 100%. Also I should note our network is secured and mine is usually the only other PC running off of it. My dads Laptop when he connects runs at 20mbps.

To me it seems as if whatever is causing my PC to run at a high CPU is affecting the speed of the program (firefox) not the internet itself. As it is the same when running music production software, winamp, internet etc..

Also i shuold note that upon restarting my pc again I had no further problems with NTFS / CHKDSK

Hmmmm

Hoov · « **Reply #13 on:** February 10, 2012, 10:10:17 PM »

When you go to the task manager what process's are using more than 5% of the CPU cycles, excluding system Idle Process?

Do you know your way around services? If you do, go into the services and disable the Fax service. Also go into the add / remove programs and uninstall the program named Fax.

And for future reference, please don't install or update anything unless I ask. The reason for this is because if you do have malware, then installing something could cause some of its files to be infected. Go ahead and leave Winamp alone for now, just don't do it again until you are clean.

Also I would like you to download Driver cleaner Pro (Make sure to click the button not the link next to the button). Follow the instructions (It is a fairly easy program to understand) and uninstall the drivers for 'Sony Ericsson Device' and 'Line 6 TonePort'.

L-Tek · « **Reply #14 on:** February 10, 2012, 11:29:37 PM »

System idle is at 98% with no programs running which is good. But in 'sysinternals processes explorer' it says hardware interurrpts and DPC's are running at between 40-50%

I disabled fax from within services. But 'fax' or anything with fax in the name is not on my add/remove programs list. There is however 'HP PSC & OfficeJet 4.7 Software' & 'HP software update' both of which havn't been in use for years. Shall i remove these? (See i'm learning

haha)

Right ok I have a few questions about driver cleaner if you wouldnt mind answering them. This seems to me a program I should be confident with before proceeding.

"This does not do a plain reinstall of your video/audio drivers. It completely removes ANY trace of the old drivers from your computer first. This will resolve issues for some users. You want all traces of the old files gone before doing a driver reinstall. Also, please make sure you have the correct new drivers to do a reinstall."

*Where can i check to see if i have nividia or ati or other? I look in add remove programs and i couldnt see either.

*When it removes the traces of the drivers and reinstalls does the computer do this automatically without me having to find old installation CD's? in step 4 of the instructions it says 'On reboot into safe mode WinXP SP1/SP2 will auto detect and install drivers' yet I have SP3 & on step 9 it says 'Install the new driver'.

News:

Author Topic: [Inactive]Serious Problem With XP Computer. Hardware & Interrupts (Read 1776 times)

L-Tek

[Inactive]Serious Problem With XP Computer. Hardware & Interrupts

Hoov

Re: Serious Problem With XP Computer. Hardware & Interrupts

L-Tek

Re: [In Progress] Serious Problem With XP Computer. Hardware & Interrupts

Hoov

Re: [In Progress] Serious Problem With XP Computer. Hardware & Interrupts

L-Tek

Re: [In Progress] Serious Problem With XP Computer. Hardware & Interrupts

Hoov

Re: [In Progress] Serious Problem With XP Computer. Hardware & Interrupts

L-Tek

Re: [In Progress] Serious Problem With XP Computer. Hardware & Interrupts

Hoov

Re: [In Progress] Serious Problem With XP Computer. Hardware & Interrupts

L-Tek

Re: [In Progress] Serious Problem With XP Computer. Hardware & Interrupts

Hoov

Re: [In Progress] Serious Problem With XP Computer. Hardware & Interrupts

L-Tek

Re: [In Progress] Serious Problem With XP Computer. Hardware & Interrupts

Hoov

Re: [In Progress] Serious Problem With XP Computer. Hardware & Interrupts

L-Tek

Re: [In Progress] Serious Problem With XP Computer. Hardware & Interrupts

Hoov

Re: [In Progress] Serious Problem With XP Computer. Hardware & Interrupts

L-Tek

Re: [In Progress] Serious Problem With XP Computer. Hardware & Interrupts