Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

FBI virus


  • Please log in to reply
24 replies to this topic

#1 Vcali

Vcali

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 01 October 2012 - 07:30 PM

Hello nice people, I am back. You guys helped me get rid of a problem about half a year ago or so. Know I got infected with the FBI virus. I removed it by following the steps you guys provided on the forum (http://www.bleepingcomputer.com/virus-removal/remove-fbi-monkeypak-ransomware). I removed it and got reinfected, then removed it again and got reinfected while trying to run secunia. I need help removing this virus once and for all. I have Malwarebytes but it didn't even find the virus. I also have Avira which told me a virus is trying to get in, I kept on denying access but still got infected. Please help me. Thank you so much in advance.

BC AdBot (Login to Remove)

 


#2 Talk-to-Tech

Talk-to-Tech

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:11 PM

Posted 01 October 2012 - 08:33 PM

...

Edited by Talk-to-Tech, 02 October 2012 - 08:27 PM.


#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:41 PM

Posted 01 October 2012 - 09:36 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#4 Vcali

Vcali
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 02 October 2012 - 01:45 AM

Which one should I do? I got 2 replies

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:41 PM

Posted 02 October 2012 - 01:47 AM

Ignore the first one

#6 Vcali

Vcali
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 02 October 2012 - 05:22 PM

Just to let you know, now i get the redirecting virus too. I click on something and it opens something else, or I go to a specific site and it take me somewhere else. Not all the time but it does redirect me sometimes. Anyway, I am posting the log of the TDSSKiller.

TDSSKILLER:



15:14:06.0859 0292 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
15:14:07.0328 0292 ============================================================
15:14:07.0328 0292 Current date / time: 2012/10/02 15:14:07.0328
15:14:07.0328 0292 SystemInfo:
15:14:07.0328 0292
15:14:07.0328 0292 OS Version: 5.1.2600 ServicePack: 3.0
15:14:07.0328 0292 Product type: Workstation
15:14:07.0328 0292 ComputerName: VAL
15:14:07.0328 0292 UserName: Valo
15:14:07.0328 0292 Windows directory: C:\WINDOWS
15:14:07.0328 0292 System windows directory: C:\WINDOWS
15:14:07.0328 0292 Processor architecture: Intel x86
15:14:07.0328 0292 Number of processors: 1
15:14:07.0328 0292 Page size: 0x1000
15:14:07.0328 0292 Boot type: Safe boot with network
15:14:07.0328 0292 ============================================================
15:14:12.0750 0292 Drive \Device\Harddisk0\DR0 - Size: 0x4A94F0000 (18.65 Gb), SectorSize: 0x200, Cylinders: 0x982, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:14:12.0750 0292 Drive \Device\Harddisk1\DR2 - Size: 0x1D5800000 (7.34 Gb), SectorSize: 0x200, Cylinders: 0x3BD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:14:12.0750 0292 ============================================================
15:14:12.0750 0292 \Device\Harddisk0\DR0:
15:14:12.0750 0292 MBR partitions:
15:14:12.0750 0292 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2546802
15:14:12.0750 0292 \Device\Harddisk1\DR2:
15:14:12.0750 0292 MBR partitions:
15:14:12.0750 0292 \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0xEABFE0
15:14:12.0750 0292 ============================================================
15:14:12.0921 0292 C: <-> \Device\Harddisk0\DR0\Partition1
15:14:12.0968 0292 ============================================================
15:14:12.0968 0292 Initialize success
15:14:12.0968 0292 ============================================================
15:15:08.0203 1040 ============================================================
15:15:08.0203 1040 Scan started
15:15:08.0203 1040 Mode: Manual; TDLFS;
15:15:08.0203 1040 ============================================================
15:15:13.0531 1040 ================ Scan system memory ========================
15:15:13.0531 1040 System memory - ok
15:15:13.0546 1040 ================ Scan services =============================
15:15:13.0546 1040 A2DDA - ok
15:15:14.0375 1040 Abiosdsk - ok
15:15:14.0375 1040 abp480n5 - ok
15:15:14.0484 1040 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:15:14.0546 1040 ACPI - ok
15:15:14.0640 1040 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
15:15:14.0656 1040 ACPIEC - ok
15:15:14.0671 1040 adpu160m - ok
15:15:14.0750 1040 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
15:15:14.0765 1040 aec - ok
15:15:14.0906 1040 [ 91F3DF93F40A74D222CD166FE95DB633 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
15:15:14.0968 1040 AegisP - ok
15:15:15.0062 1040 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
15:15:15.0062 1040 AFD - ok
15:15:15.0078 1040 Aha154x - ok
15:15:15.0093 1040 aic78u2 - ok
15:15:15.0093 1040 aic78xx - ok
15:15:15.0203 1040 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
15:15:15.0234 1040 Alerter - ok
15:15:15.0265 1040 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
15:15:15.0265 1040 ALG - ok
15:15:15.0281 1040 AliIde - ok
15:15:15.0281 1040 amsint - ok
15:15:15.0546 1040 [ 9015BC03F62940527EC92D45EE89E46F ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:15:15.0578 1040 AntiVirSchedulerService - ok
15:15:15.0671 1040 [ B8720A787C1223492E6F319465E996CE ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:15:15.0687 1040 AntiVirService - ok
15:15:15.0843 1040 [ 4B5AE15E5C73EB4DC8DBEC2788230D41 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
15:15:15.0859 1040 Apple Mobile Device - ok
15:15:15.0875 1040 AppMgmt - ok
15:15:15.0921 1040 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:15:15.0953 1040 Arp1394 - ok
15:15:15.0968 1040 asc - ok
15:15:15.0984 1040 asc3350p - ok
15:15:16.0000 1040 asc3550 - ok
15:15:16.0062 1040 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:15:16.0093 1040 AsyncMac - ok
15:15:16.0125 1040 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
15:15:16.0125 1040 atapi - ok
15:15:16.0156 1040 Atdisk - ok
15:15:16.0234 1040 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:15:16.0296 1040 Atmarpc - ok
15:15:16.0406 1040 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
15:15:16.0437 1040 AudioSrv - ok
15:15:16.0531 1040 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
15:15:16.0546 1040 audstub - ok
15:15:16.0593 1040 [ 6A646C46B9415E13095AA9B352040A7A ] avgio C:\Program Files\Avira\AntiVir Desktop\avgio.sys
15:15:16.0593 1040 avgio - ok
15:15:16.0671 1040 [ 14FE36D8F2C6A2435275338D061A0B66 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:15:16.0687 1040 avgntflt - ok
15:15:16.0750 1040 [ 452E382340BB0C5E694ED9D3625356D0 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:15:16.0843 1040 avipbb - ok
15:15:16.0906 1040 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
15:15:16.0906 1040 Beep - ok
15:15:16.0984 1040 [ 3F56903E124E820AEECE6D471583C6C1 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:15:17.0000 1040 Bonjour Service - ok
15:15:17.0078 1040 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
15:15:17.0093 1040 Browser - ok
15:15:17.0187 1040 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
15:15:17.0187 1040 cbidf2k - ok
15:15:17.0281 1040 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:15:17.0281 1040 CCDECODE - ok
15:15:17.0296 1040 cd20xrnt - ok
15:15:17.0390 1040 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
15:15:17.0406 1040 Cdaudio - ok
15:15:17.0453 1040 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
15:15:17.0453 1040 Cdfs - ok
15:15:17.0468 1040 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:15:17.0484 1040 Cdrom - ok
15:15:17.0484 1040 Changer - ok
15:15:17.0562 1040 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] cisvc C:\WINDOWS\system32\cisvc.exe
15:15:17.0562 1040 cisvc - ok
15:15:17.0578 1040 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
15:15:17.0609 1040 ClipSrv - ok
15:15:17.0625 1040 CmdIde - ok
15:15:17.0671 1040 COMSysApp - ok
15:15:17.0750 1040 Cpqarray - ok
15:15:17.0906 1040 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
15:15:17.0937 1040 CryptSvc - ok
15:15:17.0953 1040 dac2w2k - ok
15:15:17.0968 1040 dac960nt - ok
15:15:18.0109 1040 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
15:15:18.0171 1040 DcomLaunch - ok
15:15:18.0218 1040 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
15:15:18.0218 1040 Dhcp - ok
15:15:18.0265 1040 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
15:15:18.0265 1040 Disk - ok
15:15:18.0281 1040 dmadmin - ok
15:15:18.0421 1040 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
15:15:18.0468 1040 dmboot - ok
15:15:18.0546 1040 [ 526192BF7696F72E29777BF4A180513A ] DMICall C:\WINDOWS\system32\DRIVERS\DMICall.sys
15:15:18.0546 1040 DMICall - ok
15:15:18.0593 1040 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
15:15:18.0593 1040 dmio - ok
15:15:18.0703 1040 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
15:15:18.0718 1040 dmload - ok
15:15:18.0812 1040 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
15:15:18.0812 1040 dmserver - ok
15:15:18.0859 1040 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
15:15:18.0890 1040 DMusic - ok
15:15:18.0937 1040 [ D2EE54CDBCED01D48F2B18642BE79A98 ] DNINDIS5 C:\WINDOWS\System32\DNINDIS5.SYS
15:15:18.0953 1040 DNINDIS5 - ok
15:15:18.0984 1040 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
15:15:18.0984 1040 Dnscache - ok
15:15:19.0046 1040 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
15:15:19.0062 1040 Dot3svc - ok
15:15:19.0062 1040 dpti2o - ok
15:15:19.0109 1040 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
15:15:19.0156 1040 drmkaud - ok
15:15:19.0171 1040 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
15:15:19.0203 1040 EapHost - ok
15:15:19.0265 1040 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
15:15:19.0265 1040 ERSvc - ok
15:15:19.0312 1040 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
15:15:19.0328 1040 Eventlog - ok
15:15:19.0515 1040 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
15:15:19.0609 1040 EventSystem - ok
15:15:19.0640 1040 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
15:15:19.0640 1040 Fastfat - ok
15:15:19.0703 1040 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:15:19.0703 1040 FastUserSwitchingCompatibility - ok
15:15:19.0718 1040 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
15:15:19.0734 1040 Fdc - ok
15:15:19.0765 1040 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
15:15:19.0765 1040 Fips - ok
15:15:19.0812 1040 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:15:19.0828 1040 Flpydisk - ok
15:15:19.0875 1040 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
15:15:19.0875 1040 FltMgr - ok
15:15:19.0953 1040 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:15:19.0953 1040 Fs_Rec - ok
15:15:19.0968 1040 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:15:19.0984 1040 Ftdisk - ok
15:15:20.0031 1040 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:15:20.0031 1040 GEARAspiWDM - ok
15:15:20.0109 1040 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:15:20.0109 1040 Gpc - ok
15:15:20.0296 1040 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:15:20.0312 1040 helpsvc - ok
15:15:20.0312 1040 HidServ - ok
15:15:20.0375 1040 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:15:20.0390 1040 HidUsb - ok
15:15:20.0468 1040 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
15:15:20.0468 1040 hkmsvc - ok
15:15:20.0484 1040 hpn - ok
15:15:20.0500 1040 hpt3xx - ok
15:15:20.0625 1040 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
15:15:20.0671 1040 HTTP - ok
15:15:20.0703 1040 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
15:15:20.0703 1040 HTTPFilter - ok
15:15:20.0734 1040 i2omgmt - ok
15:15:20.0734 1040 i2omp - ok
15:15:20.0781 1040 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:15:20.0781 1040 i8042prt - ok
15:15:20.0890 1040 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
15:15:20.0890 1040 Imapi - ok
15:15:21.0031 1040 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
15:15:21.0078 1040 ImapiService - ok
15:15:21.0218 1040 ini910u - ok
15:15:21.0328 1040 IntelIde - ok
15:15:21.0500 1040 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:15:21.0500 1040 intelppm - ok
15:15:21.0593 1040 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
15:15:21.0593 1040 ip6fw - ok
15:15:21.0687 1040 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:15:21.0687 1040 IpFilterDriver - ok
15:15:21.0750 1040 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:15:21.0750 1040 IpInIp - ok
15:15:21.0953 1040 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:15:22.0046 1040 IpNat - ok
15:15:22.0328 1040 [ 7A3611564FCE7C8BE50B03F58CB3EB7D ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:15:22.0468 1040 iPod Service - ok
15:15:22.0578 1040 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:15:22.0578 1040 IPSec - ok
15:15:22.0687 1040 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
15:15:22.0687 1040 IRENUM - ok
15:15:22.0828 1040 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:15:22.0828 1040 isapnp - ok
15:15:23.0078 1040 [ 973DB7AC74C554C546F8B0B7B98FB855 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
15:15:23.0093 1040 JavaQuickStarterService - ok
15:15:23.0203 1040 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:15:23.0203 1040 Kbdclass - ok
15:15:23.0281 1040 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:15:23.0281 1040 kbdhid - ok
15:15:23.0390 1040 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
15:15:23.0390 1040 kmixer - ok
15:15:23.0484 1040 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
15:15:23.0578 1040 KSecDD - ok
15:15:23.0703 1040 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
15:15:23.0734 1040 lanmanserver - ok
15:15:23.0906 1040 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:15:23.0921 1040 lanmanworkstation - ok
15:15:23.0984 1040 lbrtfdc - ok
15:15:24.0156 1040 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
15:15:24.0156 1040 LmHosts - ok
15:15:24.0453 1040 [ D96FF9C7997A4311F6A5DB9AFCDEA936 ] LucentSoftModem C:\WINDOWS\system32\DRIVERS\LTSM.sys
15:15:25.0000 1040 LucentSoftModem - ok
15:15:25.0140 1040 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
15:15:25.0187 1040 Messenger - ok
15:15:25.0281 1040 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
15:15:25.0296 1040 mnmdd - ok
15:15:25.0421 1040 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
15:15:25.0421 1040 mnmsrvc - ok
15:15:25.0593 1040 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
15:15:25.0656 1040 Modem - ok
15:15:25.0750 1040 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:15:25.0765 1040 Mouclass - ok
15:15:25.0875 1040 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
15:15:25.0921 1040 MountMgr - ok
15:15:25.0984 1040 mraid35x - ok
15:15:26.0062 1040 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:15:26.0062 1040 MRxDAV - ok
15:15:26.0234 1040 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:15:26.0359 1040 MRxSmb - ok
15:15:26.0531 1040 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
15:15:26.0609 1040 MSDTC - ok
15:15:26.0718 1040 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
15:15:26.0765 1040 Msfs - ok
15:15:26.0828 1040 MSIServer - ok
15:15:26.0937 1040 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:15:26.0937 1040 MSKSSRV - ok
15:15:26.0968 1040 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:15:26.0968 1040 MSPCLOCK - ok
15:15:27.0046 1040 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
15:15:27.0062 1040 MSPQM - ok
15:15:27.0125 1040 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:15:27.0125 1040 mssmbios - ok
15:15:27.0234 1040 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
15:15:27.0390 1040 MSTEE - ok
15:15:27.0468 1040 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
15:15:27.0484 1040 Mup - ok
15:15:27.0609 1040 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:15:27.0625 1040 NABTSFEC - ok
15:15:27.0765 1040 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
15:15:27.0796 1040 napagent - ok
15:15:27.0890 1040 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
15:15:27.0921 1040 NDIS - ok
15:15:28.0031 1040 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:15:28.0062 1040 NdisIP - ok
15:15:28.0140 1040 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:15:28.0171 1040 NdisTapi - ok
15:15:28.0250 1040 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:15:28.0250 1040 Ndisuio - ok
15:15:28.0343 1040 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:15:28.0343 1040 NdisWan - ok
15:15:28.0468 1040 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
15:15:28.0484 1040 NDProxy - ok
15:15:28.0609 1040 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
15:15:28.0609 1040 NetBIOS - ok
15:15:28.0718 1040 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
15:15:28.0718 1040 NetBT - ok
15:15:28.0875 1040 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
15:15:28.0890 1040 NetDDE - ok
15:15:28.0984 1040 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
15:15:29.0000 1040 NetDDEdsdm - ok
15:15:29.0109 1040 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
15:15:29.0109 1040 Netlogon - ok
15:15:29.0234 1040 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
15:15:29.0234 1040 Netman - ok
15:15:29.0359 1040 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:15:29.0359 1040 NIC1394 - ok
15:15:29.0468 1040 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
15:15:29.0484 1040 Nla - ok
15:15:29.0609 1040 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
15:15:29.0609 1040 Npfs - ok
15:15:29.0734 1040 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
15:15:29.0796 1040 Ntfs - ok
15:15:29.0875 1040 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
15:15:29.0875 1040 NtLmSsp - ok
15:15:30.0093 1040 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
15:15:30.0187 1040 NtmsSvc - ok
15:15:30.0296 1040 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
15:15:30.0390 1040 Null - ok
15:15:30.0859 1040 [ 21CEEDFA76170A6CF19AD833AA948393 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:15:31.0484 1040 nv - ok
15:15:31.0750 1040 [ C40149797D2473E63ECF2C716A75DA15 ] NVSvc C:\WINDOWS\System32\nvsvc32.exe
15:15:31.0765 1040 NVSvc - ok
15:15:31.0875 1040 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:15:31.0875 1040 NwlnkFlt - ok
15:15:31.0953 1040 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:15:31.0984 1040 NwlnkFwd - ok
15:15:32.0125 1040 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:15:32.0125 1040 ohci1394 - ok
15:15:32.0203 1040 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
15:15:32.0203 1040 Parport - ok
15:15:32.0281 1040 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
15:15:32.0281 1040 PartMgr - ok
15:15:32.0421 1040 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
15:15:32.0421 1040 ParVdm - ok
15:15:32.0515 1040 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
15:15:32.0515 1040 PCI - ok
15:15:32.0562 1040 PCIDump - ok
15:15:32.0640 1040 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
15:15:32.0640 1040 PCIIde - ok
15:15:32.0703 1040 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
15:15:32.0718 1040 Pcmcia - ok
15:15:32.0750 1040 PDCOMP - ok
15:15:32.0828 1040 PDFRAME - ok
15:15:32.0859 1040 PDRELI - ok
15:15:32.0921 1040 PDRFRAME - ok
15:15:33.0000 1040 perc2 - ok
15:15:33.0062 1040 perc2hib - ok
15:15:33.0265 1040 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
15:15:33.0265 1040 PlugPlay - ok
15:15:33.0328 1040 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
15:15:33.0328 1040 PolicyAgent - ok
15:15:33.0437 1040 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:15:33.0437 1040 PptpMiniport - ok
15:15:33.0500 1040 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
15:15:33.0500 1040 Processor - ok
15:15:33.0562 1040 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:15:33.0562 1040 ProtectedStorage - ok
15:15:33.0640 1040 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
15:15:33.0640 1040 PSched - ok
15:15:33.0734 1040 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:15:33.0734 1040 Ptilink - ok
15:15:33.0843 1040 [ 42D4C34300405D9F377E55F5DDADD720 ] PxHelp20 C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
15:15:33.0843 1040 PxHelp20 - ok
15:15:33.0968 1040 ql1080 - ok
15:15:34.0015 1040 Ql10wnt - ok
15:15:34.0078 1040 ql12160 - ok
15:15:34.0156 1040 ql1240 - ok
15:15:34.0187 1040 ql1280 - ok
15:15:34.0296 1040 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:15:34.0296 1040 RasAcd - ok
15:15:34.0390 1040 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
15:15:34.0421 1040 RasAuto - ok
15:15:34.0531 1040 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:15:34.0546 1040 Rasl2tp - ok
15:15:34.0671 1040 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
15:15:34.0687 1040 RasMan - ok
15:15:34.0812 1040 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:15:34.0812 1040 RasPppoe - ok
15:15:34.0937 1040 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
15:15:34.0937 1040 Raspti - ok
15:15:35.0031 1040 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:15:35.0046 1040 Rdbss - ok
15:15:35.0140 1040 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:15:35.0140 1040 RDPCDD - ok
15:15:35.0343 1040 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
15:15:35.0375 1040 RDPWD - ok
15:15:35.0500 1040 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
15:15:35.0515 1040 RDSessMgr - ok
15:15:35.0671 1040 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
15:15:35.0734 1040 redbook - ok
15:15:35.0890 1040 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
15:15:35.0906 1040 RemoteAccess - ok
15:15:36.0000 1040 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
15:15:36.0015 1040 RpcLocator - ok
15:15:36.0171 1040 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
15:15:36.0187 1040 RpcSs - ok
15:15:36.0296 1040 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
15:15:36.0312 1040 RSVP - ok
15:15:36.0406 1040 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
15:15:36.0406 1040 rtl8139 - ok
15:15:36.0484 1040 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
15:15:36.0484 1040 SamSs - ok
15:15:36.0609 1040 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
15:15:36.0609 1040 SCardSvr - ok
15:15:36.0734 1040 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
15:15:36.0734 1040 Schedule - ok
15:15:36.0921 1040 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:15:36.0937 1040 Secdrv - ok
15:15:37.0000 1040 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
15:15:37.0000 1040 seclogon - ok
15:15:37.0390 1040 [ 9901DCF2B6DD2AD12CB42BD559E0C92D ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
15:15:37.0750 1040 Secunia PSI Agent - ok
15:15:38.0015 1040 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
15:15:38.0046 1040 SENS - ok
15:15:38.0140 1040 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
15:15:38.0171 1040 Serial - ok
15:15:38.0281 1040 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
15:15:38.0296 1040 Sfloppy - ok
15:15:38.0484 1040 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:15:38.0484 1040 ShellHWDetection - ok
15:15:38.0546 1040 Simbad - ok
15:15:38.0781 1040 [ 5021C54419C48E852CD93E99CEB96C5A ] SiS315 C:\WINDOWS\system32\DRIVERS\sisgrp.sys
15:15:38.0781 1040 SiS315 - ok
15:15:38.0937 1040 [ 497CE69D7222DF2758BEC383CFD3638F ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
15:15:38.0937 1040 sisagp - ok
15:15:39.0046 1040 [ 0BA1BC20204DB877236EB5F674879ED5 ] SiSkp C:\WINDOWS\system32\drivers\srvkp.sys
15:15:39.0046 1040 SiSkp - ok
15:15:39.0156 1040 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:15:39.0156 1040 SLIP - ok
15:15:39.0281 1040 [ 6DB1737F710860C1685BFACE72798535 ] snpstd2 C:\WINDOWS\system32\DRIVERS\snpstd2.sys
15:15:39.0296 1040 snpstd2 - ok
15:15:39.0484 1040 [ FA197DB78C086F8EBDF15C995375F091 ] soma C:\WINDOWS\system32\DRIVERS\soma.sys
15:15:39.0578 1040 soma - ok
15:15:39.0671 1040 [ A8201C45292114606F6620D21275A5E1 ] SONYWBMS C:\WINDOWS\system32\DRIVERS\SonyWBMS.SYS
15:15:39.0671 1040 SONYWBMS - ok
15:15:39.0750 1040 Sparrow - ok
15:15:39.0828 1040 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
15:15:39.0859 1040 splitter - ok
15:15:39.0968 1040 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
15:15:40.0000 1040 Spooler - ok
15:15:40.0187 1040 [ F12215976BC6FA7DA26D277ED8CBC024 ] SPTISRV C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
15:15:40.0218 1040 SPTISRV - ok
15:15:40.0312 1040 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\System32\DRIVERS\sr.sys
15:15:40.0343 1040 sr - ok
15:15:40.0531 1040 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
15:15:40.0546 1040 srservice - ok
15:15:40.0671 1040 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
15:15:40.0703 1040 Srv - ok
15:15:40.0796 1040 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
15:15:40.0796 1040 SSDPSRV - ok
15:15:40.0953 1040 [ 654DFEA96BC82B4ACDA4F37E5E4A3BBF ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:15:40.0953 1040 ssmdrv - ok
15:15:41.0078 1040 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
15:15:41.0093 1040 stisvc - ok
15:15:41.0203 1040 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:15:41.0203 1040 streamip - ok
15:15:41.0250 1040 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
15:15:41.0250 1040 swenum - ok
15:15:41.0375 1040 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
15:15:41.0390 1040 swmidi - ok
15:15:41.0468 1040 SwPrv - ok
15:15:41.0578 1040 symc810 - ok
15:15:41.0640 1040 symc8xx - ok
15:15:41.0718 1040 sym_hi - ok
15:15:41.0781 1040 sym_u3 - ok
15:15:41.0843 1040 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
15:15:41.0843 1040 sysaudio - ok
15:15:41.0937 1040 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
15:15:41.0937 1040 SysmonLog - ok
15:15:42.0125 1040 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
15:15:42.0125 1040 TapiSrv - ok
15:15:42.0265 1040 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:15:42.0343 1040 Tcpip - ok
15:15:42.0484 1040 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
15:15:42.0484 1040 TDPIPE - ok
15:15:42.0578 1040 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
15:15:42.0609 1040 TDTCP - ok
15:15:42.0703 1040 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
15:15:42.0718 1040 TermDD - ok
15:15:42.0937 1040 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
15:15:42.0968 1040 TermService - ok
15:15:43.0062 1040 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
15:15:43.0062 1040 Themes - ok
15:15:43.0203 1040 TosIde - ok
15:15:43.0296 1040 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
15:15:43.0296 1040 TrkWks - ok
15:15:43.0484 1040 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
15:15:43.0515 1040 Udfs - ok
15:15:43.0546 1040 ultra - ok
15:15:43.0718 1040 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
15:15:43.0750 1040 Update - ok
15:15:43.0937 1040 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
15:15:43.0968 1040 upnphost - ok
15:15:44.0109 1040 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
15:15:44.0109 1040 UPS - ok
15:15:44.0296 1040 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
15:15:44.0296 1040 usbaudio - ok
15:15:44.0437 1040 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:15:44.0437 1040 usbccgp - ok
15:15:44.0531 1040 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:15:44.0546 1040 usbehci - ok
15:15:44.0625 1040 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:15:44.0625 1040 usbhub - ok
15:15:44.0687 1040 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:15:44.0718 1040 usbohci - ok
15:15:44.0812 1040 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:15:44.0812 1040 usbprint - ok
15:15:44.0984 1040 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:15:45.0000 1040 USBSTOR - ok
15:15:45.0265 1040 [ C005A5BD92EE5DB07EFAAF11B8BED808 ] VAIOMediaPlatform-MusicServer-AppServer C:\Program Files\Sony\VAIO Media Music Server\SSSvr.exe
15:15:45.0343 1040 VAIOMediaPlatform-MusicServer-AppServer - ok
15:15:45.0500 1040 VAIOMediaPlatform-MusicServer-HTTP - ok
15:15:45.0671 1040 [ B6B492E529F1BD299A1BE987F0BCDC7E ] VAIOMediaPlatform-MusicServer-UPnP C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
15:15:45.0718 1040 VAIOMediaPlatform-MusicServer-UPnP - ok
15:15:45.0875 1040 [ E599191947060428E97BACDB82B6F087 ] VAIOMediaPlatform-PhotoServer-AppServer C:\Program Files\Sony\Photo Server 20\appsrv\PicAppSrv.exe
15:15:45.0921 1040 VAIOMediaPlatform-PhotoServer-AppServer - ok
15:15:45.0953 1040 VAIOMediaPlatform-PhotoServer-HTTP - ok
15:15:46.0078 1040 [ B6B492E529F1BD299A1BE987F0BCDC7E ] VAIOMediaPlatform-PhotoServer-UPnP C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\UPnPFramework.exe
15:15:46.0093 1040 VAIOMediaPlatform-PhotoServer-UPnP - ok
15:15:46.0203 1040 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
15:15:46.0218 1040 VgaSave - ok
15:15:46.0265 1040 ViaIde - ok
15:15:46.0375 1040 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
15:15:46.0375 1040 VolSnap - ok
15:15:46.0609 1040 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
15:15:46.0609 1040 VSS - ok
15:15:46.0734 1040 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
15:15:46.0750 1040 W32Time - ok
15:15:46.0859 1040 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:15:46.0859 1040 Wanarp - ok
15:15:46.0921 1040 WDICA - ok
15:15:47.0015 1040 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
15:15:47.0015 1040 wdmaud - ok
15:15:47.0171 1040 [ DCE25235272A28ED34780AC4C848FC3F ] WDM_YAMAHAAC97 C:\WINDOWS\system32\drivers\yacxgc.sys
15:15:47.0171 1040 WDM_YAMAHAAC97 - ok
15:15:47.0281 1040 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
15:15:47.0453 1040 WebClient - ok
15:15:47.0671 1040 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
15:15:47.0687 1040 winmgmt - ok
15:15:47.0937 1040 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
15:15:47.0953 1040 WmdmPmSN - ok
15:15:48.0140 1040 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
15:15:48.0218 1040 WmiApSrv - ok
15:15:48.0359 1040 [ 56FB00BEC891A38B54C68E52BCE2B0A4 ] WPN111 C:\WINDOWS\system32\DRIVERS\WPN111.sys
15:15:48.0406 1040 WPN111 - ok
15:15:48.0515 1040 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:15:48.0546 1040 WS2IFSL - ok
15:15:48.0687 1040 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:15:48.0687 1040 WSTCODEC - ok
15:15:48.0843 1040 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
15:15:48.0890 1040 WZCSVC - ok
15:15:49.0015 1040 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
15:15:49.0031 1040 xmlprov - ok
15:15:49.0234 1040 ================ Scan global ===============================
15:15:49.0359 1040 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
15:15:49.0609 1040 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
15:15:49.0703 1040 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
15:15:49.0781 1040 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
15:15:49.0781 1040 [Global] - ok
15:15:49.0812 1040 ================ Scan MBR ==================================
15:15:49.0890 1040 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
15:15:50.0156 1040 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:15:50.0156 1040 \Device\Harddisk0\DR0 - detected TDSS File System (1)
15:15:50.0218 1040 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR2
15:15:54.0578 1040 \Device\Harddisk1\DR2 - ok
15:15:54.0578 1040 ================ Scan VBR ==================================
15:15:54.0609 1040 [ 2C0AD06DEF6A048483953F1797A7A542 ] \Device\Harddisk0\DR0\Partition1
15:15:54.0609 1040 \Device\Harddisk0\DR0\Partition1 - ok
15:15:54.0671 1040 [ CB9DDE04281D865EAE39013E1186A69F ] \Device\Harddisk1\DR2\Partition1
15:15:54.0671 1040 \Device\Harddisk1\DR2\Partition1 - ok
15:15:54.0703 1040 ============================================================
15:15:54.0703 1040 Scan finished
15:15:54.0703 1040 ============================================================
15:15:54.0859 1032 Detected object count: 1
15:15:54.0859 1032 Actual detected object count: 1
15:16:40.0000 1032 \Device\Harddisk0\DR0\TDLFS\z00clicker.dll - copied to quarantine
15:16:40.0000 1032 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
15:16:40.0000 1032 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Quarantine

#7 Vcali

Vcali
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 02 October 2012 - 06:09 PM

aswMBR log:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-02 15:27:01
-----------------------------
15:27:01.843 OS Version: Windows 5.1.2600 Service Pack 3
15:27:01.843 Number of processors: 1 586 0x204
15:27:01.843 ComputerName: VAL UserName:
15:27:12.125 Initialize success
15:47:18.812 AVAST engine defs: 12100200
15:48:25.328 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
15:48:25.359 Disk 0 Vendor: WDC_WD200EB-11BHF0 15.15M15 Size: 19092MB BusType: 3
15:48:25.406 Disk 1 \Device\Harddisk1\DR2 -> \Device\00000064
15:48:25.453 Disk 1 Vendor: Size: 19092MB BusType: 0
15:48:25.625 Disk 0 MBR read successfully
15:48:25.656 Disk 0 MBR scan
15:48:25.984 Disk 0 Windows XP default MBR code
15:48:26.093 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 19085 MB offset 63
15:48:26.187 Disk 0 scanning sectors +39086145
15:48:27.187 Disk 0 scanning C:\WINDOWS\system32\drivers
15:49:13.812 Service scanning
15:50:15.843 Modules scanning
15:50:41.093 Module: C:\WINDOWS\System32\drivers\dxgthk.sys **SUSPICIOUS**
15:50:42.312 Disk 0 trace - called modules:
15:50:42.515 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
15:50:42.609 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85bb7448]
15:50:42.703 3 CLASSPNP.SYS[f74e7fd7] -> nt!IofCallDriver -> \Device\0000005c[0x85bc8148]
15:50:42.796 5 ACPI.sys[f743e620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x85bc5030]
15:50:45.500 AVAST engine scan C:\WINDOWS
15:51:25.734 AVAST engine scan C:\WINDOWS\system32
15:56:03.046 File: C:\WINDOWS\assembly\GAC\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
15:56:06.984 AVAST engine scan C:\WINDOWS\system32\drivers
15:56:47.921 AVAST engine scan C:\Documents and Settings\Valo
15:56:52.078 File: C:\Documents and Settings\Valo\Application Data\carsdm.dll **INFECTED** Win32:Agent-AQBW [Trj]
15:57:39.015 File: C:\Documents and Settings\Valo\Local Settings\Application Data\Microsoft\Windows\4644\VaultSysUi.exe **INFECTED** Win32:Trojan-gen
16:02:50.656 AVAST engine scan C:\Documents and Settings\All Users
16:04:08.734 Scan finished successfully
16:04:26.000 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Valo\My Documents\MBR.dat"
16:04:26.062 The log file has been saved successfully to "C:\Documents and Settings\Valo\My Documents\aswMBR.txt"
16:05:26.046 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Valo\Desktop\MBR.dat"
16:05:26.093 The log file has been saved successfully to "C:\Documents and Settings\Valo\Desktop\aswMBR.txt"

#8 Vcali

Vcali
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 02 October 2012 - 07:39 PM

ESET log:

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\91TPRGDQ\what-is-this-cat-talking-about[1].txt HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\ERVMD575\cat-and-dolphin-playing-together[1].txt HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KI6B53JX\categories[1].txt HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\KI6B53JX\cute-sleepy-kittens-meowing[1].txt HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\Valo\Application Data\carsdm.dll a variant of Win32/Kryptik.AMJF trojan cleaned by deleting - quarantined
C:\Documents and Settings\Valo\Application Data\sdbrtb.dll a variant of Win32/Medfos.EB trojan cleaned by deleting - quarantined
C:\Documents and Settings\Valo\Local Settings\Application Data\Microsoft\Windows\4644\VaultSysUi.exe a variant of Win32/Kryptik.AMLT trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\02.10.2012_15.14.07\tdlfs0000\tsk0000.dta a variant of Win32/Kryptik.CAH trojan cleaned by deleting - quarantined
Operating memory a variant of Win32/Sirefef.FA trojan

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:41 PM

Posted 02 October 2012 - 08:43 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it . For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#10 Vcali

Vcali
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 08 October 2012 - 12:14 PM

Sorry it took so long to start this process, had a very busy week. Here is the log for mbam:

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.08.04

Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
Valo :: VAL [administrator]

10/8/2012 6:16:47 AM
mbam-log-2012-10-08 (06-16-47).txt

Scan type: Full scan (A:\|C:\|E:\|F:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 269985
Time elapsed: 1 hour(s), 1 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Quarantined and deleted successfully.

Registry Values Detected: 2
HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32| (Trojan.Zaccess) -> Data: C:\Documents and Settings\Valo\Local Settings\Application Data\{7dc68225-17f7-ef63-4ce3-0f7d6ac6df54}\n. -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|carsdm (Trojan.RedirRdll2.Gen) -> Data: rundll32.exe "C:\Documents and Settings\Valo\Application Data\carsdm.dll",ReplaceCharsW -> Quarantined and deleted successfully.

Registry Data Items Detected: 3
HKCR\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32| (Trojan.0Access) -> Bad: (C:\RECYCLER\S-1-5-18\$7dc6822517f7ef634ce30f7d6ac6df54\n.) Good: (fastprox.dll) -> Quarantined and repaired successfully.
HKCR\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32| (Trojan.Zaccess) -> Bad: (\\.\globalroot\systemroot\Installer\{7dc68225-17f7-ef63-4ce3-0f7d6ac6df54}\n.) Good: (wbemess.dll) -> Quarantined and repaired successfully.
HKCR\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\InProcServer32| (Trojan.0Access) -> Bad: (C:\RECYCLER\S-1-5-21-891307005-488748980-3615762775-1005\$7dc6822517f7ef634ce30f7d6ac6df54\n.) Good: (fastprox.dll) -> Quarantined and repaired successfully.

Folders Detected: 1
C:\Documents and Settings\Valo\Application Data\hellomoto (Trojan.Ransom.FGen) -> Quarantined and deleted successfully.

Files Detected: 9
C:\RECYCLER\S-1-5-21-891307005-488748980-3615762775-1005\$7dc6822517f7ef634ce30f7d6ac6df54\n (Trojan.Agent.MRGGen) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-18\$7dc6822517f7ef634ce30f7d6ac6df54\n (Trojan.Agent.MRGGen) -> Delete on reboot.
C:\RECYCLER\S-1-5-18\$7dc6822517f7ef634ce30f7d6ac6df54\U\00000004.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-18\$7dc6822517f7ef634ce30f7d6ac6df54\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-18\$7dc6822517f7ef634ce30f7d6ac6df54\U\000000cb.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-18\$7dc6822517f7ef634ce30f7d6ac6df54\U\80000000.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-18\$7dc6822517f7ef634ce30f7d6ac6df54\U\80000032.@ (Trojan.0Access) -> Quarantined and deleted successfully.
C:\Documents and Settings\Valo\Application Data\hellomoto\TujP.dat (Trojan.Ransom.FGen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Valo\Application Data\hellomoto\BukF.dat (Trojan.Ransom.FGen) -> Quarantined and deleted successfully.

(end)

#11 Vcali

Vcali
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 08 October 2012 - 12:22 PM

Here is the mini tool box:


MiniToolBox by Farbar Version: 23-07-2012
Ran by Valo (administrator) on 08-10-2012 at 10:19:42
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

NETGEAR RangeMax™ Wireless USB 2.0 Adapter WPN111 = Wireless Network Connection (Connected)
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Media disconnected)
SMC EZ Card 10/100 PCI (SMC1211TX) = Local Area Connection 2 (Media disconnected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : Val

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Broadcast

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection 2:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : SMC EZ Card 10/100 PCI (SMC1211TX)

Physical Address. . . . . . . . . : 00-10-B5-9B-F7-28



Ethernet adapter Local Area Connection:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-E0-18-B0-44-B7



Ethernet adapter Wireless Network Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : NETGEAR RangeMax™ Wireless USB 2.0 Adapter WPN111

Physical Address. . . . . . . . . : 00-18-4D-34-86-CF

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 10.0.0.3

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 10.0.0.1

DHCP Server . . . . . . . . . . . : 10.0.0.1

DNS Servers . . . . . . . . . . . : 10.0.0.1

Lease Obtained. . . . . . . . . . : Monday, October 08, 2012 10:04:20 AM

Lease Expires . . . . . . . . . . : Tuesday, October 09, 2012 5:58:26 AM

Server: UnKnown
Address: 10.0.0.1

Name: google.com
Addresses: 74.125.224.198, 74.125.224.199, 74.125.224.200, 74.125.224.201
74.125.224.206, 74.125.224.192, 74.125.224.193, 74.125.224.194, 74.125.224.195
74.125.224.196, 74.125.224.197



Pinging google.com [74.125.239.5] with 32 bytes of data:



Reply from 74.125.239.5: bytes=32 time=49ms TTL=54

Reply from 74.125.239.5: bytes=32 time=49ms TTL=54



Ping statistics for 74.125.239.5:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 49ms, Maximum = 49ms, Average = 49ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 10.0.0.1

Name: yahoo.com
Addresses: 98.139.183.24, 72.30.38.140, 98.138.253.109



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=906ms TTL=51

Reply from 72.30.38.140: bytes=32 time=824ms TTL=51



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 824ms, Maximum = 906ms, Average = 865ms

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 10.0.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 10 b5 9b f7 28 ...... SMC EZ Card 10/100 PCI (SMC1211TX) - Packet Scheduler Miniport
0x3 ...00 e0 18 b0 44 b7 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
0x4 ...00 18 4d 34 86 cf ...... NETGEAR RangeMax™ Wireless USB 2.0 Adapter WPN111 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.3 25
10.0.0.0 255.255.255.0 10.0.0.3 10.0.0.3 25
10.0.0.3 255.255.255.255 127.0.0.1 127.0.0.1 25
10.255.255.255 255.255.255.255 10.0.0.3 10.0.0.3 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.0.0.3 10.0.0.3 25
255.255.255.255 255.255.255.255 10.0.0.3 2 1
255.255.255.255 255.255.255.255 10.0.0.3 3 1
255.255.255.255 255.255.255.255 10.0.0.3 10.0.0.3 1
Default Gateway: 10.0.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
Catalog9 11 mswsock.dll [File Not found] ()
Catalog9 12 mswsock.dll [File Not found] ()
Catalog9 13 mswsock.dll [File Not found] ()
Catalog9 14 mswsock.dll [File Not found] ()
Catalog9 15 mswsock.dll [File Not found] ()
Catalog9 16 mswsock.dll [File Not found] ()
Catalog9 17 mswsock.dll [File Not found] ()
Catalog9 18 mswsock.dll [File Not found] ()
Catalog9 19 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/08/2012 05:58:40 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (10/08/2012 05:07:39 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (10/07/2012 01:14:09 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: There is not enough space on the disk.

Error: (10/07/2012 01:14:08 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: There is not enough space on the disk.

Error: (10/07/2012 01:14:08 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: There is not enough space on the disk.

Error: (10/07/2012 01:14:08 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: There is not enough space on the disk.

Error: (10/07/2012 01:14:07 AM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: There is not enough space on the disk.

Error: (10/06/2012 05:03:02 AM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (10/02/2012 03:08:11 PM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.

Error: (09/30/2012 11:56:39 PM) (Source: WinMgmt) (User: )
Description: WinMgmt could not initialize the core parts. This could be due to a badly installed version of WinMgmt, WinMgmt repository upgrade failure, insufficient disk space or insufficient memory.


System errors:
=============
Error: (10/08/2012 10:05:37 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (10/08/2012 10:05:37 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
avgio
avipbb
DMICall
Fips
intelppm
ohci1394
ssmdrv

Error: (10/08/2012 10:04:47 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (10/08/2012 10:02:47 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (10/08/2012 05:58:33 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (10/08/2012 05:56:45 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (10/08/2012 05:21:59 AM) (Source: DCOM) (User: VAL)
Description: DCOM got error "%%1084" attempting to start the service MSIServer with arguments ""
in order to run the server:
{000C101C-0000-0000-C000-000000000046}

Error: (10/08/2012 05:19:20 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (10/08/2012 05:18:50 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (10/08/2012 05:07:33 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}


Microsoft Office Sessions:
=========================
Error: (10/08/2012 05:58:40 AM) (Source: WinMgmt)(User: )
Description:

Error: (10/08/2012 05:07:39 AM) (Source: WinMgmt)(User: )
Description:

Error: (10/07/2012 01:14:09 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThere is not enough space on the disk.

Error: (10/07/2012 01:14:08 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThere is not enough space on the disk.

Error: (10/07/2012 01:14:08 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThere is not enough space on the disk.

Error: (10/07/2012 01:14:08 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThere is not enough space on the disk.

Error: (10/07/2012 01:14:07 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabThere is not enough space on the disk.

Error: (10/06/2012 05:03:02 AM) (Source: WinMgmt)(User: )
Description:

Error: (10/02/2012 03:08:11 PM) (Source: WinMgmt)(User: )
Description:

Error: (09/30/2012 11:56:39 PM) (Source: WinMgmt)(User: )
Description:


=========================== Installed Programs ============================

Adobe Acrobat 5.0 (Version: 5.0)
Adobe Flash Player 11 ActiveX (Version: 11.1.102.62)
Apple Application Support (Version: 1.1.0)
Apple Mobile Device Support (Version: 2.6.0.32)
Apple Software Update (Version: 2.1.1.116)
Avira AntiVir Personal - Free Antivirus
Bonjour (Version: 1.0.106)
DVgate
Experience Vaio
File Type Assistant
ImageStation Demo
ImageStation Tour
iTunes (Version: 9.0.2.25)
Java Auto Updater (Version: 2.1.5.3)
Java™ 7 Update 2 (Version: 7.0.20)
Lucent Technologies Soft Modem AMR
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Motion JPEG Software Decoder
MovieShaker 3.3
Music Visualizer Library 1.4.00
NETGEAR RangeMax™ Wireless USB 2.0 Adapter WPN111 (Version: 1.0.0)
Network Smart Capture
NVIDIA Windows 2000/XP Display Drivers
OpenMG Secure Module 3.1
PicoPlayer Demo
PicoPlayerSplashScreen
QuickTime (Version: 7.65.17.80)
RealProducer Basic 8.5
Secunia PSI (3.0.0.4001) (Version: 3.0.0.4001)
SiS Compatible VGA V2.09a
SonicStage 1.5.00
Sony Certificate PCH
Sony DV Shared Library
Sony on Yahoo! Essentials
Support Actions WinXP
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB978207) (Version: 1)
USB PC Camera (SN9C103) (Version: 4.6.6.1)
VAIO Action Setup
VAIO Brezza Wallpaper
VAIO Grid Wallpaper
VAIO Help & Support
VAIO Media 2.0
VAIO Media Installer 2.0
VAIO Media Music Server 2.0
VAIO Media Photo Server 2.0
VAIO Media Platform 2.0
VAIO Registration (Version: 4.0.8)
VAIO Serenus Wallpaper
VAIO Support
WebFldrs XP (Version: 9.50.5318)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Memory info: ===================================

Percentage of memory in use: 47%
Total physical RAM: 479.53 MB
Available physical RAM: 250.21 MB
Total Pagefile: 1125.8 MB
Available Pagefile: 995.12 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.34 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:18.64 GB) (Free:0.32 GB) NTFS
3 Drive d: (Lexar) (Removable) (Total:7.32 GB) (Free:6.94 GB) FAT32

========================= Users: ========================================

User accounts for \\VAL

Administrator Guest HelpAssistant
SUPPORT_388945a0 Valo

========================= Restore Points ==================================


**** End of log ****

#12 Vcali

Vcali
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 08 October 2012 - 12:25 PM

Farbar log:


Farbar Service Scanner Version: 07-10-2012
Ran by Valo (administrator) on 08-10-2012 at 10:24:24
Running from "C:\Documents and Settings\Valo\Local Settings\Temporary Internet Files\Content.IE5\Z6DEEKR5"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of sharedaccess. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of sharedaccess. The value does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open sharedaccess registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice service is OK.

sr Service is not running. Checking service configuration:
The start type of sr service is set to Disabled. The default start type is Boot.
The ImagePath of sr: "\SystemRoot\System32\DRIVERS\sr.sys".


System Restore Disabled Policy:
========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=DWORD:1


Security Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\System32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\System32\es.dll".


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
AegisP(8) Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000005000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****

Edited by Vcali, 08 October 2012 - 12:26 PM.


#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:41 PM

Posted 08 October 2012 - 12:26 PM

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#14 Vcali

Vcali
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 08 October 2012 - 12:40 PM

After running the adware cleaner it asked me to reboot the computer and the log would come up after reboot, however it did not come up after reboot maybe because i rebooted into safemode. Also when I tried to download the junkware removal tool it game me the 404 page not found, i tried a few times and got the same message 404 page not found. So now I will do the last step that you just posted. Thank you

#15 Vcali

Vcali
  • Topic Starter

  • Members
  • 79 posts
  • OFFLINE
  •  
  • Local time:09:41 AM

Posted 08 October 2012 - 12:45 PM

Here is the log for autoruns:


"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "avgnt" "Antivirus System Tray Tool" "Avira GmbH" "c:\program files\avira\antivir desktop\avgnt.exe"
+ "ezShieldProtector for Px" "ezSP_Px MFC Application" "Easy Systems Japan Ltd." "c:\windows\system32\ezsp_px.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "LTSMMSG" "SoftModem Messaging Applet" "Lucent Technologies" "c:\windows\ltsmmsg.exe"
+ "NvCplDaemon" "NVIDIA Taskbar Utility Library" "NVIDIA Corporation" "c:\windows\system32\nvqtwk.dll"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "SiSUSBRG" "SiSUSBrg" "Silicon Integrated Systems Corp." "c:\windows\sisusbrg.exe"
+ "SNPSTD2" "CameraMonitor MFC Application" "" "c:\windows\vsnpstd2.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "ZTgServerSwitch" "" "" "c:\program files\support.com\client\lserver\server.vbs"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "Malwarebytes Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamgui.exe"
+ "Malwarebytes Anti-Malware (cleanup)" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\documents and settings\all users\application data\malwarebytes\malwarebytes' anti-malware\cleanup.dll"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup" "" "" ""
+ "NETGEAR WPN111 Smart Wizard.lnk" "Netgear MFC Application" "NETGEAR" "c:\program files\netgear\wpn111\wpn111.exe"
+ "Secunia PSI Tray.lnk" "Secunia PSI Tray" "Secunia" "c:\program files\secunia\psi\psi_tray.exe"
+ "VAIO Action Setup (Server).lnk" "VAServ Application" "Sony Corporation" "c:\program files\sony\vaio action setup\vaserv.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 5" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce" "" "" ""
+ "FlashPlayerUpdate" "AdobeŽ FlashŽ Player Installer/Uninstaller 11.1 r102" "Adobe Systems, Inc." "c:\windows\system32\macromed\flash\flashutil11f_activex.exe"
+ "Report" "" "" "c:\adwcleaner[s1].txt"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Shell Extension for Malware scanning" "AntiVirus context menu" "Avira GmbH" "c:\program files\avira\antivir desktop\shlext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "Shell Extension for Malware scanning" "AntiVirus context menu" "Avira GmbH" "c:\program files\avira\antivir desktop\shlext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "AcroIEHlprObj Class" "AcroIEHelper Module" "" "c:\program files\adobe\acrobat 5.0\reader\activex\acroiehelper.ocx"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Oracle Corporation" "c:\program files\java\jre7\bin\jp2ssv.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "FreeFileViewerUpdateChecker.job" "" "" "File not found: C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe"
+ "ProgramUpdateCheck.job" "Find software to open your files" "Trusted Software ApS" "c:\program files\file type assistant\tsassist.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AntiVirSchedulerService" "Service to schedule Avira AntiVir Personal - Free Antivirus jobs and updates." "Avira GmbH" "c:\program files\avira\antivir desktop\sched.exe"
+ "AntiVirService" "Offers permanent protection against viruses and malware with the AntiVir search engine." "Avira GmbH" "c:\program files\avira\antivir desktop\avguard.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe"
+ "AppMgmt" "Provides software installation services such as Assign, Publish, and Remove." "" "File not found: C:\WINDOWS\System32\appmgmts.dll"
+ "Bonjour Service" "Bonjour allows applications like iTunes and Safari to advertise and discover services on the local network. Having Bonjour running enables you to connect to hardware devices like Apple TV and software services like iTunes sharing and AirTunes. If you disable Bonjour, any network service that explicitly depends on it will fail to start." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Oracle Corporation" "c:\program files\java\jre7\bin\jqs.exe"
+ "NVSvc" "NVIDIA Driver Helper Service, Version 30.82" "NVIDIA Corporation" "c:\windows\system32\nvsvc32.exe"
+ "Secunia PSI Agent" "Performs routine software inspections of the system, the results of which can be seen in your Secunia PSI" "Secunia" "c:\program files\secunia\psi\psia.exe"
+ "SPTISRV" "SPTISRV Module" "Sony Corporation" "c:\program files\common files\sony shared\avlib\sptisrv.exe"
+ "VAIOMediaPlatform-MusicServer-AppServer" "VAIO Media Music Server" "Sony Corporation" "c:\program files\sony\vaio media music server\sssvr.exe"
+ "VAIOMediaPlatform-MusicServer-HTTP" "" "" "File not found: C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\sv_httpd.exe"
+ "VAIOMediaPlatform-MusicServer-UPnP" "Sony UPnP Framework" "Sony Corporation" "c:\program files\common files\sony shared\vaio media platform\upnpframework.exe"
+ "VAIOMediaPlatform-PhotoServer-AppServer" "Photo Application Server" "" "c:\program files\sony\photo server 20\appsrv\picappsrv.exe"
+ "VAIOMediaPlatform-PhotoServer-HTTP" "" "" "File not found: C:\Program Files\Common Files\Sony Shared\VAIO Media Platform\SV_Httpd.exe"
+ "VAIOMediaPlatform-PhotoServer-UPnP" "Sony UPnP Framework" "Sony Corporation" "c:\program files\common files\sony shared\vaio media platform\upnpframework.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "A2DDA" "Emsisoft Direct Disk Access Support Driver" "Emsi Software GmbH" "d:\emsisoftemergencykit\run\a2ddax86.sys"
+ "AegisP" "AEGIS Protocol (IEEE 802.1x) v3.4.10.0" "Meetinghouse Data Communications" "c:\windows\system32\drivers\aegisp.sys"
+ "avgio" "Avira AntiVir Support for Minifilter" "Avira GmbH" "c:\program files\avira\antivir desktop\avgio.sys"
+ "avgntflt" "Avira files mini-filter driver" "Avira GmbH" "c:\windows\system32\drivers\avgntflt.sys"
+ "avipbb" "Avira's Driver for RootKit Detection" "Avira GmbH" "c:\windows\system32\drivers\avipbb.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "DMICall" "Windows 2000 DMI Call Kernel Driver" "Sony Corporation" "c:\windows\system32\drivers\dmicall.sys"
+ "DNINDIS5" "PCAUSA NDIS 5.0 Protocol Driver" "Printing Communications Assoc., Inc. (PCAUSA)" "c:\windows\system32\dnindis5.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "LucentSoftModem" "SoftModem Device Driver" "Lucent Technologies" "c:\windows\system32\drivers\ltsm.sys"
+ "nv" "NVIDIA Compatible Windows 2000 Miniport Driver, Version 30.82 " "NVIDIA Corporation" "c:\windows\system32\drivers\nv4_mini.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "PxHelper Device Driver for Windows 2000" "VERITAS Software, Inc." "c:\windows\system32\drivers\pxhelp20.sys"
+ "rtl8139" "Realtek RTL8139 NDIS 5.0 Driver" "Realtek Semiconductor Corporation" "c:\windows\system32\drivers\rtl8139.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiS315" "SiS Compatible Super VGA Driver" "Silicon Integrated Systems Corporation" "c:\windows\system32\drivers\sisgrp.sys"
+ "sisagp" "SiS NT AGP Filter" "Silicon Integrated Systems Corporation" "c:\windows\system32\drivers\sisagp.sys"
+ "SiSkp" "" "" "c:\windows\system32\drivers\srvkp.sys"
+ "snpstd2" "PC Camera driver" "" "c:\windows\system32\drivers\snpstd2.sys"
+ "soma" "Sony Advanced Encoder Board(KernelStreaming)" "Sony Corporation" "c:\windows\system32\drivers\soma.sys"
+ "SONYWBMS" "Sony Memory Stick I/F Controller" "Sony Corporation" "c:\windows\system32\drivers\sonywbms.sys"
+ "ssmdrv" "Avira Snapshot Driver" "Avira GmbH" "c:\windows\system32\drivers\ssmdrv.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "WDM_YAMAHAAC97" "YAMAHA AC-XG WDM" "YAMAHA CORPORATION" "c:\windows\system32\drivers\yacxgc.sys"
+ "WPN111" "Driver for Atheros AR5005 Wireless USB Network Adapter" "Atheros Communications, Inc." "c:\windows\system32\drivers\wpn111.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.atrac3" "ATRAC3 CODEC for MSACM" "Sony Corporation" "c:\windows\system32\atrac3.acm"
+ "msacm.iac2" "IndeoŽ audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "CinepakŽ Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "VIDC.dvsd" "Video for Windows driver for DV" "Sony Corporation" "c:\program files\common files\sony shared\dvlib\sonydv.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel IndeoŽ Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel IndeoŽ video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "VIDC.MJPG" "Video for Windows driver for MJPG" "Sony Corporation" "c:\windows\system32\sonymjpg.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "IndeoŽ video 4.4 Compression Filter" "Intel IndeoŽ Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "IndeoŽ video 4.4 Compression Filter" "Intel IndeoŽ Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "IndeoŽ video 4.4 Decompression Filter" "Intel IndeoŽ Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "IndeoŽ video 4.4 Decompression Filter" "Intel IndeoŽ Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Sony MPEG2 TS Splitter" "Sample" "Sony Corporation" "c:\program files\sony\movieshaker\tssplt.ax"
+ "Sony MPEG2 TS Splitter" "Sample" "Sony Corporation" "c:\program files\sony\movieshaker\tssplt.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "AudioWriter" "Sony Audio Writer Filter" "Sony Corporation" "c:\program files\common files\sony shared\avlib\sonyaudiowriter.ax"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Effect Filter - After Image" "Effect Filter - After Image" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\afterimage.ax"
+ "Effect Filter - Auto Shutter" "Effect Filter - Auto Shutter" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\shutter.ax"
+ "Effect Filter - Change Faces" "Effect Filter - Change Faces" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\swap.ax"
+ "Effect Filter - Date" "Effect Filter - Date" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\date.ax"
+ "Effect Filter - Digital Zoom" "Effect Filter - Digital Zoom" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\zoom.ax"
+ "Effect Filter - Gold" "Effect Filter - Gold" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\gold.ax"
+ "Effect Filter - Old Films" "Effect Filter - Old Films" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\oldfilm.ax"
+ "Effect Filter - Sphere" "Effect Filter - Sphere" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\sphere.ax"
+ "Effect Filter - Spiral" "Effect Filter - Spiral" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\spiral.ax"
+ "Effect Filter - Spotlight" "Effect Filter - Spotlight" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\spotlight.ax"
+ "Effect Filter - Zigzag" "Effect Filter - Zigzag" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\zigzag.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "GraphicEq" "Graphic Equalizer Filter" "Sony Corporation" "c:\program files\common files\sony shared\avlib\graphiceq.ax"
+ "HTTP Source (Async)" "HTTP source filter" "Sony Corporation" "c:\program files\common files\sony shared\avlib\httpsrcflt.ax"
+ "Indeo Video ® 5.1 Progressive Download Source" "Intel IndeoŽ video IVF Source Filter 5.10" "Intel Corporation" "c:\windows\system32\ivfsrc.ax"
+ "IndeoŽ audio software" "IndeoŽ audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "IndeoŽ video 5.10 Compression Filter" "Intel IndeoŽ video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "IndeoŽ video 5.10 Decompression Filter" "Intel IndeoŽ video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Movie Effector Basic Color" "Effect Filter - Basic Color" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\primary.ax"
+ "Movie Effector Black & White" "Effect Filter - Black & White" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\mono.ax"
+ "Movie Effector Emboss" "Effect Filter - Emboss" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\emboss.ax"
+ "Movie Effector Frame" "Effect Filter - Frame" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\bmpoverlay.ax"
+ "Movie Effector Mirror" "Effect Filter - Mirror" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\mirror.ax"
+ "Movie Effector Mosaic" "Effect Filter -Mosaic" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\mosaic.ax"
+ "Movie Effector Negative" "Effect Filter - Negative" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\nega.ax"
+ "Movie Effector Outline" "Effect Filter - Outline" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\edge.ax"
+ "Movie Effector Painting" "Movie Effector - Painting" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\illust.ax"
+ "Movie Effector Sepia" "Effect Filter - Sepia" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\sepia.ax"
+ "Movie Effector Soft Focus" "Effect Filter - Soft Focus" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\softfocus.ax"
+ "Movie Effector Wave" "Effect Filter - Wave" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\effects\wave.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "Null Renderer" "Sony Null Renderer" "Sony Corporation" "c:\program files\sony\movieshaker\nullrnd.ax"
+ "OpenMG Async. File Source" "OpenMG Async. File Source" "Sony Corporation" "c:\program files\common files\sony shared\avlib\omgafs.ax"
+ "OpenMG Audio Decrypt" "OpenMG Decrypt Filter" "Sony Corporation" "c:\program files\common files\sony shared\openmg\omgdec.ax"
+ "OpenMG OmgSource Filter" "OpenMG OmgSource Filter" "Sony Corporation" "c:\program files\common files\sony shared\openmg\omgsrc.ax"
+ "PCM Parser" "PCM Parser" "Sony Corporation" "c:\program files\common files\sony shared\avlib\pcmparser.ax"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Resizing Filter" "Resizing Filter" "Sony Corporation" "c:\program files\common files\sony shared\dvlib\dvresize.ax"
+ "SAL Input Converter" "SAL Input Converter Source Filter" "Sony Corporation" "c:\program files\common files\sony shared\openmg\saliconv.ax"
+ "SAL Output Converter" "SAL Output Converter RendererFilter" "Sony Corporation" "c:\program files\common files\sony shared\openmg\saloconv.ax"
+ "ShotBoundaryDet" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Sony Audio CD Source Filter" "OpenMG CdSource Filter" "Sony Corporation" "c:\program files\common files\sony shared\avlib\cdsrc.ax"
+ "Sony DV Stamper" "Sony DV MediaSample Time Stamper" "Sony Corporation" "c:\program files\sony\movieshaker\dvstamp.ax"
+ "SONY DV Video Decoder" "Sony DV Video Decoder" "Sony Corporation" "c:\program files\common files\sony shared\dvlib\sdvvd.ax"
+ "Sony Infinite Pin Tee" "Sony Infinite Tee Filter" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\sinftee.ax"
+ "Sony IpScope" "IpScope2" "Sony Corporation" "c:\program files\common files\sony shared\avlib\ipscope2.ax"
+ "Sony MPEG Audio Decoder" "Sony MPEG Audio Decoder" "Sony Corporation" "c:\program files\common files\sony shared\mpeglib\smad.ax"
+ "Sony MPEG Audio Decoder TN" "Sony MPEG Audio Decoder TN" "Sony Corporation" "c:\program files\sony\movieshaker\smadtn.ax"
+ "SONY MPEG Video Decoder" "Sony MPEG Video Decoder" "Sony Corporation" "c:\program files\common files\sony shared\mpeglib\smvd.ax"
+ "SONY MPEG Video Decoder" "Sony MPEG Video Decoder TN" "Sony Corporation" "c:\program files\sony\movieshaker\smvdtn.ax"
+ "Sony MPEG2 Transform and File Writer" "Sony MPEG2-TS File Writer" "Sony Corporation" "c:\program files\sony\movieshaker\m2tstnw.ax"
+ "Sony MPEG2-TS SPH" "MPEG-TS stream Convertion" "Sony Corporation" "c:\program files\sony\movieshaker\sph.ax"
+ "Sony Mstc" "" "" "c:\program files\common files\sony shared\avlib\sep\sepflt.dll"
+ "Sony MultiFile TS/rawDV Source (Async.)" "multasync" "Sony Corporation" "c:\program files\sony\movieshaker\multasync.ax"
+ "Sony raw DV Puller" "Sony RAWDV Pull&Tee Filter" "Sony Corporation" "c:\program files\sony\movieshaker\rawdvtee.ax"
+ "Sony raw DV tee" "Sony RAWDV Tee Filter" "Sony Corporation" "c:\program files\sony\movieshaker\dvtee.ax"
+ "Sony rawDV File Writer" "Sony rawDV File Writer" "Sony Corporation" "c:\program files\sony\movieshaker\rawdvwtr.ax"
+ "Sony SCL BSCamera Filter" "Filter for DirectShow Camera Capture Application" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\bscamerafilter.ax"
+ "Sony SCL BufferRenderAudio Filter" "Sony Buffer Render Audio Filter" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\bufferrenderaudio.ax"
+ "Sony SCL BufferRenderVideo Filter" "Sony Buffer Render Video Filter" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\bufferrendervideo.ax"
+ "Sony SCL Flip" "Flip Filter" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\leftright.ax"
+ "Sony SCL FrameRateTrans Filter" "Sony Frame Rate Trans Filter" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\frameratetrans.ax"
+ "Sony SCL Media Source Filter" "Sony Media Source Filter" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\smsrcfilter.ax"
+ "Sony SCL MpegFilter" "Sony MPEG Encode Filter " "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\smpegenc.ax"
+ "Sony SCL RGB2YUY Filter" "Sony RGB2YUY Filter" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\rgb2yuy.ax"
+ "Sony SCL Smart DV Audio Decoder" "DV Audio Decoder for Smart Capture" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\smartdvad.ax"
+ "Sony SCL Smart DV Video Decoder" "DV Video Decoder for Smart Capture" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\smartdvvd.ax"
+ "Sony SCL Still Capture Filter" "Still Capture Filter for Smart Capture" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\stillcap.ax"
+ "Sony SCL Still Capture TransformFilter" "Still Capture TransformFilter for Smart Capture" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\stillcap2.ax"
+ "Sony SCL YUV to RGB" "Sony Software Codec Filter DLL" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\yuvtorgb.ax"
+ "Sony SCL YUV to RGB24" "YUY2 to RGB24 Filter" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\yuvtorgb24.ax"
+ "Sony SCL YUY2 Resize Filter" "Sony YUY2 Resize Filter" "Sony Corporation" "c:\program files\common files\sony shared\smart capture library\yuy2_resize.ax"
+ "Sony Tsm Filter" "ToScrapMusic Filter" "Sony Corporation" "c:\program files\common files\sony shared\visualizer\tsm.ax"
+ "SonyMSAConv" "OpenMG Converter Filter" "Sony Corporation" "c:\program files\common files\sony shared\avlib\sonycdsrcwriter.ax"
+ "SonyMSAConv" "OpenMG Converter Filter" "Sony Corporation" "c:\program files\common files\sony shared\avlib\sonymsaconverter3.ax"
+ "StdOut" "File Dump Filte" "Sony Corporation" "c:\program files\common files\sony shared\avlib\stdout.ax"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Visualizer Source Filter" "Visualizer Source Filter" "Sony Corporation" "c:\program files\common files\sony shared\visualizer\vissrc.ax"
+ "WAV Dest" "" "" "c:\program files\sony\movieshaker\wavdest.ax"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "Windows Media Pad VU Data Grabber" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "YAMAHA AC3 SPDIF Renderer" "AC-3 SPDIF Renderer Filter" "YAMAHA Corporation" "c:\windows\system32\yac3ren.ax"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users